Jest to komputer biurowy i czasami nieźle zamuli. Nie korzystałem nigdy z FRST i czekam na kogoś, kto mi zinterpretuje logi.
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2014
Ran by Andrzej (administrator) on ANDRZEJPC on 29-12-2014 12:42:08
Running from C:\Users\Andrzej\Downloads
Loaded Profile: Andrzej (Available profiles: Andrzej & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\OptionalFeatures.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM…\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM…\Run: [indexSearch] => C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM…\Run: [PaperPort PTD] => C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM…\Run: [PPort12reminder] => C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM…\Run: [PDFHook] => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM…\Run: [PDF5 Registry Controller] => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
HKLM…\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM…\Run: [] => [X]
HKLM…\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKU\S-1-5-21-4176922587-871959860-2980119677-1000…\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
Startup: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\S-1-5-21-4176922587-871959860-2980119677-1000 -> DefaultScope {D3459D43-6580-4DAD-81A7-DF07270ED740} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4176922587-871959860-2980119677-1000 -> {D3459D43-6580-4DAD-81A7-DF07270ED740} URL = https://www.google.com/search?q={searchTerms}
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\yjaag3sb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\yjaag3sb.default\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-15]
FF HKLM…\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> “hxxp://www.google.com”
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Profile: C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-09]
CHR Extension: (Google Wallet) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-16] ()
R3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1282432 2004-12-13] (C-Media Inc.)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl00cb9ca4; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates{DCF73373-DEA5-4441-A28E-6CC9D7CB97E9}\MpKsl00cb9ca4.sys [39464 2014-12-29] (Microsoft Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-29 12:42 - 2014-12-29 12:47 - 00012751 _____ () C:\Users\Andrzej\Downloads\FRST.txt
2014-12-29 12:40 - 2014-12-29 12:43 - 00000000 ____D () C:\FRST
2014-12-29 12:38 - 2014-12-29 12:39 - 01114624 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST.exe
2014-12-29 12:28 - 2014-12-29 12:28 - 00000000 ____D () C:\AdwCleaner
2014-12-29 12:26 - 2014-12-29 12:26 - 02173952 _____ () C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe
2014-12-29 12:02 - 2014-12-29 12:02 - 01577512 _____ ( ) C:\Users\Andrzej\Downloads\cpu-z_1.71-setup-en.exe
2014-12-29 06:38 - 2014-12-29 06:39 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{E00B28BA-A21B-43C7-B5DB-56D59CFD2563}
2014-12-28 11:45 - 2014-12-28 11:45 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{8BBEBD73-C40F-4B5C-AC15-E4E2069C5D1F}
2014-12-24 10:22 - 2014-12-24 10:22 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{2088C089-D900-4010-B0E5-DFB65044C35A}
2014-12-23 06:54 - 2014-12-23 06:54 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{618E51CA-5808-4981-834C-B46F9C1C2CF5}
2014-12-22 06:46 - 2014-12-22 06:46 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{41E2378E-2BC9-4BB3-9180-43B8B793A58F}
2014-12-20 06:43 - 2014-12-20 06:43 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{9F831AE3-D1F4-4C1E-A8AD-02CC7A19F114}
2014-12-19 17:42 - 2014-12-29 06:33 - 00000504 _____ () C:\Windows\setupact.log
2014-12-19 17:42 - 2014-12-19 17:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 07:45 - 2014-12-19 07:45 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{45E154FD-9275-4B33-B645-06A8E731B65D}
2014-12-18 10:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 07:14 - 2014-12-18 07:14 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{4C3E3E6D-89B8-4950-BF39-427863313BA5}
2014-12-17 07:26 - 2014-12-17 07:26 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{38D6892E-66B2-4D84-8288-AC070E59C035}
2014-12-16 15:30 - 2014-12-17 16:04 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-12-16 15:16 - 2014-12-17 16:04 - 00002114 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-16 15:16 - 2014-12-17 16:03 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-16 10:47 - 2014-12-16 10:47 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-16 10:47 - 2014-12-16 10:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-16 06:36 - 2014-12-16 06:36 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{E5C4BDCD-FE4E-4B1B-A0B8-126C13F90522}
2014-12-15 06:28 - 2014-12-15 06:28 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{3081D9ED-EAA0-4017-8B34-2B881412F1A2}
2014-12-12 07:39 - 2014-12-12 07:39 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6AAAF3DE-B913-4900-A40F-8B78FC6884B9}
2014-12-11 06:58 - 2014-12-11 06:58 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6977C171-9146-4C34-8774-C39577ACBBB7}
2014-12-11 06:37 - 2014-12-11 06:37 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 15:51 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:17 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 07:17 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 07:17 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 07:17 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 07:17 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 07:17 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 07:17 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 07:17 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 07:17 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 07:17 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 07:17 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 07:17 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 07:17 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 07:17 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 07:17 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 07:17 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 07:17 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 07:17 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 07:17 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 07:17 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 07:17 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 07:17 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 07:17 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 07:17 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:17 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 07:17 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 07:16 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 07:16 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 07:16 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 07:10 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 07:10 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 07:08 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 07:08 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 07:08 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 07:08 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 07:08 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 07:08 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 07:08 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 07:08 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 07:02 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 07:02 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 07:02 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 07:02 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:02 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:02 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 07:02 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:53 - 2014-12-10 06:54 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{EB7871E0-A7DC-4025-83CD-7EE061946D72}
2014-12-09 07:20 - 2014-12-09 07:20 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{270F7E37-F5AB-48C2-B902-C364DE4A9A83}
2014-12-08 08:20 - 2014-12-17 11:14 - 00000000 ____D () C:\Users\Andrzej\Desktop\spalarnia
2014-12-08 07:34 - 2014-12-08 07:35 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{1D6767F6-5861-44B6-9D99-0CEED6BC33AE}
2014-12-06 06:45 - 2014-12-06 06:46 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{0AFA1695-0A2E-40D4-A937-490FB3BE2BDE}
2014-12-05 06:56 - 2014-12-05 06:56 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{D1CFED72-49FA-4099-9D4F-33BD2C6C49A2}
2014-12-04 07:58 - 2014-12-04 07:58 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{B6A41121-951D-4126-9A36-F5318A814E5E}
2014-12-03 07:51 - 2014-12-03 07:51 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{301BA967-93EF-4496-85A9-37A4DC9ECF6C}
2014-12-02 06:30 - 2014-12-02 06:32 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6EF0110A-635D-4E0C-9687-6956A15D0571}
2014-12-01 08:34 - 2014-12-01 08:34 - 00000135 _____ () C:\Windows\system32\debug.log
2014-12-01 07:24 - 2014-12-01 07:24 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{06F81695-B107-4EC5-9E8B-D3A85D9A4A98}
2014-11-29 06:47 - 2014-11-29 06:47 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{D2CAD072-4A59-4AF6-A6A6-B80DB2ECDDB8}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-29 12:45 - 2009-07-14 09:27 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-12-29 12:24 - 2012-11-30 14:13 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-29 12:24 - 2012-11-30 14:13 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-29 12:08 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-29 12:08 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-29 11:55 - 2012-10-31 07:40 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-29 11:42 - 2014-10-14 12:59 - 01071458 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 10:03 - 2014-10-09 06:13 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\DropboxMaster
2014-12-29 10:03 - 2014-10-09 06:11 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Dropbox
2014-12-29 09:48 - 2012-01-02 15:42 - 01679302 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-29 09:48 - 2009-07-14 09:07 - 00743692 _____ () C:\Windows\system32\perfh015.dat
2014-12-29 09:48 - 2009-07-14 09:07 - 00157306 _____ () C:\Windows\system32\perfc015.dat
2014-12-29 09:07 - 2012-02-29 13:41 - 00000000 ____D () C:\Users\Andrzej\Desktop\Gryfia
2014-12-29 06:33 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 14:30 - 2006-03-05 11:53 - 00000000 ___RD () C:\Program Files.old
2014-12-19 13:50 - 2014-10-27 13:28 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREEN KARMOY
2014-12-18 16:03 - 2014-11-14 11:53 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREEN MAVERIC
2014-12-18 11:32 - 2012-04-05 12:01 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREENY
2014-12-18 11:08 - 2013-07-18 10:30 - 00000000 ____D () C:\Users\Andrzej\Desktop\Dane osobowe
2014-12-16 10:48 - 2012-11-30 14:13 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-16 10:47 - 2014-05-29 09:37 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-16 10:47 - 2014-02-24 08:15 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-16 10:47 - 2013-04-04 13:35 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-16 10:47 - 2013-04-04 13:35 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-16 10:47 - 2012-11-30 14:13 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-16 10:47 - 2012-11-30 14:13 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-16 10:47 - 2012-11-30 14:13 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-15 06:49 - 2012-11-30 14:24 - 00002132 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 06:45 - 2014-11-07 13:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 09:33 - 2012-01-27 07:46 - 00000000 ____D () C:\Users\Andrzej\Desktop\Potwierdzenia 2012
2014-12-11 06:37 - 2014-04-28 14:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 06:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-12-11 06:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 15:50 - 2013-08-14 13:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 15:44 - 2012-01-02 16:19 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 10:55 - 2012-10-31 07:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 10:55 - 2012-01-02 15:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-09 12:59 - 2012-07-10 08:25 - 00000000 ____D () C:\Users\Andrzej\Desktop\Zamówienia i zlecenia
2014-12-08 08:20 - 2012-04-18 08:21 - 00000000 ____D () C:\Users\Andrzej\Desktop\Euroafrica
2014-12-01 08:34 - 2012-01-02 15:59 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Adobe
Some content of TEMP:
====================
C:\Users\Andrzej\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk3sckw.dll
C:\Users\Andrzej\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrzej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-13 09:31
==================== End Of Log ============================
Add
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-12-2014
Ran by Andrzej at 2014-12-29 12:49:38
Running from C:\Users\Andrzej\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with “hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM…\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM…\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM…{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 1.10.8 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Avast Free Antivirus (HKLM…\avast) (Version: 10.0.2208 - AVAST Software)
C-Media High Definition Audio Driver (HKLM…\C-Media Audio Driver) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-4176922587-871959860-2980119677-1000…\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
English Translator 3 Demo (HKLM…\ET3DEMO) (Version: - )
Google Chrome (HKLM…\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
Java 7 Update 51 (HKLM…{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 6.3.0 (HKLM…\KLiteCodecPack_is1) (Version: 6.3.0 - )
Microsoft .NET Framework 4.5.1 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM…{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM…{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM…\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM…{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM…{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM…{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM…{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM…{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM…{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM…{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Sterownik graficzny 307.83 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM…{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation)
Pakiet zgodności dla systemu Office 2007 (HKLM…{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Panel sterowania NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
PaperPort Image Printer (HKLM…{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFCreator (HKLM…{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM…\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Scansoft PDF Professional (Version: - ) Hidden
TeamViewer 5 (HKLM…\TeamViewer 5) (Version: 5.1.10408 - TeamViewer GmbH)
WinRAR 5.11 (32-bitowy) (HKLM…\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
29-12-2014 12:39:32 Instalator modułów systemu Windows
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2014-02-25 11:56 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {20773BB5-F024-4251-9269-3AFC4F3CCA6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
Task: {62B953B8-2542-4B53-90DB-3B3F10023918} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7B6BF19A-1F5A-4AE2-8B2C-F33F6D9A806C} - System32\Tasks{D3D69613-AB0C-4A7B-8A66-6B2F0E95BB1D} => pcalua.exe -a “C:\Program Files.old\English Translator 3\setup.exe” -d “C:\Program Files.old\English Translator 3”
Task: {92F3DBC6-D3D5-42A9-8575-7DE3B6052429} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
Task: {C64299BD-8C20-4376-8A32-8F1B316A77D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {CEEC37BD-5E38-461C-AD9B-3429B30EA5FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-02 16:33 - 2013-01-31 10:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-12-28 11:45 - 2014-12-28 11:46 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122800\algo.dll
2014-12-29 10:05 - 2014-12-29 10:05 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122900\algo.dll
2014-10-21 13:17 - 2001-10-28 15:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2009-11-19 05:01 - 2009-11-19 05:01 - 00022723 _____ () C:\Windows\System32\sugw2l3.dll
2014-12-16 10:47 - 2014-12-16 10:47 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-15 06:49 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-15 06:49 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-15 06:49 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-15 06:49 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-29 12:26 - 2014-12-29 12:26 - 02173952 _____ () C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4176922587-871959860-2980119677-500 - Administrator - Disabled)
Andrzej (S-1-5-21-4176922587-871959860-2980119677-1000 - Administrator - Enabled) => C:\Users\Andrzej
Gość (S-1-5-21-4176922587-871959860-2980119677-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4176922587-871959860-2980119677-1140 - Limited - Enabled)
UpdatusUser (S-1-5-21-4176922587-871959860-2980119677-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/29/2014 00:40:57 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Określone zasoby sieciowe lub urządzenie są już niedostępne. (0x80070037).
Error: (12/29/2014 00:37:44 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: ZARZĄDZANIE NT)
Description: Operacja wykonywania kopii zapasowej rozpoczęta o godzinie 2014-12-29T11:37:43.900000000Z nie powiodła się i został zwrócony następujący kod błędu: 2155347999 (%%2155347999). Przejrzyj szczegóły zdarzenia w celu znalezienia rozwiązania, a następnie po rozwiązaniu problemu uruchom ponownie operację wykonywania kopii zapasowej.
Error: (12/29/2014 10:35:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.
Identyfikator procesu: 6e0
Godzina rozpoczęcia: 01d02328f6d12eb4
Godzina zakończenia: 414
Ścieżka aplikacji: C:\Windows\Explorer.EXE
Identyfikator raportu: 100358e2-8f3e-11e4-bdca-0013d3b48621
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Nie można zainicjować indeksu.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Nie można zainicjować aplikacji.
Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Nie można zainicjować obiektu programu zbierającego.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w <Search.TripoliIndexer>.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Error: (12/19/2014 05:45:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w <Search.JetPropStore>.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800)
Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (12/29/2014 06:40:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Usługa Windows Update zawiesiła się podczas uruchamiania.
Error: (12/29/2014 06:37:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu:
%%1069
Error: (12/29/2014 06:37:07 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%1330
Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).
Error: (12/29/2014 06:36:22 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (12/28/2014 00:31:06 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Produkt %ZARZĄDZANIE NT60 napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.191.798.0
Źródło aktualizacji: %ZARZĄDZANIE NT59
Etap aktualizacji: 4.6.0305.00
Ścieżka źródła: 4.6.0305.01
Typ podpisu: %ZARZĄDZANIE NT602
Typ aktualizacji: %ZARZĄDZANIE NT604
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu: %ZARZĄDZANIE NT605
Poprzednia wersja aparatu: %ZARZĄDZANIE NT606
Kod błędu: %ZARZĄDZANIE NT607
Opis błędu: %ZARZĄDZANIE NT608
Error: (12/28/2014 00:13:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Usługa Windows Update zawiesiła się podczas uruchamiania.
Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu:
%%1069
Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%1330
Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).
Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu:
%%1053
Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate).
Microsoft Office Sessions:
=========================
Error: (12/29/2014 00:40:57 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Określone zasoby sieciowe lub urządzenie są już niedostępne. (0x80070037)
Error: (12/29/2014 00:37:44 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: ZARZĄDZANIE NT)
Description: 2014-12-29T11:37:43.900000000Z2155347999%%2155347999
Error: (12/29/2014 10:35:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175676e001d02328f6d12eb4414C:\Windows\Explorer.EXE100358e2-8f3e-11e4-bdca-0013d3b48621
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (12/19/2014 05:45:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800)
Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 3.06GHz
Percentage of memory in use: 66%
Total physical RAM: 2047.55 MB
Available physical RAM: 681.95 MB
Total Pagefile: 4095.11 MB
Available Pagefile: 2098.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.71 MB
==================== Drives ================================
Drive c: (PCF) (Fixed) (Total:74.52 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Seagate FreeAgent) (Fixed) (Total:465.76 GB) (Free:390.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: FA90AB9A)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: 9B8A069E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================