Elektroda.pl
Elektroda.pl
X
Elektroda.pl
Advanced Search
Elektroda.pl
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

Google Chrome wirus Istart.webssearch

konik183 11 Jun 2014 14:53 2778 8
Automation24
| New topic
  • #1
    konik183
    Level 9  
    Witam.
    Od pewnego czasu borykam się z denerwującym problemem jakim jest "wirus", który zmienił mi stronę startową na jakąś dziwną stronę zamieszczoną w temacie.
    Zmieniałem już stronę startową ale jest ustawiona same Google, a po odpaleniu Chrome wyskakuje mi z 6 kart tego czegoś...
    Adwcleaner nie pomaga. Reinstalacja przeglądarki nie pomaga.
    Jak nie będzie wyjścia to zrobię format ale wolałbym na razie jeszcze ominąć te wyjście.
    Dodać mogę, że w Explorerze i Fire foxie ten problem nie występuje.
    W właściwościach nie ma zmienionego pkt docelowego, sprawdzałem. :P POMOCY. ;)
  • Automation24
  • Automation24
  • #4
    konik183
    Level 9  
    FRST
    Spoiler:
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014 01
    Ran by Konik (administrator) on KONIKPC on 11-06-2014 20:05:41
    Running from C:\Users\Konik\Downloads
    Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    () C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12013272 2013-10-18] (Realtek Semiconductor)
    HKLM\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs
    HKLM\...\Run: [fst_pl_122] => [X]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
    HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-17] (Microsoft Corporation)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\Run: [EADM] => D:\Program Files\Origin Games\Origin\Origin.exe [3588952 2014-05-31] (Electronic Arts)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\Run: [MKLOL] => C:\Program Files\MKJogo\MKLOL\MK.exe [1227976 2014-06-05] (MK)
    HKU\S-1-5-21-351585507-2158226219-1374106671-1000\...\MountPoints2: {964687be-9c72-11e3-8f86-0018f3122664} - F:\AutoRun.exe

    ==================== Internet (Whitelisted) ====================

    SearchScopes: HKLM - DefaultScope value is missing.
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95

    FireFox:
    ========
    FF ProfilePath: C:\Users\Konik\AppData\Roaming\Mozilla\Firefox\Profiles\zx24jvcz.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin: @TOOLS.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @TOOLS.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Extension: leethax.net extension - C:\Users\Konik\AppData\Roaming\Mozilla\Firefox\Profiles\zx24jvcz.default\Extensions\leethax@leethax.net.xpi [2014-05-14]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-04]

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    CHR Extension: (Dokumenty Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
    CHR Extension: (Dysk Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
    CHR Extension: (YouTube) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
    CHR Extension: (Szukaj w Google) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
    CHR Extension: (AdBlock) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-02]
    CHR Extension: (Google Wallet) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
    CHR Extension: (Gmail) - C:\Users\Konik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-04]

    ========================== Services (Whitelisted) =================

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-04] (AVAST Software)
    R2 WPSHWPBC; C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe [217088 2011-08-08] () [File not signed]

    ==================== Drivers (Whitelisted) ====================

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-04] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-04] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-04] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-04] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-04] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-04] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-04] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-04] ()
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
    R3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [1228864 2011-04-28] (Ralink Technology Corp.)
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-06-11 20:05 - 2014-06-11 20:06 - 00009031 _____ () C:\Users\Konik\Downloads\FRST.txt
    2014-06-11 20:05 - 2014-06-11 20:05 - 00000000 ____D () C:\FRST
    2014-06-11 20:04 - 2014-06-11 20:04 - 01073152 _____ (Farbar) C:\Users\Konik\Downloads\FRST.exe
    2014-06-09 20:31 - 2014-06-11 19:36 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-06-09 20:31 - 2014-06-11 14:41 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-09 20:31 - 2014-06-09 20:31 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\Program Files\Google
    2014-06-09 20:26 - 2014-06-09 20:26 - 00918672 _____ (Google Inc.) C:\Users\Konik\Downloads\ChromeSetup.exe
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-09 19:58 - 2014-06-09 19:58 - 01333465 _____ () C:\Users\Konik\Downloads\AdwCleaner.exe
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 21:21 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-06 18:53 - 2014-06-06 18:53 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
    2014-06-06 18:48 - 2014-06-06 18:48 - 00021070 _____ () C:\Users\Konik\Desktop\bookmarks_06.06.2014.html
    2014-06-04 16:07 - 2014-06-04 16:07 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\AVAST Software
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-06-04 16:05 - 2014-06-04 16:06 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-06-04 16:05 - 2014-06-04 16:06 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-06-04 16:05 - 2014-06-04 16:06 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-06-04 16:05 - 2014-06-04 16:05 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-06-04 16:05 - 2014-06-04 16:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-06-04 16:03 - 2014-06-04 16:03 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-06-04 15:38 - 2014-06-04 15:57 - 94714880 _____ (AVAST Software) C:\Users\Konik\Downloads\avast_free_antivirus_setup.exe
    2014-06-04 15:11 - 2014-06-09 20:21 - 00000000 ____D () C:\Users\Konik\Documents\FIFA World
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000828 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
    2014-06-03 21:30 - 2014-06-04 15:23 - 00000000 _____ () C:\Windows\system32\s.o
    2014-06-03 18:23 - 2014-06-03 18:24 - 00000000 ____D () C:\Users\Konik\Documents\MK-LOL
    2014-06-03 18:23 - 2014-06-03 18:23 - 00000048 _____ () C:\Windows\JQHApp.dat
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000981 _____ () C:\Users\Konik\Desktop\MK LOL.lnk
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Program Files\MKJogo
    2014-06-03 18:13 - 2014-06-03 18:14 - 05933256 _____ () C:\Users\Konik\Downloads\MK_LOL_1.0.0.25Beta.exe
    2014-06-03 16:45 - 2014-06-04 15:39 - 00000000 ____D () C:\Program Files\PCDApp
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    2014-06-03 16:40 - 2014-06-03 16:40 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732 (1).exe
    2014-06-03 15:56 - 2014-06-03 15:56 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732.exe
    2014-06-02 22:29 - 2014-06-02 22:29 - 00001914 _____ () C:\Users\Konik\Desktop\Drakensang Online.lnk
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Program Files\Drakensang Online
    2014-06-02 22:26 - 2014-06-02 22:27 - 08989808 _____ () C:\Users\Konik\Downloads\DrakensangOnlineSetup.exe
    2014-05-31 09:38 - 2014-05-31 09:39 - 00000000 ____D () C:\Users\Konik\AppData\Local\Origin
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000795 _____ () C:\Users\Public\Desktop\Origin.lnk
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2014-05-31 09:36 - 2014-05-31 09:37 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Konik\Downloads\OriginThinSetup.exe
    2014-05-29 23:02 - 2014-05-29 23:02 - 00000000 ____D () C:\Windows\Sun
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\WarThunder
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\ProgramData\WarThunder
    2014-05-28 20:45 - 2014-05-28 20:45 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Curse
    2014-05-27 13:22 - 2014-05-27 13:22 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
    2014-05-26 16:54 - 2014-05-26 22:11 - 00000000 __SHD () C:\Users\Konik\AppData\Local\.#
    2014-05-19 17:29 - 2014-05-19 17:31 - 00000000 ____D () C:\Users\Konik\Desktop\xzx
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
    2014-05-18 23:26 - 2014-05-18 23:32 - 11836590 _____ () C:\Users\Konik\Downloads\Metin2Mod_2012SF_29042014.exe
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000714 _____ () C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
    2014-05-18 19:58 - 2014-05-26 17:36 - 00000000 ____D () C:\Users\Konik\Documents\Fiddler2
    2014-05-18 19:57 - 2014-05-26 17:36 - 00000000 ____D () C:\Program Files\Fiddler2
    2014-05-15 14:28 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-05-15 14:28 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-05-15 14:28 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-05-15 13:46 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-05-15 13:46 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-05-15 13:46 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-05-15 13:46 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-05-15 13:46 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-05-15 13:46 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-05-15 13:46 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-05-15 13:46 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2014-05-15 13:46 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-05-15 13:46 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-05-15 13:46 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-05-15 13:46 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-05-15 13:45 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-05-15 13:45 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-05-15 13:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-05-14 15:12 - 2014-05-14 15:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Macromedia
    2014-05-14 15:10 - 2014-06-03 17:46 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-05-14 15:10 - 2014-06-03 17:46 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-05-14 15:09 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox

    ==================== One Month Modified Files and Folders =======

    2014-06-11 20:06 - 2014-06-11 20:05 - 00009031 _____ () C:\Users\Konik\Downloads\FRST.txt
    2014-06-11 20:06 - 2014-02-14 14:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Temp
    2014-06-11 20:05 - 2014-06-11 20:05 - 00000000 ____D () C:\FRST
    2014-06-11 20:04 - 2014-06-11 20:04 - 01073152 _____ (Farbar) C:\Users\Konik\Downloads\FRST.exe
    2014-06-11 19:50 - 2014-02-14 14:05 - 01543459 _____ () C:\Windows\WindowsUpdate.log
    2014-06-11 19:36 - 2014-06-09 20:31 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-06-11 19:26 - 2014-02-15 17:21 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-06-11 19:21 - 2009-07-14 06:39 - 00063490 _____ () C:\Windows\setupact.log
    2014-06-11 15:21 - 2014-02-15 14:41 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\BitTorrent
    2014-06-11 14:48 - 2014-03-16 00:30 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-11 14:48 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-06-11 14:48 - 2009-07-14 06:34 - 00013440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-06-11 14:41 - 2014-06-09 20:31 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-11 14:41 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-06-11 00:12 - 2014-02-18 16:19 - 00000000 ____D () C:\Users\Konik\AppData\Local\PMB Files
    2014-06-09 22:40 - 2014-02-15 04:17 - 00492408 _____ () C:\Windows\PFRO.log
    2014-06-09 20:31 - 2014-06-09 20:31 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-09 20:31 - 2014-06-09 20:31 - 00000000 ____D () C:\Program Files\Google
    2014-06-09 20:27 - 2014-06-09 19:58 - 00000000 ____D () C:\AdwCleaner
    2014-06-09 20:26 - 2014-06-09 20:26 - 00918672 _____ (Google Inc.) C:\Users\Konik\Downloads\ChromeSetup.exe
    2014-06-09 20:21 - 2014-06-04 15:11 - 00000000 ____D () C:\Users\Konik\Documents\FIFA World
    2014-06-09 19:58 - 2014-06-09 19:58 - 01333465 _____ () C:\Users\Konik\Downloads\AdwCleaner.exe
    2014-06-09 19:54 - 2009-07-14 06:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-06-09 18:40 - 2014-02-14 14:14 - 01692554 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-06-09 18:40 - 2009-07-14 10:07 - 00751540 _____ () C:\Windows\system32\perfh015.dat
    2014-06-09 18:40 - 2009-07-14 10:07 - 00159302 _____ () C:\Windows\system32\perfc015.dat
    2014-06-06 21:21 - 2014-06-06 18:53 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-06 18:53 - 2014-06-06 18:53 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
    2014-06-06 18:49 - 2014-02-14 14:51 - 00000000 ____D () C:\Users\Konik\AppData\Local\Deployment
    2014-06-06 18:48 - 2014-06-06 18:48 - 00021070 _____ () C:\Users\Konik\Desktop\bookmarks_06.06.2014.html
    2014-06-04 22:22 - 2014-02-18 16:18 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-06-04 16:07 - 2014-06-04 16:07 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\AVAST Software
    2014-06-04 16:07 - 2014-06-04 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-06-04 16:06 - 2014-06-04 16:05 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-06-04 16:06 - 2014-06-04 16:05 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-06-04 16:06 - 2014-06-04 16:05 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401890760812
    2014-06-04 16:05 - 2014-06-04 16:05 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-06-04 16:05 - 2014-06-04 16:05 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-06-04 16:05 - 2014-06-04 16:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-06-04 16:05 - 2014-06-04 16:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-06-04 16:03 - 2014-06-04 16:03 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-06-04 15:58 - 2014-03-18 12:32 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-06-04 15:57 - 2014-06-04 15:38 - 94714880 _____ (AVAST Software) C:\Users\Konik\Downloads\avast_free_antivirus_setup.exe
    2014-06-04 15:40 - 2014-04-20 12:56 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\ttales
    2014-06-04 15:40 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-06-04 15:39 - 2014-06-03 16:45 - 00000000 ____D () C:\Program Files\PCDApp
    2014-06-04 15:23 - 2014-06-03 21:30 - 00000000 _____ () C:\Windows\system32\s.o
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000828 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
    2014-06-04 15:03 - 2014-06-04 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
    2014-06-03 18:24 - 2014-06-03 18:23 - 00000000 ____D () C:\Users\Konik\Documents\MK-LOL
    2014-06-03 18:23 - 2014-06-03 18:23 - 00000048 _____ () C:\Windows\JQHApp.dat
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000981 _____ () C:\Users\Konik\Desktop\MK LOL.lnk
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:14 - 00000000 ____D () C:\Program Files\MKJogo
    2014-06-03 18:14 - 2014-06-03 18:13 - 05933256 _____ () C:\Users\Konik\Downloads\MK_LOL_1.0.0.25Beta.exe
    2014-06-03 17:46 - 2014-05-14 15:10 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-06-03 17:46 - 2014-05-14 15:10 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-06-03 17:46 - 2014-02-14 14:13 - 00001421 _____ () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-06-03 16:48 - 2014-03-18 13:23 - 00000000 ____D () C:\Users\Konik\Documents\My Games
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator
    2014-06-03 16:42 - 2014-06-03 16:41 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    2014-06-03 16:40 - 2014-06-03 16:40 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732 (1).exe
    2014-06-03 15:56 - 2014-06-03 15:56 - 00144144 _____ () C:\Users\Konik\Downloads\MKJogoLeagueofLegends__7934_il1700732.exe
    2014-06-02 22:29 - 2014-06-02 22:29 - 00001914 _____ () C:\Users\Konik\Desktop\Drakensang Online.lnk
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
    2014-06-02 22:29 - 2014-06-02 22:29 - 00000000 ____D () C:\Program Files\Drakensang Online
    2014-06-02 22:27 - 2014-06-02 22:26 - 08989808 _____ () C:\Users\Konik\Downloads\DrakensangOnlineSetup.exe
    2014-06-01 19:19 - 2014-02-14 14:56 - 00000000 ____D () C:\Users\Konik\Desktop\nuty
    2014-05-31 09:39 - 2014-05-31 09:38 - 00000000 ____D () C:\Users\Konik\AppData\Local\Origin
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000795 _____ () C:\Users\Public\Desktop\Origin.lnk
    2014-05-31 09:38 - 2014-05-31 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2014-05-31 09:38 - 2014-03-16 00:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2014-05-31 09:37 - 2014-05-31 09:36 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Konik\Downloads\OriginThinSetup.exe
    2014-05-29 23:02 - 2014-05-29 23:02 - 00000000 ____D () C:\Windows\Sun
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\WarThunder
    2014-05-29 12:10 - 2014-05-29 12:10 - 00000000 ____D () C:\ProgramData\WarThunder
    2014-05-28 21:53 - 2014-02-18 16:21 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
    2014-05-28 20:45 - 2014-05-28 20:45 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Curse
    2014-05-28 20:36 - 2014-05-05 12:14 - 00000000 ____D () C:\ProgramData\MFAData
    2014-05-27 13:22 - 2014-05-27 13:22 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
    2014-05-26 22:29 - 2014-02-15 23:03 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\TS3Client
    2014-05-26 22:11 - 2014-05-26 16:54 - 00000000 __SHD () C:\Users\Konik\AppData\Local\.#
    2014-05-26 17:36 - 2014-05-18 19:58 - 00000000 ____D () C:\Users\Konik\Documents\Fiddler2
    2014-05-26 17:36 - 2014-05-18 19:57 - 00000000 ____D () C:\Program Files\Fiddler2
    2014-05-26 17:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-05-19 17:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
    2014-05-19 17:31 - 2014-05-19 17:29 - 00000000 ____D () C:\Users\Konik\Desktop\xzx
    2014-05-19 17:28 - 2014-03-15 18:44 - 00000000 ____D () C:\Users\Konik\Desktop\muzyka
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
    2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
    2014-05-18 23:32 - 2014-05-18 23:26 - 11836590 _____ () C:\Users\Konik\Downloads\Metin2Mod_2012SF_29042014.exe
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000714 _____ () C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
    2014-05-18 20:53 - 2014-05-18 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
    2014-05-15 22:14 - 2014-05-06 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-05-15 22:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-05-15 14:31 - 2014-02-14 15:27 - 00000000 ____D () C:\Windows\system32\MRT
    2014-05-15 14:29 - 2014-02-14 15:27 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-05-14 21:11 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-05-14 16:26 - 2014-02-15 17:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-05-14 16:26 - 2014-02-15 17:21 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-05-14 15:12 - 2014-05-14 15:12 - 00000000 ____D () C:\Users\Konik\AppData\Local\Macromedia
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Roaming\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Users\Konik\AppData\Local\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-05-14 15:10 - 2014-05-14 15:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-05-14 15:10 - 2014-05-14 15:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox

    Some content of TEMP:
    ====================
    C:\Users\Konik\AppData\Local\Temp\294823_.exe
    C:\Users\Konik\AppData\Local\Temp\amt_webssearches.exe
    C:\Users\Konik\AppData\Local\Temp\app_d.exe
    C:\Users\Konik\AppData\Local\Temp\app_e.exe
    C:\Users\Konik\AppData\Local\Temp\crpt.exe
    C:\Users\Konik\AppData\Local\Temp\dgen.exe
    C:\Users\Konik\AppData\Local\Temp\DseShExt-x86.dll
    C:\Users\Konik\AppData\Local\Temp\libcurl-4.dll
    C:\Users\Konik\AppData\Local\Temp\MD5Hash.dll
    C:\Users\Konik\AppData\Local\Temp\pthreadGC2.dll
    C:\Users\Konik\AppData\Local\Temp\Quarantine.exe
    C:\Users\Konik\AppData\Local\Temp\SDShelEx-win32.dll
    C:\Users\Konik\AppData\Local\Temp\SHSetup.exe
    C:\Users\Konik\AppData\Local\Temp\zlib1.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-06-09 18:06

    ==================== End Of Log ============================

    Addition
    Spoiler:
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-06-2014 01
    Ran by Konik at 2014-06-11 20:06:40
    Running from C:\Users\Konik\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 10.0.938.1 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{1F897E00-83A6-4133-54E1-58F8D35E61C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.70611.1329 - Advanced Micro Devices, Inc.) Hidden
    avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
    Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
    BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
    Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center (Version: 2012.0611.1251.21046 - Nazwa firmy) Hidden
    Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (Version: 2012.0611.1250.21046 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility (Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
    Drakensang Online (HKLM\...\Drakensang Online) (Version: - )
    DWA-127 (HKLM\...\{E6F2D638-0846-46B6-8669-3CE08AFF3362}) (Version: 1.0.0.0 - D-Link CORPORATION)
    EA Sports FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.0.0.41706 - Electronic Arts, Inc.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
    Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
    Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
    Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
    Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (Version: 3.0.1 - Riot Games) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Word Viewer 2003 (HKLM\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    MKLOL (HKCU\...\MKLOL) (Version: - )
    Mozilla Firefox 29.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
    Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
    Ravia.eu (HKLM\...\Ravia.eu) (Version: - )
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
    Skype™ 6.13 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    Virtual DJ Pro Full - Atomix Productions (HKLM\...\Virtual DJ Pro Full - Atomix Productions) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
    WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
    World of Warplanes (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)

    ==================== Restore Points =========================

    28-05-2014 18:31:28 Removed AVG 2014
    28-05-2014 18:33:25 Removed AVG 2014
    28-05-2014 18:34:25 Windows Update
    03-06-2014 15:45:06 Windows Update
    04-06-2014 13:01:09 Zainstalowany program DirectX
    04-06-2014 14:00:07 avast! antivirus system restore point
    06-06-2014 16:54:08 Installed SpyHunter
    06-06-2014 18:38:05 Removed SpyHunter

    ==================== Hosts content: ==========================

    2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {10552CCA-3393-4542-AC82-20044BD8A3A4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-04] (AVAST Software)
    Task: {4D419DBD-5A22-40AA-8DF4-AE0C2A9CCD5D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
    Task: {82CB3591-38FC-4576-B809-256BB604A53A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {8A6265C6-D426-4C57-92F8-839C2F8A833F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-09] (Google Inc.)
    Task: {9204E1A7-C9C4-44A2-BB82-2AE3EEEC0C1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-09] (Google Inc.)
    Task: {A2971209-556E-4BC9-B378-0304DC2AC074} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-06-10 23:30 - 2014-06-10 23:30 - 02774528 _____ () C:\Program Files\AVAST Software\Avast\defs\14061002\algo.dll
    2014-06-11 14:42 - 2014-06-11 14:42 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14061100\algo.dll
    2014-06-04 16:05 - 2014-06-04 16:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-02-14 14:33 - 2011-08-08 17:34 - 00217088 _____ () C:\Program Files\D-Link CORPORATION\DWA-127\WPSHWPBC.exe
    2012-06-11 13:45 - 2012-06-11 13:45 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
    2014-06-09 20:31 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================


    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========


    ==================== Faulty Device Manager Devices =============

    Name: Kontroler pamięci masowej
    Description: Kontroler pamięci masowej
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/04/2014 04:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


    Details:
    AddLegacyDriverFiles: Unable to back up image of binary qylrzacq.

    System Error:
    Nie można odnaleźć określonego pliku.
    .

    Error: (06/04/2014 03:59:59 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
    .
    To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {5121b75b-f5a0-4821-9800-a4fa288b1170}

    Error: (06/04/2014 03:01:08 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
    .
    To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {f70b95e9-42f6-488f-98ef-4d698347c7ab}

    Error: (06/03/2014 04:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: pl0700676c.fyt, wersja: 0.0.0.0, sygnatura czasowa: 0x538d8817
    Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96f
    Kod wyjątku: 0xc0000005
    Przesunięcie błędu: 0x00039342
    Identyfikator procesu powodującego błąd: 0xda8
    Godzina uruchomienia aplikacji powodującej błąd: 0xpl0700676c.fyt0
    Ścieżka aplikacji powodującej błąd: pl0700676c.fyt1
    Ścieżka modułu powodującego błąd: pl0700676c.fyt2
    Identyfikator raportu: pl0700676c.fyt3

    Error: (05/28/2014 09:53:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: KonikPc)
    Description: Nie można zamknąć aplikacji lub usługi LolClient.

    Error: (05/28/2014 08:56:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: CoherentUI_Host.exe, wersja: 1.8.0.0, sygnatura czasowa: 0x52ea6518
    Nazwa modułu powodującego błąd: CoherentUI_Host.exe, wersja: 1.8.0.0, sygnatura czasowa: 0x52ea6518
    Kod wyjątku: 0xc0000005
    Przesunięcie błędu: 0x0005b914
    Identyfikator procesu powodującego błąd: 0x1640
    Godzina uruchomienia aplikacji powodującej błąd: 0xCoherentUI_Host.exe0
    Ścieżka aplikacji powodującej błąd: CoherentUI_Host.exe1
    Ścieżka modułu powodującego błąd: CoherentUI_Host.exe2
    Identyfikator raportu: CoherentUI_Host.exe3

    Error: (05/26/2014 10:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0x12c8
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0x14f0
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:25:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nazwa aplikacji powodującej błąd: metin2mod_2012sf.exe, wersja: 1.0.36469.0, sygnatura czasowa: 0x50ed330e
    Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x531599f6
    Kod wyjątku: 0xef0000fb
    Przesunięcie błędu: 0x0000812f
    Identyfikator procesu powodującego błąd: 0xe80
    Godzina uruchomienia aplikacji powodującej błąd: 0xmetin2mod_2012sf.exe0
    Ścieżka aplikacji powodującej błąd: metin2mod_2012sf.exe1
    Ścieżka modułu powodującego błąd: metin2mod_2012sf.exe2
    Identyfikator raportu: metin2mod_2012sf.exe3

    Error: (05/26/2014 05:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Program metin2mod_2012sf.exe w wersji 1.0.36469.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

    Identyfikator procesu: 910

    Godzina rozpoczęcia: 01cf78f256267935

    Godzina zakończenia: 0

    Ścieżka aplikacji: D:\Program Files\Metin2\metin2mod_2012sf.exe

    Identyfikator raportu:


    System errors:
    =============
    Error: (06/10/2014 11:29:09 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT)
    Description: Wystąpił krytyczny błąd sprzętowy.

    Zgłoszone przez składnik: rdzeń procesora
    Źródło błędu: 3
    Typ błędu: 10
    Identyfikator procesora: 1

    Widok szczegółów tego wpisu zawiera dodatkowe informacje.

    Error: (06/10/2014 11:29:09 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT)
    Description: Wystąpił krytyczny błąd sprzętowy.

    Zgłoszone przez składnik: rdzeń procesora
    Źródło błędu: 3
    Typ błędu: 10
    Identyfikator procesora: 0

    Widok szczegółów tego wpisu zawiera dodatkowe informacje.

    Error: (06/04/2014 03:23:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/04/2014 03:23:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/04/2014 02:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/04/2014 02:04:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/03/2014 09:30:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi Protect Monitor z powodu następującego błędu:
    %%1053

    Error: (06/03/2014 09:30:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Protect Monitor.

    Error: (06/03/2014 04:41:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Usługa vToolbarUpdater18.1.7 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

    Error: (05/28/2014 09:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


    Microsoft Office Sessions:
    =========================
    Error: (06/04/2014 04:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary qylrzacq.

    System Error:
    Nie można odnaleźć określonego pliku.

    Error: (06/04/2014 03:59:59 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Odmowa dostępu.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {5121b75b-f5a0-4821-9800-a4fa288b1170}

    Error: (06/04/2014 03:01:08 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Odmowa dostępu.


    Operacja:
    Zbieranie danych modułu zapisującego

    Kontekst:
    Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
    Nazwa modułu zapisującego: System Writer
    Identyfikator wystąpienia modułu zapisującego: {f70b95e9-42f6-488f-98ef-4d698347c7ab}

    Error: (06/03/2014 04:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: pl0700676c.fyt0.0.0.0538d8817ole32.dll6.1.7601.175144ce7b96fc000000500039342da801cf7f3a1a60eb94C:\Users\Konik\AppData\Local\Temp\pl0700676c.fytC:\Windows\system32\ole32.dll61744d55-eb2d-11e3-a2d0-0018f3122664

    Error: (05/28/2014 09:53:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: KonikPc)
    Description: 1D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exeLolClient0111725080

    Error: (05/28/2014 08:56:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: CoherentUI_Host.exe1.8.0.052ea6518CoherentUI_Host.exe1.8.0.052ea6518c00000050005b914164001cf7aa5c79fce32C:\Users\Konik\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exeC:\Users\Konik\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.execd2946df-e699-11e3-8fc9-0018f3122664

    Error: (05/26/2014 10:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812f12c801cf791f389e531bD:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dll7816dea9-e512-11e3-abff-0018f3122664

    Error: (05/26/2014 05:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812f14f001cf78f7eb9c4bc6D:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dll2975fe28-e4eb-11e3-ac59-0018f3122664

    Error: (05/26/2014 05:25:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.050ed330eKERNELBASE.dll6.1.7601.18409531599f6ef0000fb0000812fe8001cf78f6aed283abD:\Program Files\Metin2\metin2mod_2012sf.exeC:\Windows\system32\KERNELBASE.dllece46376-e4e9-11e3-ac59-0018f3122664

    Error: (05/26/2014 05:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: metin2mod_2012sf.exe1.0.36469.091001cf78f2562679350D:\Program Files\Metin2\metin2mod_2012sf.exe


    CodeIntegrity Errors:
    ===================================
    Date: 2014-03-16 13:04:35.381
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.378
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.373
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.363
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.360
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.356
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.339
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.336
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.331
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-03-16 13:04:35.319
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  • #5
    SkyyX
    Level 18  
    Btw. Zainstaluj zamiast chrome Comodo Dragon ... zrobione na open source chromium ( chrome) ...
    to samo co chrome tylko z bezpieczenstwem .
  • #6
    Acorus 20
    Level 43  
    Otwórz Notatnik i wklej:

    Quote:
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    HKLM\...\Run: [fst_pl_122] => [X]
    SearchScopes: HKLM - DefaultScope value is missing.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix.
  • #7
    konik183
    Level 9  
    Spoiler:
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-06-2014 01
    Ran by Konik at 2014-06-11 20:27:18 Run:1
    Running from C:\Users\Konik\Downloads
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    Task: {D10D7C0B-6294-4BF8-B1BE-379B6245FBAE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
    HKLM\...\Run: [fst_pl_122] => [X]
    SearchScopes: HKLM - DefaultScope value is missing.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX"
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 MSICDSetup; \??\E:\CDriver.sys [X]
    2014-06-09 19:58 - 2014-06-09 20:27 - 00000000 ____D () C:\AdwCleaner
    2014-06-06 18:55 - 2014-06-06 18:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-06-06 18:53 - 2014-06-06 18:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Konik\Downloads\SpyHunter-Installer.exe
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
    2014-06-03 16:44 - 2014-06-03 16:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-06-03 16:41 - 2014-06-03 16:42 - 00000000 ____D () C:\Users\Konik\AppData\Local\Genesis_06031441
    *****************

    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D10D7C0B-6294-4BF8-B1BE-379B6245FBAE}' => Key deleted successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D10D7C0B-6294-4BF8-B1BE-379B6245FBAE}' => Key deleted successfully.
    C:\Windows\System32\Tasks\0214dUpdateInfo => Moved successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0214dUpdateInfo' => Key deleted successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_122 => value deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    CHR StartupUrls: "hxxp://google.pl/", "hxxp://istart.webssearches.com/?type=hppp&ts=1401912337&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402000937&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402061067&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402070422&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402258863&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402319785&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402327093&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX", "hxxp://istart.webssearches.com/?type=hppp&ts=1402336503&from=amt&uid=ExcelStorXTechnologyXJ8160S_PVB300Q4090PUA090PUAX" ==> The Chrome "Settings" can be used to fix the entry.
    esgiguard => Service deleted successfully.
    MSICDSetup => Service deleted successfully.
    C:\AdwCleaner => Moved successfully.
    C:\Program Files\Enigma Software Group => Moved successfully.
    C:\Users\Konik\Downloads\SpyHunter-Installer.exe => Moved successfully.
    C:\Users\HomeGroupUser$\AppData\Local\Google => Moved successfully.
    C:\Users\HomeGroupUser$ => Moved successfully.
    C:\Users\Gość\AppData\Local\Google => Moved successfully.
    C:\Users\Administrator\AppData\Local\Google => Moved successfully.
    C:\Users\Konik\AppData\Local\Genesis_06031441 => Moved successfully.

    ==== End of Fixlog ====


    Dodano po 1 [minuty]:

    jak narazie nadal mi wyskakują te karty w przeglądarce, nic to nie pomogło

    Dodano po 1 [minuty]:

    SkyyX wrote:
    Btw. Zainstaluj zamiast chrome Comodo Dragon ... zrobione na open source chromium ( chrome) ...
    to samo co chrome tylko z bezpieczenstwem .


    jakoś się przykleiłem do tego chroma i jak na razie przy nim chciałbym zostać, ale jeżeli nie pozbędę się reklam to skorzystam ;) dzięki za pomysł
| New topic