Elektroda.pl
Elektroda.pl
X

Search our partners

Find the latest content on electronic components. Datasheets.com
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

Google Chrome wirus Istart.webssearch

konik183 11 Jun 2014 14:53 2754 8
  • #1
    konik183
    Level 9  
    Witam.
    Od pewnego czasu borykam się z denerwującym problemem jakim jest "wirus", który zmienił mi stronę startową na jakąś dziwną stronę zamieszczoną w temacie.
    Zmieniałem już stronę startową ale jest ustawiona same Google, a po odpaleniu Chrome wyskakuje mi z 6 kart tego czegoś...
    Adwcleaner nie pomaga. Reinstalacja przeglądarki nie pomaga.
    Jak nie będzie wyjścia to zrobię format ale wolałbym na razie jeszcze ominąć te wyjście.
    Dodać mogę, że w Explorerze i Fire foxie ten problem nie występuje.
    W właściwościach nie ma zmienionego pkt docelowego, sprawdzałem. :P POMOCY. ;)
  • #4
    konik183
    Level 9  
    FRST
    Spoiler:
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014 01
    Ran by Konik (administrator) on KONIKPC on 11-06-2014 20:05:41
    Running from C:\Users\Konik\Downloads
    Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-f...utorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    () C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12013272 2013-10-18] (Realtek Semiconductor)
    HKLM\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs
    HKLM\...\Run: [fst_pl_122] => [X]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
    HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-17] (Microsoft Corporation)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\Run: [EADM] => D:\Program Files\Origin Games\Origin\Origin.exe [3588952 2014-05-31] (Electronic Arts)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\Run: [MKLOL] => C:\Program Files\MKJogo\MKLOL\MK.exe [1227976 2014-06-05] (MK)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\MountPoints2: {964687be-9c72-11e3-8f86-0018f3122664} - F:\AutoRun.exe

    ==================== Internet (Whitelisted) ====================

    SearchScopes: HKLM - DefaultScope value is missing.
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95

    FireFox:
    ========
    FF ProfilePath: C:\Users\Konik\AppData\Roaming\Mozilla\Firefox\Profiles\zx24jvcz.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Extension: leethax.net extension - C:\Users\Konik\AppData\Roaming\Mozilla\Firefox\Profiles\zx24jvcz.default\Extensions\leethax@leethax.net.xpi [2014-05-14]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-04]

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    CHR Extension: (Dokumenty Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
    CHR Extension: (Dysk Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
    CHR Extension: (YouTube) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
    CHR Extension: (Szukaj w Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
    CHR Extension: (AdBlock) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-02]
    CHR Extension: (Google Wallet) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
    CHR Extension: (Gmail) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-04]

    ========================== Services (Whitelisted) =================

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-04] (AVAST Software)
    R2 WPSHWPBC; C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe [217088 2011-08-08] () [File not signed]

    ==================== Drivers (Whitelisted) ====================

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-04] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-04] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-04] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-04] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-04] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-04] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-04] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-04] ()
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
    R3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [1228864 2011-04-28] (Ralink Technology Corp.)
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-06-11 20:05 - 2014-06-11 20:06 - 00009031 _____ () C:\Users\Konik\Downloads\FRST.txt
    2014-06-11 20:05 - 2014-06-11 20:05 - 00000000 ____D () C:\FRST
    2014-06-11 20:04 - 2014-06-11 20:04 - 01073152 _____ (Farbar) C:\Users\Konik\Downloads\FRST.exe
    2014-06-09 20:31 - 2014-06-11 19:36 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-06-09 20:31 - 2014-06-11 14:41 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-09 20:31 - 2014-06-09 20:31 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\Program Files\Google
    2014-06-09 20:26 - 2014-06-09 20:26 - 00918672 _____ (Google Inc.) C:\Users\Konik\Downloads\ChromeSetup.exe
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-09 19:58 - 2014-06-09 19:58 - 01333465 _____ () C:\Users\Konik\Downloads\AdwCleaner.exe
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 21:21 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-06 18:53 - 2014-06-06 18:53 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
    2014-06-06 18:48 - 2014-06-06 18:48 - 00021070 _____ () C:\Users\Konik\Desktop\bookmarks_06.06.2014.html
    2014-06-04 16:07 - 2014-06-04 16:07 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\AVAST Software
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-06-04 16:05 - 2014-06-04 16:06 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-06-04 16:05 - 2014-06-04 16:06 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-06-04 16:05 - 2014-06-04 16:06 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-06-04 16:05 - 2014-06-04 16:05 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-06-04 16:05 - 2014-06-04 16:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-06-04 16:03 - 2014-06-04 16:03 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-06-04 15:38 - 2014-06-04 15:57 - 94714880 _____ (AVAST Software) C:\Users\Konik\Downloads\avast_free_antivirus_setup.exe
    2014-06-04 15:11 - 2014-06-09 20:21 - 00000000 ____D () C:\Users\Konik\Documents\FIFA World
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000828 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
    2014-06-03 21:30 - 2014-06-04 15:23 - 00000000 _____ () C:\Windows\system32\s.o
    2014-06-03 18:23 - 2014-06-03 18:24 - 00000000 ____D () C:\Users\Konik\Documents\MK-LOL
    2014-06-03 18:23 - 2014-06-03 18:23 - 00000048 _____ () C:\Windows\JQHApp.dat
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000981 _____ () C:\Users\Konik\Desktop\MK LOL.lnk
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Program Files\MKJogo
    2014-06-03 18:13 - 2014-06-03 18:14 - 05933256 _____ () C:\Users\Konik\Downloads\MK_LOL_1.0.0.25Beta.exe
    2014-06-03 16:45 - 2014-06-04 15:39 - 00000000 ____D () C:\Program Files\PCDApp
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    2014-06-03 16:40 - 2014-06-03 16:40 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732 (1).exe
    2014-06-03 15:56 - 2014-06-03 15:56 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732.exe
    2014-06-02 22:29 - 2014-06-02 22:29 - 00001914 _____ () C:\Users\Konik\Desktop\Drakensang Online.lnk
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Program Files\Drakensang Online
    2014-06-02 22:26 - 2014-06-02 22:27 - 08989808 _____ () C:\Users\Konik\Downloads\DrakensangOnlineSetup.exe
    2014-05-31 09:38 - 2014-05-31 09:39 - 00000000 ____D () C:\Users\Konik\AppData\Local\Origin
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000795 _____ () C:\Users\Public\Desktop\Origin.lnk
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2014-05-31 09:36 - 2014-05-31 09:37 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Konik\Downloads\OriginThinSetup.exe
    2014-05-29 23:02 - 2014-05-29 23:02 - 00000000 ____D () C:\Windows\Sun
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\WarThunder
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\ProgramData\WarThunder
    2014-05-28 20:45 - 2014-05-28 20:45 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Curse
    2014-05-27 13:22 - 2014-05-27 13:22 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
    2014-05-26 16:54 - 2014-05-26 22:11 - 00000000 __SHD () C:\Users\Konik\AppData\Local\.#
    2014-05-19 17:29 - 2014-05-19 17:31 - 00000000 ____D () C:\Users\Konik\Desktop\xzx
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
    2014-05-18 23:26 - 2014-05-18 23:32 - 11836590 _____ () C:\Users\Konik\Downloads\Metin2Mod_2012SF_29042014.exe
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000714 _____ () C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
    2014-05-18 19:58 - 2014-05-26 17:36 - 00000000 ____D () C:\Users\Konik\Documents\Fiddler2
    2014-05-18 19:57 - 2014-05-26 17:36 - 00000000 ____D () C:\Program Files\Fiddler2
    2014-05-15 14:28 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-05-15 14:28 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-05-15 14:28 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-05-15 13:46 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-05-15 13:46 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-05-15 13:46 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-05-15 13:46 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-05-15 13:46 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-05-15 13:46 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-05-15 13:46 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-05-15 13:46 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2014-05-15 13:46 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-05-15 13:46 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-05-15 13:46 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-05-15 13:45 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-05-15 13:45 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-05-15 13:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-05-14 15:12 - 2014-05-14 15:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Macromedia
    2014-05-14 15:10 - 2014-06-03 17:46 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-05-14 15:10 - 2014-06-03 17:46 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-05-14 15:09 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox

    ==================== One Month Modified Files and Folders =======

    2014-06-11 20:06 - 2014-06-11 20:05 - 00009031 _____ () C:\Users\Konik\Downloads\FRST.txt
    2014-06-11 20:06 - 2014-02-14 14:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Temp
    2014-06-11 20:05 - 2014-06-11 20:05 - 00000000 ____D () C:\FRST
    2014-06-11 20:04 - 2014-06-11 20:04 - 01073152 _____ (Farbar) C:\Users\Konik\Downloads\FRST.exe
    2014-06-11 19:50 - 2014-02-14 14:05 - 01543459 _____ () C:\Windows\WindowsUpdate.log
    2014-06-11 19:36 - 2014-06-09 20:31 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-06-11 19:26 - 2014-02-15 17:21 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-06-11 19:21 - 2009-07-14 06:39 - 00063490 _____ () C:\Windows\setupact.log
    2014-06-11 15:21 - 2014-02-15 14:41 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\BitTorrent
    2014-06-11 14:48 - 2014-03-16 00:30 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-11 14:48 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-06-11 14:48 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-06-11 14:41 - 2014-06-09 20:31 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-11 14:41 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-06-11 00:12 - 2014-02-18 16:19 - 00000000 ____D () C:\Users\Konik\AppData\Local\PMB Files
    2014-06-09 22:40 - 2014-02-15 04:17 - 00492408 _____ () C:\Windows\PFRO.log
    2014-06-09 20:31 - 2014-06-09 20:31 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\Program Files\Google
    2014-06-09 20:27 - 2014-06-09 19:58 - 00000000 ____D () C:\AdwCleaner
    2014-06-09 20:26 - 2014-06-09 20:26 - 00918672 _____ (Google Inc.) C:\Users\Konik\Downloads\ChromeSetup.exe
    2014-06-09 20:21 - 2014-06-04 15:11 - 00000000 ____D () C:\Users\Konik\Documents\FIFA World
    2014-06-09 19:58 - 2014-06-09 19:58 - 01333465 _____ () C:\Users\Konik\Downloads\AdwCleaner.exe
    2014-06-09 19:54 - 2009-07-14 06:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-06-09 18:40 - 2014-02-14 14:14 - 01692554 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-06-09 18:40 - 2009-07-14 10:07 - 00751540 _____ () C:\Windows\system32\perfh015.dat
    2014-06-09 18:40 - 2009-07-14 10:07 - 00159302 _____ () C:\Windows\system32\perfc015.dat
    2014-06-06 21:21 - 2014-06-06 18:53 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-06 18:53 - 2014-06-06 18:53 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
    2014-06-06 18:49 - 2014-02-14 14:51 - 00000000 ____D () C:\Users\Konik\AppData\Local\Deployment
    2014-06-06 18:48 - 2014-06-06 18:48 - 00021070 _____ () C:\Users\Konik\Desktop\bookmarks_06.06.2014.html
    2014-06-04 22:22 - 2014-02-18 16:18 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-06-04 16:07 - 2014-06-04 16:07 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\AVAST Software
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-06-04 16:06 - 2014-06-04 16:05 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-06-04 16:06 - 2014-06-04 16:05 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-06-04 16:06 - 2014-06-04 16:05 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-06-04 16:05 - 2014-06-04 16:05 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-06-04 16:05 - 2014-06-04 16:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-06-04 16:03 - 2014-06-04 16:03 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-06-04 15:58 - 2014-03-18 12:32 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-06-04 15:57 - 2014-06-04 15:38 - 94714880 _____ (AVAST Software) C:\Users\Konik\Downloads\avast_free_antivirus_setup.exe
    2014-06-04 15:40 - 2014-04-20 12:56 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\ttales
    2014-06-04 15:40 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-06-04 15:39 - 2014-06-03 16:45 - 00000000 ____D () C:\Program Files\PCDApp
    2014-06-04 15:23 - 2014-06-03 21:30 - 00000000 _____ () C:\Windows\system32\s.o
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000828 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
    2014-06-03 18:24 - 2014-06-03 18:23 - 00000000 ____D () C:\Users\Konik\Documents\MK-LOL
    2014-06-03 18:23 - 2014-06-03 18:23 - 00000048 _____ () C:\Windows\JQHApp.dat
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000981 _____ () C:\Users\Konik\Desktop\MK LOL.lnk
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Program Files\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:13 - 05933256 _____ () C:\Users\Konik\Downloads\MK_LOL_1.0.0.25Beta.exe
    2014-06-03 17:46 - 2014-05-14 15:10 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-06-03 17:46 - 2014-05-14 15:10 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-06-03 17:46 - 2014-02-14 14:13 - 00001421 _____ () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-06-03 16:48 - 2014-03-18 13:23 - 00000000 ____D () C:\Users\Konik\Documents\My Games
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator
    2014-06-03 16:42 - 2014-06-03 16:41 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    2014-06-03 16:40 - 2014-06-03 16:40 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732 (1).exe
    2014-06-03 15:56 - 2014-06-03 15:56 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732.exe
    2014-06-02 22:29 - 2014-06-02 22:29 - 00001914 _____ () C:\Users\Konik\Desktop\Drakensang Online.lnk
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Program Files\Drakensang Online
    2014-06-02 22:27 - 2014-06-02 22:26 - 08989808 _____ () C:\Users\Konik\Downloads\DrakensangOnlineSetup.exe
    2014-06-01 19:19 - 2014-02-14 14:56 - 00000000 ____D () C:\Users\Konik\Desktop\nuty
    2014-05-31 09:39 - 2014-05-31 09:38 - 00000000 ____D () C:\Users\Konik\AppData\Local\Origin
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000795 _____ () C:\Users\Public\Desktop\Origin.lnk
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2014-05-31 09:38 - 2014-03-16 00:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2014-05-31 09:37 - 2014-05-31 09:36 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Konik\Downloads\OriginThinSetup.exe
    2014-05-29 23:02 - 2014-05-29 23:02 - 00000000 ____D () C:\Windows\Sun
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\WarThunder
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\ProgramData\WarThunder
    2014-05-28 21:53 - 2014-02-18 16:21 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
    2014-05-28 20:45 - 2014-05-28 20:45 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Curse
    2014-05-28 20:36 - 2014-05-05 12:14 - 00000000 ____D () C:\ProgramData\MFAData
    2014-05-27 13:22 - 2014-05-27 13:22 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
    2014-05-26 22:29 - 2014-02-15 23:03 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\TS3Client
    2014-05-26 22:11 - 2014-05-26 16:54 - 00000000 __SHD () C:\Users\Konik\AppData\Local\.#
    2014-05-26 17:36 - 2014-05-18 19:58 - 00000000 ____D () C:\Users\Konik\Documents\Fiddler2
    2014-05-26 17:36 - 2014-05-18 19:57 - 00000000 ____D () C:\Program Files\Fiddler2
    2014-05-26 17:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-05-19 17:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
    2014-05-19 17:31 - 2014-05-19 17:29 - 00000000 ____D () C:\Users\Konik\Desktop\xzx
    2014-05-19 17:28 - 2014-03-15 18:44 - 00000000 ____D () C:\Users\Konik\Desktop\muzyka
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
    2014-05-18 23:32 - 2014-05-18 23:26 - 11836590 _____ () C:\Users\Konik\Downloads\Metin2Mod_2012SF_29042014.exe
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000714 _____ () C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
    2014-05-15 22:14 - 2014-05-06 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-05-15 22:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-05-15 14:31 - 2014-02-14 15:27 - 00000000 ____D () C:\Windows\system32\MRT
    2014-05-15 14:29 - 2014-02-14 15:27 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-05-14 21:11 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-05-14 16:26 - 2014-02-15 17:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-05-14 16:26 - 2014-02-15 17:21 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-05-14 15:12 - 2014-05-14 15:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Macromedia
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-05-14 15:10 - 2014-05-14 15:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox

    Some content of TEMP:
    ====================
    C:\Users\Konik\AppData\Local\Temp\294823_.exe
    C:\Users\Konik\AppData\Local\Temp\amt_webssearches.exe
    C:\Users\Konik\AppData\Local\Temp\app_d.exe
    C:\Users\Konik\AppData\Local\Temp\app_e.exe
    C:\Users\Konik\AppData\Local\Temp\crpt.exe
    C:\Users\Konik\AppData\Local\Temp\dgen.exe
    C:\Users\Konik\AppData\Local\Temp\DseShExt-x86.dll
    C:\Users\Konik\AppData\Local\Temp\libcurl-4.dll
    C:\Users\Konik\AppData\Local\Temp\MD5Hash.dll
    C:\Users\Konik\AppData\Local\Temp\pthreadGC2.dll
    C:\Users\Konik\AppData\Local\Temp\Quarantine.exe
    C:\Users\Konik\AppData\Local\Temp\SDShelEx-win32.dll
    C:\Users\Konik\AppData\Local\Temp\SHSetup.exe
    C:\Users\Konik\AppData\Local\Temp\zlib1.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-06-09 18:06

    ==================== End Of Log ============================

    Addition
    Spoiler:
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-06-2014 01
    Ran by Konik at 2014-06-11 20:06:40
    Running from C:\Users\Konik\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 10.0.938.1 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{1F897E00-83A6-4133-54E1-58F8D35E61C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.70611.1329 - Advanced Micro Devices, Inc.) Hidden
    avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
    Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
    BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
    Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center (Version: 2012.0611.1251.21046 - Nazwa firmy) Hidden
    Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Drakensang Online (HKLM\...\Drakensang Online) (Version: - )
    DWA-127 (HKLM\...\{E6F2D638-0846-46B6-8669-3CE08AFF3362}) (Version: 1.0.0.0 - D-Link CORPORATION)
    EA Sports FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.0.0.41706 - Electronic Arts, Inc.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
    Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
    Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
    Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
    Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (Version: 3.0.1 - Riot Games) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Word Viewer 2003 (HKLM\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    MKLOL (HKCU\...\MKLOL) (Version: - )
    Mozilla Firefox 29.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
    Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
    Ravia.eu (HKLM\...\Ravia.eu) (Version: - )
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
    Skype™ 6.13 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    Virtual DJ Pro Full - Atomix Productions (HKLM\...\Virtual DJ Pro Full - Atomix Productions) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
    WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
    World of Warplanes (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)

    ==================== Restore Points =========================

    28-05-2014 18:31:28 Removed AVG 2014
    28-05-2014 18:33:25 Removed AVG 2014
    28-05-2014 18:34:25 Windows Update
    03-06-2014 15:45:06 Windows Update
    04-06-2014 13:01:09 Zainstalowany program DirectX
    04-06-2014 14:00:07 avast! antivirus system restore point
    06-06-2014 16:54:08 Installed SpyHunter
    06-06-2014 18:38:05 Removed SpyHunter

    ==================== Hosts content: ==========================

    2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {10552CCA-3393-4542-AC82-20044BD8A3A4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-04] (AVAST Software)
    Task: {4D419DBD-5A22-40AA-8DF4-AE0C2A9CCD5D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
    Task: {82CB3591-38FC-4576-B809-256BB604A53A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {8A6265C6-D426-4C57-92F8-839C2F8A833F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-09] (Google Inc.)
    Task: {9204E1A7-C9C4-44A2-BB82-2AE3EEEC0C1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-09] (Google Inc.)
    Task: {A2971209-556E-4BC9-B378-0304DC2AC074} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-06-10 23:30 - 2014-06-10 23:30 - 02774528 _____ () C:\Program Files\AVAST Software\Avast\defs\14061002\algo.dll
    2014-06-11 14:42 - 2014-06-11 14:42 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14061100\algo.dll
    2014-06-04 16:05 - 2014-06-04 16:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-02-14 14:33 - 2011-08-08 17:34 - 00217088 _____ () C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe
    2012-06-11 13:45 - 2012-06-11 13:45 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================


    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========


    ==================== Faulty Device Manager Devices =============

    Name: Kontroler pamięci masowej
    Description: Kontroler pamięci masowej
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/04/2014 04:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


    Details:
    AddLegacyDriverFiles: Unable to back up image of binary qylrzacq.

    System Error:
    Nie można odnaleźć określonego pliku.
    .

    Error: (06/04/2014 03:59:59 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
    .
    To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {5121b75b-f5a0-4821-9800-a4fa288b1170}

    Error: (06/04/2014 03:01:08 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
    .
    To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {f70b95e9-42f6-488f-98ef-4d698347c7ab}

    Error: (06/03/2014 04:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: pl0700676c.fyt, wersja: 0.0.0.0, sygnatura czasowa: 0x538d8817
    Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96f
    Kod wyjątku: 0xc0000005
    Przesunięcie błędu: 0x00039342
    Identyfikator procesu powodującego błąd: 0xda8
    Godzina uruchomienia aplikacji powodującej błąd: 0xpl0700676c.fyt0
    Ścieżka aplikacji powodującej błąd: pl0700676c.fyt1
    Ścieżka modułu powodującego błąd: pl0700676c.fyt2
    Identyfikator raportu: pl0700676c.fyt3

    Error: (05/28/2014 09:53:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: KonikPc)
    Description: Nie można zamknąć aplikacji lub usługi LolClient.

    Error: (05/28/2014 08:56:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: CoherentUI_Host.exe, wersja: 1.8.0.0, sygnatura czasowa: 0x52ea6518
    Nazwa modułu powodującego błąd: CoherentUI_Host.exe, wersja: 1.8.0.0, sygnatura czasowa: 0x52ea6518
    Kod wyjątku: 0xc0000005
    Przesunięcie błędu: 0x0005b914
    Identyfikator procesu powodującego błąd: 0x1640
    Godzina uruchomienia aplikacji powodującej błąd: 0xCoherentUI_Host.exe0
    Ścieżka aplikacji powodującej błąd: CoherentUI_Host.exe1
    Ścieżka modułu powodującego błąd: CoherentUI_Host.exe2
    Identyfikator raportu: CoherentUI_Host.exe3

    Error: (05/26/2014 10:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0x12c8
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0x14f0
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:25:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0xe80
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Program metin2mod_2012sf.exe w wersji 1.0.36469.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

    Identyfikator procesu: 910

    Godzina rozpoczęcia: 01cf78f256267935

    Godzina zakończenia: 0

    Ścieżka aplikacji: D:\Program Files\Metin2\metin2mod_2012sf.exe

    Identyfikator raportu:


    System errors:
    =============
    Error: (06/10/2014 11:29:09 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT)
    Description: Wystąpił krytyczny błąd sprzętowy.

    Zgłoszone przez składnik: rdzeń procesora
    Źródło błędu: 3
    Typ błędu: 10
    Identyfikator procesora: 1

    Widok szczegółów tego wpisu zawiera dodatkowe informacje.

    Error: (06/10/2014 11:29:09 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT)
    Description: Wystąpił krytyczny błąd sprzętowy.

    Zgłoszone przez składnik: rdzeń procesora
    Źródło błędu: 3
    Typ błędu: 10
    Identyfikator procesora: 0

    Widok szczegółów tego wpisu zawiera dodatkowe informacje.

    Error: (06/04/2014 03:23:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/04/2014 03:23:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/04/2014 02:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/04/2014 02:04:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/03/2014 09:30:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/03/2014 09:30:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/03/2014 04:41:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Usługa vToolbarUpdater18.1.7 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

    Error: (05/28/2014 09:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


    Microsoft Office Sessions:
    =========================
    Error: (06/04/2014 04:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary qylrzacq.

    System Error:
    Nie można odnaleźć określonego pliku.

    Error: (06/04/2014 03:59:59 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Odmowa dostępu.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {5121b75b-f5a0-4821-9800-a4fa288b1170}

    Error: (06/04/2014 03:01:08 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Odmowa dostępu.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {f70b95e9-42f6-488f-98ef-4d698347c7ab}

    Error: (06/03/2014 04:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: pl0700676c.fyt0.0.0.0538d8817ole32.dll6.1.7601.175144ce7b96fc000000500039342da801cf7f3a1a60eb94C:\Users\Konik\AppData\Local\Temp\pl0700676c.fytC:\Windows\system32\ole32.dll61744d55-eb2d-11e3-a2d0-0018f3122664

    Error: (05/28/2014 09:53:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: KonikPc)
    Description: 1D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exeLolClient0111725080

    Error: (05/28/2014 08:56:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: CoherentUI_Host.exe1.8.0.052ea6518CoherentUI_Host.exe1.8.0.052ea6518c00000050005b914164001cf7aa5c79fce32C:\Users\Konik\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exeC:\Users\Konik\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.execd2946df-e699-11e3-8fc9-0018f3122664

    Error: (05/26/2014 10:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812f12c801cf791f389e531bD:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dll7816dea9-e512-11e3-abff-0018f3122664

    Error: (05/26/2014 05:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812f14f001cf78f7eb9c4bc6D:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dll2975fe28-e4eb-11e3-ac59-0018f3122664

    Error: (05/26/2014 05:25:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812fe8001cf78f6aed283abD:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dllece46376-e4e9-11e3-ac59-0018f3122664

    Error: (05/26/2014 05:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.091001cf78f2562679350D:\Program Files\Metin2\metin2mod_2012sf.exe


    CodeIntegrity Errors:
    ===================================
    Date: 2014-03-16 13:04:35.381
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.378
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.373
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.363
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.360
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.356
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.339
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.336
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.331
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.319
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  • #5
    SkyyX
    Level 18  
    Btw. Zainstaluj zamiast chrome Comodo Dragon ... zrobione na open source chromium ( chrome) ...
    to samo co chrome tylko z bezpieczenstwem .
  • #6
    Acorus 20
    Level 43  
    Otwórz Notatnik i wklej:

    Quote:
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    HKLM\...\Run: [fst_pl_122] => [X]
    SearchScopes: HKLM - DefaultScope value is missing.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix.
  • #7
    konik183
    Level 9  
    Spoiler:
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-06-2014 01
    Ran by Konik at 2014-06-11 20:27:18 Run:1
    Running from C:\Users\Konik\Downloads
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    HKLM\...\Run: [fst_pl_122] => [X]
    SearchScopes: HKLM - DefaultScope value is missing.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    *****************

    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D10D7C0B-6294-4BF8-B1BE-379B6245FBAE}' => Key deleted successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D10D7C0B-6294-4BF8-B1BE-379B6245FBAE}' => Key deleted successfully.
    C:\Windows\System32\Tasks\0214dUpdateInfo => Moved successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0214dUpdateInfo' => Key deleted successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_122 => value deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX" ==> The Chrome "Settings" can be used to fix the entry.
    esgiguard => Service deleted successfully.
    MSICDSetup => Service deleted successfully.
    C:\AdwCleaner => Moved successfully.
    C:\Program Files\Enigma Software Group => Moved successfully.
    C:\Users\Konik\Downloads\SpyHunter-Installer.exe => Moved successfully.
    C:\Users\HomeGroupUser$\AppData\Local\Google => Moved successfully.
    C:\Users\HomeGroupUser$ => Moved successfully.
    C:\Users\Gość\AppData\Local\Google => Moved successfully.
    C:\Users\Administrator\AppData\Local\Google => Moved successfully.
    C:\Users\Konik\AppData\Local\Genesis_06031441 => Moved successfully.

    ==== End of Fixlog ====


    Dodano po 1 [minuty]:

    jak narazie nadal mi wyskakują te karty w przeglądarce, nic to nie pomogło

    Dodano po 1 [minuty]:

    SkyyX wrote:
    Btw. Zainstaluj zamiast chrome Comodo Dragon ... zrobione na open source chromium ( chrome) ...
    to samo co chrome tylko z bezpieczenstwem .


    jakoś się przykleiłem do tego chroma i jak na razie przy nim chciałbym zostać, ale jeżeli nie pozbędę się reklam to skorzystam ;) dzięki za pomysł