ADVERTISEMENT

Addition.txt

Windows 7 Pro x64 - To połączenie jest niezaufane.

Oto logi z programu FRST.


Download file - link to post

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by HellBits at 2015-07-25 16:30:23
Running from C:\Users\HellBits\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-550707305-194106904-2750692012-500 - Administrator - Disabled)
Gość (S-1-5-21-550707305-194106904-2750692012-501 - Limited - Disabled)
HellBits (S-1-5-21-550707305-194106904-2750692012-1000 - Administrator - Enabled) = & gt; C:\Users\HellBits

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with " hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

" Dark Souls 2 " (HKLM-x32\...\{8182FA2F-E89F-46D4-8C3D-84CF4F4F8571}_is1) (Version: 1.0.1.0 - )
µTorrent (HKU\S-1-5-21-550707305-194106904-2750692012-1000\...\uTorrent) (Version: 3.4.2.37252 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
GG (HKU\S-1-5-21-550707305-194106904-2750692012-1000\...\GG) (Version: 12 - GG Network S.A.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Lazarus 1.2.6 (HKLM\...\lazarus_is1) (Version: 1.2.6 - Lazarus Team)
LightScribe 1.4.136.1 (x32 Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Nero 7 Essentials (HKLM-x32\...\{B28B351F-1232-46EA-85EF-B8EA91641045}) (Version: 7.02.5017 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)
Real-Draw PRO 5.2.4 (HKLM-x32\...\Real-Draw PRO_is1) (Version: - Mediachance)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebServ 2.1 (HKLM-x32\...\WebServ_is1) (Version: - WebsSrv.PL)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinFF 1.5.4 (Codename EMMA) (HKLM-x32\...\WinFF_is1) (Version: - WinFF.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-550707305-194106904-2750692012-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 - & gt; C:\Users\HellBits\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-21 18:25 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {197815DB-1B0F-4DB6-834B-6D224D18BCFC} - System32\Tasks\{8AE02AA4-CE5E-4FD3-A45F-32DC22875855} = & gt; pcalua.exe -a " O:\Gry\Obrazy plyt\FIFA 14 ULTIMATE EDITION MULTI14-FULLUNLOCKED\FIFA 14\__Installer\dotnet - Kopia\dotnet35sp1\redist\dotnetfx35.exe " -d " O:\Gry\Obrazy plyt\FIFA 14 ULTIMATE EDITION MULTI14-FULLUNLOCKED\FIFA 14\__Installer\dotnet - Kopia\dotnet35sp1\redist "
Task: {AD329B71-EEE4-43FF-A4EE-EE9F7DB666DA} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {EE82E88F-A40C-495B-B445-831763186408} - System32\Tasks\avast! Emergency Update = & gt; C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-10 20:19 - 2015-06-10 20:19 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-10 20:19 - 2015-06-10 20:19 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-25 15:58 - 2015-07-25 15:58 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072500\algo.dll
2015-04-04 15:30 - 2015-04-04 15:30 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The " AlternateShell " will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-550707305-194106904-2750692012-1000\Control Panel\Desktop\\Wallpaper - & gt; C:\Users\HellBits\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] = & gt; (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] = & gt; (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D61D7DE4-41F2-4721-A5CF-1B82417EF33E}] = & gt; (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{359F879A-92BA-4B15-A79F-EDE2E6858D70}] = & gt; (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D0F67F2C-C6D7-4A66-8B9C-89339E1C0D97}] = & gt; (Allow) C:\Users\HellBits\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A61A943F-AC8D-47FD-9111-47B763CDAA80}] = & gt; (Allow) C:\Users\HellBits\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94D03C85-C2C5-420C-BDCF-F5669187427A}] = & gt; (Allow) C:\Users\HellBits\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FB883D70-C9C1-44E7-8F34-AABE1CEB2315}] = & gt; (Allow) C:\Users\HellBits\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{0F724F15-439B-497E-BC01-7E5F80A06D8B}C:\gry\ut2004\unreal tournament 2004\system\ut2004.exe] = & gt; (Allow) C:\gry\ut2004\unreal tournament 2004\system\ut2004.exe
FirewallRules: [UDP Query User{E78770DF-162D-4475-9782-13037880677C}C:\gry\ut2004\unreal tournament 2004\system\ut2004.exe] = & gt; (Allow) C:\gry\ut2004\unreal tournament 2004\system\ut2004.exe
FirewallRules: [{998FFB10-9F5D-495F-8A0D-DD203BC3C5E4}] = & gt; (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04048CC4-85D1-4D21-955E-EAF25242D7C5}] = & gt; (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{512D2529-0916-4A2F-9820-A2B523845D3B}C:\program files (x86)\mozilla firefox\firefox.exe] = & gt; (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E6C9ACE6-F451-45B9-BCBF-D8D75D7F55DA}C:\program files (x86)\mozilla firefox\firefox.exe] = & gt; (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1536DBE2-C127-4F4F-B7DE-558AC21598DF}C:\gry\fifa14\game\fifa14.exe] = & gt; (Block) C:\gry\fifa14\game\fifa14.exe
FirewallRules: [UDP Query User{3F118C69-6AD2-4463-A85B-EA42233023DE}C:\gry\fifa14\game\fifa14.exe] = & gt; (Block) C:\gry\fifa14\game\fifa14.exe
FirewallRules: [{AAD2D465-3C0E-414A-A731-C05D4103E30F}] = & gt; (Allow) C:\Gry\Dark Souls 2\Game\DarkSoulsII.exe
FirewallRules: [{63B0C93D-0F0C-4EB1-94C5-1B98F7B7CCEC}] = & gt; (Allow) C:\Gry\Dark Souls 2\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{40DC9DCA-B5C3-4EED-A294-8FC8ACAF1241}C:\gry\wii\worms.exe] = & gt; (Allow) C:\gry\wii\worms.exe
FirewallRules: [UDP Query User{1F14B4FC-0DD4-41BD-B1BA-2466CE49C45B}C:\gry\wii\worms.exe] = & gt; (Allow) C:\gry\wii\worms.exe
FirewallRules: [TCP Query User{6C206764-EC5E-4B19-B440-3136A5E5F5A7}C:\gry\ta_3_1_no_cd\ta 3.1 no cd cc bt etc\ta 3.1 no cd\totala.exe] = & gt; (Allow) C:\gry\ta_3_1_no_cd\ta 3.1 no cd cc bt etc\ta 3.1 no cd\totala.exe
FirewallRules: [UDP Query User{5AE462FF-B4F2-4900-B34A-357821ABB1A5}C:\gry\ta_3_1_no_cd\ta 3.1 no cd cc bt etc\ta 3.1 no cd\totala.exe] = & gt; (Allow) C:\gry\ta_3_1_no_cd\ta 3.1 no cd cc bt etc\ta 3.1 no cd\totala.exe
FirewallRules: [TCP Query User{368C7A9A-5433-4412-A9DE-7D01DBFEED0D}C:\webserv\apache2\bin\webserv(apache).exe] = & gt; (Block) C:\webserv\apache2\bin\webserv(apache).exe
FirewallRules: [UDP Query User{72824CAA-0CDC-4BB4-84EB-E0F985AD4233}C:\webserv\apache2\bin\webserv(apache).exe] = & gt; (Block) C:\webserv\apache2\bin\webserv(apache).exe
FirewallRules: [TCP Query User{AE5E6950-456B-483D-865A-B30EA9169909}C:\webserv\mysql\bin\webserv(mysqld).exe] = & gt; (Block) C:\webserv\mysql\bin\webserv(mysqld).exe
FirewallRules: [UDP Query User{9482AE96-7283-439E-BB65-231995D6F5CF}C:\webserv\mysql\bin\webserv(mysqld).exe] = & gt; (Block) C:\webserv\mysql\bin\webserv(mysqld).exe
FirewallRules: [TCP Query User{29650F2A-065A-44B8-BE76-F1EB9BDF9B35}C:\totalcmd\totalcmd.exe] = & gt; (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{E08FF60E-C5A0-4FD5-A5F9-BE576900C310}C:\totalcmd\totalcmd.exe] = & gt; (Allow) C:\totalcmd\totalcmd.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

System errors:
=============
Error: (07/23/2015 01:19:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 18:43:31 na ‎2015-‎07-‎22 było nieoczekiwane.

Error: (07/21/2015 07:48:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 16:45:16 na ‎2015-‎07-‎21 było nieoczekiwane.

Error: (12/29/2016 02:04:57 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: ZARZĄDZANIE NT)
Description: Usługa czasu wykryła, że konieczna jest zmiana czasu systemowego o -46054798 s. Usługa czasu nie zmieni czasu systemowego o więcej niż 54000 s. Upewnij się, że czas i strefa czasowa są poprawne i że źródło czasu time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123- & gt; 104.41.150.68:123) działa poprawnie.


Microsoft Office:
=========================

CodeIntegrity Error:
===================================
Date: 2015-07-25 16:28:53.568
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 15:57:25.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 14:56:30.618
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 14:32:33.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-24 14:47:28.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-23 20:14:18.688
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-23 19:59:56.581
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-23 19:51:16.945
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-23 19:38:34.647
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-23 15:43:35.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU E5420 @ 2.50GHz
Percentage of memory in use: 25%
Total physical RAM: 4094.49 MB
Available physical RAM: 3047.17 MB
Total Virtual: 8188.64 MB
Available Virtual: 7047.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:32.84 GB) NTFS
Drive d: () (Fixed) (Total:61.34 GB) (Free:1.27 GB) FAT32
Drive e: () (Fixed) (Total:61.34 GB) (Free:1.35 GB) FAT32
Drive f: () (Fixed) (Total:61.35 GB) (Free:0.48 GB) NTFS
Drive h: () (Fixed) (Total:365.76 GB) (Free:273.64 GB) NTFS
Drive o: () (Fixed) (Total:365.75 GB) (Free:181.18 GB) NTFS
Drive z: () (Fixed) (Total:48.83 GB) (Free:0.24 GB) NTFS == & gt; [system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 48B0E975)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EBFBEBFB)
Partition 1: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=06)
Partition 3: (Not Active) - (Size=365.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=365.8 GB) - (Type=OF Extended)

==================== End of log ============================