Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01 Ran by Serge_2 at 2014-11-26 23:30:24 Running from C:\Users\Serge_2\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Crystal Eye webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.7.29.500-1.0 - Sonix) Acer Crystal Eye webcam (HKLM\...\{AA047D7C-5E7C-4878-B75C-77589151B563}) (Version: 1.0.13 - SUYIN) Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4006 - Acer Inc.) Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4007 - Acer Inc.) Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4014 - Acer Inc.) Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4002 - Acer Inc.) Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4008 - Acer Inc.) Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.3003 - Acer Inc.) Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.11.20070515 - Acer Inc.) Acer Tour (HKLM\...\{94389919-B0AA-4882-9BE8-9F0B004ECA35}) (Version: 2.0.1003 - Acer Inc.) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - Alps Electric) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) K-Lite Codec Pack 7.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) LightScribe 1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{E9AD90C1-6281-45AB-9458-098D2EF770A1}) (Version: 08.05.0822 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5443 - Realtek Semiconductor Corp.) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 22-11-2014 21:29:45 Windows Update 25-11-2014 09:00:39 Removed Acer eDataSecurity Management 25-11-2014 09:04:02 Removed Acer eLock Management 25-11-2014 09:12:45 Removed Adobe Reader 8.1.0 25-11-2014 09:14:40 Removed Java 7 Update 67 26-11-2014 07:48:50 Windows Update 26-11-2014 21:39:52 Removed Java 8 Update 25 26-11-2014 21:52:56 Removed Java 8 Update 25 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2014-11-25 21:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {509F2706-D324-43F6-8985-6212E9BE69A6} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Serge => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\User_Feed_Synchronization-{B502B7BF-B1B4-41BD-AA39-35DF28BBB530}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2007-08-16 20:16 - 2006-11-24 11:57 - 00107008 _____ () C:\Acer\Mobility Center\MobilityService.exe 2007-08-16 20:16 - 2006-10-24 09:54 - 00033280 _____ () C:\Acer\Mobility Center\MobilityInterface.dll 2008-12-24 22:25 - 2007-02-13 06:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll 2008-12-24 22:25 - 2007-02-13 06:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\IERYETF.dll 2007-08-16 20:02 - 2007-05-10 13:05 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe 2007-08-16 20:02 - 2007-05-10 13:05 - 00114688 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll 2007-08-16 20:02 - 2007-05-10 13:05 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll 2014-03-17 12:00 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll 2014-03-17 12:00 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll 2014-03-17 12:00 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll 2014-03-17 12:00 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll 2014-03-17 12:00 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll 2014-01-16 21:20 - 2014-01-16 21:20 - 04591616 _____ () C:\Users\Serge_2\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll 2014-01-16 21:20 - 2014-01-16 21:20 - 00112128 _____ () C:\Users\Serge_2\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: eNet Service => 2 MSCONFIG\Services: WinDefend => 2 MSCONFIG\Services: wscsvc => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk => C:\Windows\pss\Empowering Technology Launcher.lnk.CommonStartup MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe MSCONFIG\startupreg: eDataSecurity Loader => C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe MSCONFIG\startupreg: PLFSet => rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Skytel => Skytel.exe MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide MSCONFIG\startupreg: Windows Mobile-based device management => %windir%\WindowsMobile\wmdSync.exe MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter ========================= Accounts: ========================== Administrator (S-1-5-21-929553786-925988434-3115227362-500 - Administrator - Disabled) Gość (S-1-5-21-929553786-925988434-3115227362-501 - Limited - Enabled) Serge_2 (S-1-5-21-929553786-925988434-3115227362-1002 - Administrator - Enabled) => C:\Users\Serge_2 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/26/2014 10:45:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd chromeinstall-8u25.exe, wersja 8.0.250.18, sygnatura czasowa 0x54346ef6, moduł powodujący błąd JavaIC.dll_unloaded, wersja 0.0.0.0, sygnatura czasowa 0x54737bf1, kod wyjątku 0xc0000005, przesunięcie błędu 0x6c224705, identyfikator procesu 0x914, godzina rozpoczęcia aplikacji 0xchromeinstall-8u25.exe0. Error: (11/25/2014 10:04:01 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas szukania interfejsu IVssWriterCallback. hr = 0x80070005. To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {ce803227-491d-4f46-824a-b35e2937c3a3} Error: (11/23/2014 10:00:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 8000000A Error: (11/23/2014 06:07:47 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (11/22/2014 06:54:19 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (11/13/2014 09:47:46 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (11/12/2014 11:31:47 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez ponowne odbudowanie indeksu. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odczytać metadanych indeksu zawartości. (0xc0041801) Error: (11/12/2014 11:31:46 PM) (Source: ESENT) (EventID: 467) (User: ) Description: Windows (2140) Windows: Baza danych C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Indeks System_ItemFolderPathDisplayNarrow415 tabeli SystemIndex_0A jest uszkodzony (0). Error: (11/12/2014 11:31:39 PM) (Source: ESENT) (EventID: 467) (User: ) Description: Windows (2140) Windows: Baza danych C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Indeks System_ItemFolderPathDisplayNarrow415 tabeli SystemIndex_0A jest uszkodzony (0). Error: (11/12/2014 07:52:45 AM) (Source: PerfNet) (EventID: 2006) (User: ) Description: System errors: ============= Error: (11/26/2014 11:10:37 PM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/26/2014 00:00:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000Schedule Error: (11/26/2014 08:45:34 AM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/25/2014 09:21:55 PM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/25/2014 06:22:26 PM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/25/2014 10:28:14 AM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/25/2014 10:28:09 AM) (Source: LSM) (EventID: 1048) (User: ) Description: Uruchamianie usługi terminalowej nie powiodło się. Odpowiedni kod stanu: Dane konfiguracyjne tego produktu są uszkodzone. Skontaktuj się z działem Pomocy technicznej. . Error: (11/25/2014 10:14:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (11/25/2014 10:14:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (11/25/2014 10:14:15 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-08-11 20:57:51.945 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:51.308 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:50.668 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:50.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:49.288 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:48.638 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:48.018 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:47.382 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:46.664 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLTDIX86\kltdi.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-11 20:57:45.946 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLTDIX86\kltdi.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU 530 @ 1.73GHz Percentage of memory in use: 80% Total physical RAM: 1013.27 MB Available physical RAM: 197.24 MB Total Pagefile: 2284.87 MB Available Pagefile: 1059.32 MB Total Virtual: 2047.88 MB Available Virtual: 1910.23 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:51.14 GB) (Free:17.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:50.89 GB) (Free:50.61 GB) NTFS Drive h: (Expansion Drive) (Fixed) (Total:465.76 GB) (Free:158.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: C2D6B1CA) Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Active) - (Size=51.1 GB) - (Type=06) Partition 3: (Not Active) - (Size=50.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 0C3057C5) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================