Komputer wolno chodzi


(G7996095) #1

Jest to komputer biurowy i czasami nieźle zamuli. Nie korzystałem nigdy z FRST i czekam na kogoś, kto mi zinterpretuje logi. 

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2014

Ran by Andrzej (administrator) on ANDRZEJPC on 29-12-2014 12:42:08

Running from C:\Users\Andrzej\Downloads

Loaded Profile: Andrzej (Available profiles: Andrzej & UpdatusUser)

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Polski (Polska)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE

(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

() C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe

(Microsoft Corporation) C:\Windows\System32\wbengine.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Corporation) C:\Windows\System32\OptionalFeatures.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM...\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd

HKLM...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM...\Run: [indexSearch] => C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)

HKLM...\Run: [PaperPort PTD] => C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)

HKLM...\Run: [PPort12reminder] => C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)

HKLM...\Run: [PDFHook] => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)

HKLM...\Run: [PDF5 Registry Controller] => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)

HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)

HKLM...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 96056 2013-05-30

HKLM...\Run: [] => [X]

HKLM...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)

HKU\S-1-5-21-4176922587-871959860-2980119677-1000...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)

Startup: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

SearchScopes: HKU\S-1-5-21-4176922587-871959860-2980119677-1000 -> DefaultScope {D3459D43-6580-4DAD-81A7-DF07270ED740} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-4176922587-871959860-2980119677-1000 -> {D3459D43-6580-4DAD-81A7-DF07270ED740} URL = https://www.google.com/search?q={searchTerms}

BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\yjaag3sb.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Adblock Plus - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\yjaag3sb.default\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-15]

FF HKLM...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com

CHR StartupUrls: Default -> "hxxp://www.google.com"

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File

CHR Profile: C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Adblock Plus) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-15]

CHR Extension: (Avast Online Security) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-09]

CHR Extension: (Google Wallet) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]

CHR HKLM...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll 44544 2008-12-03 [File not signed]

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)

R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll 53760 2008-12-03 [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys 24184 2014-12-16

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-16] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-16] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys 49944 2014-12-16

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-16] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-16] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-16] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys 206248 2014-12-16

R3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1282432 2004-12-13] (C-Media Inc.)

R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc.              )

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)

R1 MpKsl00cb9ca4; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates{DCF73373-DEA5-4441-A28E-6CC9D7CB97E9}\MpKsl00cb9ca4.sys [39464 2014-12-29] (Microsoft Corporation)

S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Realtek Semiconductor Corporation                           )

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-29 12:42 - 2014-12-29 12:47 - 00012751 _____ () C:\Users\Andrzej\Downloads\FRST.txt

2014-12-29 12:40 - 2014-12-29 12:43 - 00000000 ____D () C:\FRST

2014-12-29 12:38 - 2014-12-29 12:39 - 01114624 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST.exe

2014-12-29 12:28 - 2014-12-29 12:28 - 00000000 ____D () C:\AdwCleaner

2014-12-29 12:26 - 2014-12-29 12:26 - 02173952 _____ () C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe

2014-12-29 12:02 - 2014-12-29 12:02 - 01577512 _____ ( ) C:\Users\Andrzej\Downloads\cpu-z_1.71-setup-en.exe

2014-12-29 06:38 - 2014-12-29 06:39 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{E00B28BA-A21B-43C7-B5DB-56D59CFD2563}

2014-12-28 11:45 - 2014-12-28 11:45 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{8BBEBD73-C40F-4B5C-AC15-E4E2069C5D1F}

2014-12-24 10:22 - 2014-12-24 10:22 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{2088C089-D900-4010-B0E5-DFB65044C35A}

2014-12-23 06:54 - 2014-12-23 06:54 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{618E51CA-5808-4981-834C-B46F9C1C2CF5}

2014-12-22 06:46 - 2014-12-22 06:46 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{41E2378E-2BC9-4BB3-9180-43B8B793A58F}

2014-12-20 06:43 - 2014-12-20 06:43 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{9F831AE3-D1F4-4C1E-A8AD-02CC7A19F114}

2014-12-19 17:42 - 2014-12-29 06:33 - 00000504 _____ () C:\Windows\setupact.log

2014-12-19 17:42 - 2014-12-19 17:42 - 00000000 _____ () C:\Windows\setuperr.log

2014-12-19 07:45 - 2014-12-19 07:45 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{45E154FD-9275-4B33-B645-06A8E731B65D}

2014-12-18 10:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-18 07:14 - 2014-12-18 07:14 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{4C3E3E6D-89B8-4950-BF39-427863313BA5}

2014-12-17 07:26 - 2014-12-17 07:26 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{38D6892E-66B2-4D84-8288-AC070E59C035}

2014-12-16 15:30 - 2014-12-17 16:04 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-12-16 15:16 - 2014-12-17 16:04 - 00002114 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-12-16 15:16 - 2014-12-17 16:03 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-12-16 10:47 - 2014-12-16 10:47 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-12-16 10:47 - 2014-12-16 10:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-12-16 06:36 - 2014-12-16 06:36 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{E5C4BDCD-FE4E-4B1B-A0B8-126C13F90522}

2014-12-15 06:28 - 2014-12-15 06:28 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{3081D9ED-EAA0-4017-8B34-2B881412F1A2}

2014-12-12 07:39 - 2014-12-12 07:39 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6AAAF3DE-B913-4900-A40F-8B78FC6884B9}

2014-12-11 06:58 - 2014-12-11 06:58 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6977C171-9146-4C34-8774-C39577ACBBB7}

2014-12-11 06:37 - 2014-12-11 06:37 - 00000000 ____D () C:\Windows\system32\appraiser

2014-12-10 15:51 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-12-10 07:17 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-10 07:17 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-10 07:17 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-10 07:17 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-10 07:17 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-10 07:17 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-10 07:17 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-10 07:17 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-10 07:17 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-10 07:17 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-10 07:17 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-10 07:17 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-10 07:17 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-10 07:17 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-10 07:17 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-10 07:17 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-10 07:17 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-10 07:17 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-10 07:17 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-10 07:17 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-10 07:17 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-10 07:17 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-10 07:17 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-10 07:17 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-10 07:17 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-10 07:17 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-10 07:16 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-10 07:16 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-10 07:16 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-10 07:10 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-10 07:10 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-12-10 07:08 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2014-12-10 07:08 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2014-12-10 07:08 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-10 07:08 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-12-10 07:08 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-10 07:08 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-12-10 07:08 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-10 07:08 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2014-12-10 07:02 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-10 07:02 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe

2014-12-10 07:02 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-12-10 07:02 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2014-12-10 07:02 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-12-10 07:02 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2014-12-10 07:02 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2014-12-10 06:53 - 2014-12-10 06:54 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{EB7871E0-A7DC-4025-83CD-7EE061946D72}

2014-12-09 07:20 - 2014-12-09 07:20 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{270F7E37-F5AB-48C2-B902-C364DE4A9A83}

2014-12-08 08:20 - 2014-12-17 11:14 - 00000000 ____D () C:\Users\Andrzej\Desktop\spalarnia

2014-12-08 07:34 - 2014-12-08 07:35 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{1D6767F6-5861-44B6-9D99-0CEED6BC33AE}

2014-12-06 06:45 - 2014-12-06 06:46 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{0AFA1695-0A2E-40D4-A937-490FB3BE2BDE}

2014-12-05 06:56 - 2014-12-05 06:56 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{D1CFED72-49FA-4099-9D4F-33BD2C6C49A2}

2014-12-04 07:58 - 2014-12-04 07:58 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{B6A41121-951D-4126-9A36-F5318A814E5E}

2014-12-03 07:51 - 2014-12-03 07:51 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{301BA967-93EF-4496-85A9-37A4DC9ECF6C}

2014-12-02 06:30 - 2014-12-02 06:32 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{6EF0110A-635D-4E0C-9687-6956A15D0571}

2014-12-01 08:34 - 2014-12-01 08:34 - 00000135 _____ () C:\Windows\system32\debug.log

2014-12-01 07:24 - 2014-12-01 07:24 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{06F81695-B107-4EC5-9E8B-D3A85D9A4A98}

2014-11-29 06:47 - 2014-11-29 06:47 - 00000000 ____D () C:\Users\Andrzej\AppData\Local{D2CAD072-4A59-4AF6-A6A6-B80DB2ECDDB8}

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-29 12:45 - 2009-07-14 09:27 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy

2014-12-29 12:24 - 2012-11-30 14:13 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-29 12:24 - 2012-11-30 14:13 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-29 12:08 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-29 12:08 - 2009-07-14 05:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-29 11:55 - 2012-10-31 07:40 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-29 11:42 - 2014-10-14 12:59 - 01071458 _____ () C:\Windows\WindowsUpdate.log

2014-12-29 10:03 - 2014-10-09 06:13 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\DropboxMaster

2014-12-29 10:03 - 2014-10-09 06:11 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Dropbox

2014-12-29 09:48 - 2012-01-02 15:42 - 01679302 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-29 09:48 - 2009-07-14 09:07 - 00743692 _____ () C:\Windows\system32\perfh015.dat

2014-12-29 09:48 - 2009-07-14 09:07 - 00157306 _____ () C:\Windows\system32\perfc015.dat

2014-12-29 09:07 - 2012-02-29 13:41 - 00000000 ____D () C:\Users\Andrzej\Desktop\Gryfia

2014-12-29 06:33 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-19 14:30 - 2006-03-05 11:53 - 00000000 ___RD () C:\Program Files.old

2014-12-19 13:50 - 2014-10-27 13:28 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREEN KARMOY

2014-12-18 16:03 - 2014-11-14 11:53 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREEN MAVERIC

2014-12-18 11:32 - 2012-04-05 12:01 - 00000000 ____D () C:\Users\Andrzej\Desktop\GREENY

2014-12-18 11:08 - 2013-07-18 10:30 - 00000000 ____D () C:\Users\Andrzej\Desktop\Dane osobowe

2014-12-16 10:48 - 2012-11-30 14:13 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-12-16 10:47 - 2014-05-29 09:37 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-12-16 10:47 - 2014-02-24 08:15 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-12-16 10:47 - 2013-04-04 13:35 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-12-16 10:47 - 2013-04-04 13:35 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-12-16 10:47 - 2012-11-30 14:13 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-12-16 10:47 - 2012-11-30 14:13 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-12-16 10:47 - 2012-11-30 14:13 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-12-15 06:49 - 2012-11-30 14:24 - 00002132 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-12-12 06:45 - 2014-11-07 13:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-12-11 09:33 - 2012-01-27 07:46 - 00000000 ____D () C:\Users\Andrzej\Desktop\Potwierdzenia 2012

2014-12-11 06:37 - 2014-04-28 14:08 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-11 06:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL

2014-12-11 06:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat

2014-12-10 15:50 - 2013-08-14 13:53 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-10 15:44 - 2012-01-02 16:19 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-12-10 10:55 - 2012-10-31 07:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-12-10 10:55 - 2012-01-02 15:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-12-09 12:59 - 2012-07-10 08:25 - 00000000 ____D () C:\Users\Andrzej\Desktop\Zamówienia i zlecenia

2014-12-08 08:20 - 2012-04-18 08:21 - 00000000 ____D () C:\Users\Andrzej\Desktop\Euroafrica

2014-12-01 08:34 - 2012-01-02 15:59 - 00000000 ____D () C:\Users\Andrzej\AppData\Roaming\Adobe

 

Some content of TEMP:

====================

C:\Users\Andrzej\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk3sckw.dll

C:\Users\Andrzej\AppData\Local\Temp\Quarantine.exe

C:\Users\Andrzej\AppData\Local\Temp\sqlite3.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-13 09:31

 

==================== End Of Log ============================

Add

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-12-2014

Ran by Andrzej at 2014-12-29 12:49:38

Running from C:\Users\Andrzej\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden

Adobe Flash Player 15 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Polish (HKLM...{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Aktualizacje NVIDIA 1.10.8 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)

Avast Free Antivirus (HKLM...\avast) (Version: 10.0.2208 - AVAST Software)

C-Media High Definition Audio Driver (HKLM...\C-Media Audio Driver) (Version:  - )

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKU\S-1-5-21-4176922587-871959860-2980119677-1000...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

English Translator 3 Demo (HKLM...\ET3DEMO) (Version:  - )

Google Chrome (HKLM...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

Java 7 Update 51 (HKLM...{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

K-Lite Mega Codec Pack 6.3.0 (HKLM...\KLiteCodecPack_is1) (Version: 6.3.0 - )

Microsoft .NET Framework 4.5.1 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Polski) (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM...{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Security Essentials (HKLM...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM...{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM...{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Nuance PaperPort 12 (HKLM...{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM...{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)

NVIDIA Sterownik graficzny 307.83 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM...{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation)

Pakiet zgodności dla systemu Office 2007 (HKLM...{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Panel sterowania NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden

PaperPort Image Printer (HKLM...{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 1.00.0001 - Nuance Communications, Inc.)

PDFCreator (HKLM...{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)

Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (HKLM...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Scansoft PDF Professional (Version:  - ) Hidden

TeamViewer 5 (HKLM...\TeamViewer 5) (Version: 5.1.10408  - TeamViewer GmbH)

WinRAR 5.11 (32-bitowy) (HKLM...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4176922587-871959860-2980119677-1000_Classes\CLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

29-12-2014 12:39:32 Instalator modułów systemu Windows

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:04 - 2014-02-25 11:56 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 10sek.com

127.0.0.1 www.10sek.com

127.0.0.1 www.1-2005-search.com

127.0.0.1 1-2005-search.com

127.0.0.1 123fporn.info

127.0.0.1 www.123fporn.info

127.0.0.1 123haustiereundmehr.com

127.0.0.1 www.123haustiereundmehr.com

127.0.0.1 123moviedownload.com

 

There are 1000 more lines.

 

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {20773BB5-F024-4251-9269-3AFC4F3CCA6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)

Task: {62B953B8-2542-4B53-90DB-3B3F10023918} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {7B6BF19A-1F5A-4AE2-8B2C-F33F6D9A806C} - System32\Tasks{D3D69613-AB0C-4A7B-8A66-6B2F0E95BB1D} => pcalua.exe -a "C:\Program Files.old\English Translator 3\setup.exe" -d "C:\Program Files.old\English Translator 3"

Task: {92F3DBC6-D3D5-42A9-8575-7DE3B6052429} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)

Task: {C64299BD-8C20-4376-8A32-8F1B316A77D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)

Task: {CEEC37BD-5E38-461C-AD9B-3429B30EA5FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-01-02 16:33 - 2013-01-31 10:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll

2014-12-28 11:45 - 2014-12-28 11:46 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122800\algo.dll

2014-12-29 10:05 - 2014-12-29 10:05 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122900\algo.dll

2014-10-21 13:17 - 2001-10-28 15:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll

2009-11-19 05:01 - 2009-11-19 05:01 - 00022723 _____ () C:\Windows\System32\sugw2l3.dll

2014-12-16 10:47 - 2014-12-16 10:47 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-12-15 06:49 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

2014-12-15 06:49 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll

2014-12-15 06:49 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll

2014-12-15 06:49 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

2014-12-29 12:26 - 2014-12-29 12:26 - 02173952 _____ () C:\Users\Andrzej\Downloads\adwcleaner_4.106.exe

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-4176922587-871959860-2980119677-500 - Administrator - Disabled)

Andrzej (S-1-5-21-4176922587-871959860-2980119677-1000 - Administrator - Enabled) => C:\Users\Andrzej

Gość (S-1-5-21-4176922587-871959860-2980119677-501 - Limited - Enabled)

HomeGroupUser$ (S-1-5-21-4176922587-871959860-2980119677-1140 - Limited - Enabled)

UpdatusUser (S-1-5-21-4176922587-871959860-2980119677-1001 - Limited - Enabled) => C:\Users\UpdatusUser

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/29/2014 00:40:57 PM) (Source: Windows Backup) (EventID: 4104) (User: )

Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Określone zasoby sieciowe lub urządzenie są już niedostępne. (0x80070037).

 

Error: (12/29/2014 00:37:44 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: ZARZĄDZANIE NT)

Description: Operacja wykonywania kopii zapasowej rozpoczęta o godzinie 2014-12-29T11:37:43.900000000Z nie powiodła się i został zwrócony następujący kod błędu: 2155347999 (%%2155347999). Przejrzyj szczegóły zdarzenia w celu znalezienia rozwiązania, a następnie po rozwiązaniu problemu uruchom ponownie operację wykonywania kopii zapasowej.

 

Error: (12/29/2014 10:35:55 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

 

Identyfikator procesu: 6e0

 

Godzina rozpoczęcia: 01d02328f6d12eb4

 

Godzina zakończenia: 414

 

Ścieżka aplikacji: C:\Windows\Explorer.EXE

 

Identyfikator raportu: 100358e2-8f3e-11e4-bdca-0013d3b48621

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Nie można zainicjować indeksu.

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Nie można zainicjować aplikacji.

 

Kontekst: aplikacja Windows

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Nie można zainicjować obiektu programu zbierającego.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w .

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)

 

Error: (12/19/2014 05:45:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w .

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Baza danych indeksów zawartości jest uszkodzona.  (HRESULT : 0xc0041800) (0xc0041800)

 

Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt.

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

 

System errors:

=============

Error: (12/29/2014 06:40:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Usługa Windows Update zawiesiła się podczas uruchamiania.

 

Error: (12/29/2014 06:37:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: 

%%1069

 

Error: (12/29/2014 06:37:07 AM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 

%%1330

 

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

 

Error: (12/29/2014 06:36:22 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )

Description: WMPNetworkSvc0x80004005

 

Error: (12/28/2014 00:31:06 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: Produkt %ZARZĄDZANIE NT60 napotkał błąd podczas próby aktualizacji podpisów.

 

Nowa wersja podpisu: 

 

Poprzednia wersja podpisu: 1.191.798.0

 

Źródło aktualizacji: %ZARZĄDZANIE NT59

 

Etap aktualizacji: 4.6.0305.00

 

Ścieżka źródła: 4.6.0305.01

 

Typ podpisu: %ZARZĄDZANIE NT602

 

Typ aktualizacji: %ZARZĄDZANIE NT604

 

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Bieżąca wersja aparatu: %ZARZĄDZANIE NT605

 

Poprzednia wersja aparatu: %ZARZĄDZANIE NT606

 

Kod błędu: %ZARZĄDZANIE NT607

 

Opis błędu: %ZARZĄDZANIE NT608

 

Error: (12/28/2014 00:13:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Usługa Windows Update zawiesiła się podczas uruchamiania.

 

Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: 

%%1069

 

Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 

%%1330

 

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

 

Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: 

%%1053

 

Error: (12/28/2014 00:10:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate).

 

 

Microsoft Office Sessions:

=========================

Error: (12/29/2014 00:40:57 PM) (Source: Windows Backup) (EventID: 4104) (User: )

Description: Określone zasoby sieciowe lub urządzenie są już niedostępne. (0x80070037)

 

Error: (12/29/2014 00:37:44 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: ZARZĄDZANIE NT)

Description: 2014-12-29T11:37:43.900000000Z2155347999%%2155347999

 

Error: (12/29/2014 10:35:55 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Explorer.EXE6.1.7601.175676e001d02328f6d12eb4414C:\Windows\Explorer.EXE100358e2-8f3e-11e4-bdca-0013d3b48621

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Kontekst: aplikacja Windows

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/19/2014 05:45:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer

 

Error: (12/19/2014 05:45:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Search.JetPropStore

 

Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Baza danych indeksów zawartości jest uszkodzona.  (HRESULT : 0xc0041800) (0xc0041800)

 

Error: (12/19/2014 05:45:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

 

 

==================== Memory info =========================== 

 

Processor: Intel® Celeron® CPU 3.06GHz

Percentage of memory in use: 66%

Total physical RAM: 2047.55 MB

Available physical RAM: 681.95 MB

Total Pagefile: 4095.11 MB

Available Pagefile: 2098.3 MB

Total Virtual: 2047.88 MB

Available Virtual: 1904.71 MB

 

==================== Drives ================================

 

Drive c: (PCF) (Fixed) (Total:74.52 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive e: (Seagate FreeAgent) (Fixed) (Total:465.76 GB) (Free:390.94 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: FA90AB9A)

Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

 

========================================================

Disk: 4 (Size: 465.8 GB) (Disk ID: 9B8A069E)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================


(Acorus) #2

Odinstaluj Microsoft Security Essentials.Otwórz notatnik systemowy i wklej:

Hosts:
HKLM\...\Run: [SunJavaUpdateSched] = C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] = [X]
HKU\S-1-5-21-4176922587-871959860-2980119677-1000\...\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
2014-12-29 12:28 - 2014-12-29 12:28 - 00000000 ____ D () C:\AdwCleaner
2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____ D () C:\ProgramData\Spybot - Search Destroy
2014-12-29 12:27 - 2014-02-25 11:45 - 00000000 ____ D () C:\Program Files\Spybot - Search Destroy
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.