Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015 Ran by MG at 2015-01-08 19:50:52 Running from C:\Users\MG\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}) (Version: 9.0 - Nazwa firmy.) AntiLogger (Version: 1.9.3.527 - Zemana Ltd.) Hidden Ashampoo Burning Studio 2015 v.1.15.0 (HKLM\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG) ASUS Sonic Focus (HKLM\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys ) ASUS USB Charger Plus (HKLM\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.5 - ASUS) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden EaseUS Data Recovery Wizard 8.6 (HKLM\...\EaseUS Data Recovery Wizard 8.6_is1) (Version: - EaseUS) EaseUS Partition Master 10.2 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) Empire Earth II (HKLM\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra) ESET NOD32 Antivirus (HKLM\...\{E05A8D1F-7A42-4FD9-B3E7-761B366B9F8E}) (Version: 8.0.304.2 - ESET, spol s r. o.) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Europa Universalis III Złota Edycja (HKLM\...\{8520505F-3734-4BF8-9DEC-ECBB8737C497}) (Version: 5.1b - Paradox Interactive) GardenPuzzle - Garden Planner (HKLM\...\GardenPuzzle.31FAFA193F692E138C6BB309B446CA42C25328E4.1) (Version: 1.40 - Marek Rafalowicz) GardenPuzzle - Garden Planner (Version: 1.40 - Marek Rafalowicz) Hidden Glary Utilities 5.16 (HKLM\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.) KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.5.0.0 - QFX Software Corporation) MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 34.0.5 (x86 pl) (HKLM\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek) Sandboxie 4.14 (32-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC) Seagate DiscWizard (HKLM\...\{48D5A88D-2447-4136-B09A-086F5678C942}) (Version: 16.0.5840 - Seagate) SIW Pro Edition (GOTD) (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2015.01.08 - Topala Software Solutions) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.2.1.0 - BiniSoft.org) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2209DC7F-1C4B-4A2A-AF37-34261F1B5965} - System32\Tasks\CCleanerSkipUAC => C:\Users\MG\Downloads\ccsetup500\CCleaner.exe [2014-11-21] (Piriform Ltd) Task: {2D68E484-A787-4F2D-BCE8-842B2620D70B} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd) Task: {8CA7F426-9B9F-42A5-BA67-D3159C5A3BB5} - System32\Tasks\GlaryUpdate 5 => C:\Program Files\Glary Utilities 5\CheckUpdate.exe [2015-01-05] (Glarysoft Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks\GlaryUpdate 5.job => C:\Program Files\Glary Utilities 5\CheckUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-03-21 22:29 - 2012-03-21 22:29 - 00065024 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2012-03-21 22:28 - 2012-03-21 22:28 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2012-03-21 22:09 - 2012-03-21 22:09 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-12-21 20:34 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-12-21 20:37 - 2014-08-16 23:55 - 00008704 _____ () C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll 2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL 2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2014-12-21 20:50 - 2014-12-21 20:50 - 16843952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13636717.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13710944.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13636717.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13710944.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: RemoteRegistry => 3 MSCONFIG\Services: SessionEnv => 3 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\Services: TermService => 3 MSCONFIG\Services: wcncsvc => 3 MSCONFIG\Services: WinDefend => 2 MSCONFIG\Services: WinRM => 3 MSCONFIG\Services: WMPNetworkSvc => 3 MSCONFIG\startupfolder: C:^Users^MG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun ========================= Accounts: ========================== Administrator (S-1-5-21-2226444264-1822766488-2759232319-500 - Administrator - Disabled) Gość (S-1-5-21-2226444264-1822766488-2759232319-501 - Limited - Disabled) MG (S-1-5-21-2226444264-1822766488-2759232319-1000 - Administrator - Enabled) => C:\Users\MG ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2015 03:57:47 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:47 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:47 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:47 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Error: (01/08/2015 03:57:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (01/08/2015 03:57:45 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:45 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=4700}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2015 03:57:45 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Usługa Windows Search nie może otworzyć magazynu właściwości aparatu Jet. Szczegóły: 0x%08x (0xc0041800 - Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800)) Error: (01/08/2015 03:57:45 PM) (Source: ESENT) (EventID: 455) (User: ) Description: Windows (3692) Windows: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00082.log. System errors: ============= Error: (01/08/2015 03:57:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/08/2015 03:57:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2015-01-08 19:48:13.906 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 19:41:05.688 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 17:31:38.070 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 16:36:05.753 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 16:13:48.978 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 15:57:18.476 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 15:56:04.699 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 15:44:40.784 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 13:44:30.823 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-08 13:23:07.425 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD E-350 Processor Percentage of memory in use: 54% Total physical RAM: 2667.72 MB Available physical RAM: 1221.23 MB Total Pagefile: 5333.73 MB Available Pagefile: 3532.92 MB Total Virtual: 2047.88 MB Available Virtual: 1880.67 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:268.7 GB) (Free:235.91 GB) NTFS Drive m: () (Fixed) (Total:29.29 GB) (Free:9.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8054EADF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=268.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================