ADW CLEANER juz usunalem co sie dalo ;p konczy sie FIRSTOWAĆ :) Dodano po 38 : Robię w takiej kolejności jak napisałeś :) zrobiłem router, odpalilem adwclenaer, teraz skonczylo sie firstować i dodam zaraz logi :) Dodano po 1 : Oto logi z FIRST :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Deathbringer at 2014-10-10 11:00:05
Running from C:\Users\Deathbringer\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with " hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
Budzik 1.04 (HKLM-x32\...\Budzik_is1) (Version: 1.04 - BLITZ-ART)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0429.2313.39747 - Nazwa firmy) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.62.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
EVEREST Ultimate Edition v5.30 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.30 - Lavalys, Inc.)
GG (HKCU\...\GG) (Version: 12 - GG Network S.A.)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Kamerzysta (deinstalacja) (HKLM-x32\...\Kamerzysta) (Version: - )
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.)
PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version: - )
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
Taboret2 - Czat komunikator (HKLM-x32\...\Taboret2) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
WinRAR 5.10 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3862578207-4276117141-3020185260-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 - & gt; C:\Users\Deathbringer\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
==================== Restore Points =========================
04-10-2014 01:01:08 Windows Update
08-10-2014 02:25:13 Windows Update
09-10-2014 21:28:39 RegClean Pro Cz, paź 09, 14 23:28
10-10-2014 04:23:49 Operacja przywracania
10-10-2014 04:36:35 Windows Update
10-10-2014 04:44:37 RegClean Pro Pt, paź 10, 14 06:44
10-10-2014 05:47:39 Operacja przywracania
10-10-2014 06:20:28 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-10 08:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {D4F3069A-36F7-42CF-AD5F-91A22D32F6A5} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-09-25 00:05 - 2014-09-25 00:05 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The " AlternateShell " will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option = & gt; " OptionValue " = " 2 "
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: OverwolfUpdater = & gt; 3
MSCONFIG\Services: SkypeUpdate = & gt; 2
MSCONFIG\startupreg: Onet.pl AutoUpdate = & gt; " C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe " /updateexetsr
========================= Accounts: ==========================
Administrator (S-1-5-21-3862578207-4276117141-3020185260-500 - Administrator - Disabled)
Deathbringer (S-1-5-21-3862578207-4276117141-3020185260-1000 - Administrator - Enabled) = & gt; C:\Users\Deathbringer
Gość (S-1-5-21-3862578207-4276117141-3020185260-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3862578207-4276117141-3020185260-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/10/2014 10:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 32.0.3.5379, sygnatura czasowa: 0x54224e6b
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 32.0.3.5379, sygnatura czasowa: 0x54221b67
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000141b
Identyfikator procesu powodującego błąd: 0x11f4
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3
Error: (10/10/2014 08:07:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Opis = ComboFix created restore point; Błąd = 0x8007043c).
Error: (10/10/2014 08:07:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
.
Operacja:
Tworzenie wystąpienia serwera VSS
Error: (10/10/2014 08:07:12 AM) (Source: VSS) (EventID: 18) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą IVssCoordinatorEx2.
W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
]
Operacja:
Tworzenie wystąpienia serwera VSS
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Nie można zainicjować indeksu.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Nie można zainicjować aplikacji.
Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Nie można zainicjować obiektu programu zbierającego.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w & lt; Search.TripoliIndexer & gt; .
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Error: (10/10/2014 07:52:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w & lt; Search.JetPropStore & gt; .
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:57 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (10/10/2014 10:55:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:41 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (10/10/2014 10:55:41 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (10/10/2014 10:55:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Error: (10/10/2014 10:55:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
%%1068
Microsoft Office Sessions:
=========================
Error: (10/10/2014 10:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b11f401cfe461ddd7a782C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll71bcd564-5057-11e4-925d-001d7d7fd0c7
Error: (10/10/2014 08:07:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c
Error: (10/10/2014 08:07:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
Operacja:
Tworzenie wystąpienia serwera VSS
Error: (10/10/2014 08:07:12 AM) (Source: VSS) (EventID: 18) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
Operacja:
Tworzenie wystąpienia serwera VSS
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 07:52:58 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (10/10/2014 07:52:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (10/10/2014 07:52:57 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800)
CodeIntegrity Errors:
===================================
Date: 2014-10-10 08:12:01.303
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-10 08:12:01.256
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-10 07:06:08.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-10 07:06:08.448
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-09 04:07:38.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 04:07:38.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 04:07:38.017
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 04:07:37.996
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 04:07:37.995
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 04:07:37.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 38%
Total physical RAM: 2046.49 MB
Available physical RAM: 1268.44 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 3349.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.45 GB) (Free:76.97 GB) NTFS == & gt; [Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:116.44 GB) (Free:114.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================