Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2014 01 Ran by I at 2014-11-01 06:41:22 Running from C:\Users\I\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Ashampoo WinOptimizer 10 v.10.2.6 (HKLM\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) EaseUS Partition Master 10.1 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.4.0.4 - QFX Software Corporation) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.009.05.00.69 - Huawei Technologies Co.,Ltd) MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 33.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 33.0.2 (x86 pl)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 31.2.0 (x86 pl)) (Version: 31.2.0 - Mozilla) Online Armor 7.0 (HKLM\...\OnlineArmor_is1) (Version: 7.0 - Emsisoft GmbH) Personalization Panel (HKLM\...\Personalization Panel) (Version: 1.2.0.0 - http://winreview.ru/) Personalization Panel DWM Controller (HKLM\...\{77D3B2EB-8A7E-4E5C-9BC7-6BC2CD6B6B37}) (Version: 1.0.0 - Winreview.ru) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) True Image WD Edition (HKLM\...\{E7152D73-589E-4194-9F9D-39AF1DCF5940}) (Version: 16.0.5962 - Acronis) Unreal Commander v2.02 (HKLM\...\UnrealCommander_is1) (Version: - Max Diesel) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {B5F39786-3E41-4765-8EAF-C9F51CCCAC5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-30 07:00 - 2014-10-06 15:50 - 00775400 _____ () C:\Program Files\Emsisoft Anti-Malware\fw32.dll 2011-03-14 16:27 - 2011-03-14 16:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe 2014-10-25 21:34 - 2012-09-22 03:32 - 00655744 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2014-10-25 21:34 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2014-10-25 21:34 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2014-10-25 21:34 - 2010-07-23 05:58 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2014-10-25 21:34 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2014-10-25 21:34 - 2012-09-22 03:32 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2014-10-25 21:34 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2014-09-09 21:27 - 2013-10-08 22:07 - 00885096 _____ () C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe 2014-03-06 08:10 - 2014-03-06 08:10 - 00420160 _____ () C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-10-29 07:56 - 2014-10-29 07:56 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-09-09 21:05 - 2014-08-16 23:55 - 00008704 _____ () C:\Users\I\AppData\Roaming\Mozilla\Firefox\Profiles\1xq9nrv9.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:C43ED645 AlternateDataStreams: C:\Users\I\Downloads\tdsskiller.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\06823385.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09830036.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47564120.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\06823385.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09830036.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47564120.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: PcaSvc => 3 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: RemoteRegistry => 3 MSCONFIG\Services: RpcLocator => 3 MSCONFIG\Services: SessionEnv => 3 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\Services: TermService => 3 MSCONFIG\Services: wcncsvc => 3 MSCONFIG\Services: WinDefend => 2 MSCONFIG\Services: WinRM => 3 MSCONFIG\Services: WMPNetworkSvc => 3 MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: Ashampoo WinOptimizer Live-Tuner => "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe" -TRAY MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: UsBuga Acronis Scheduler2 Service => ========================= Accounts: ========================== Administrator (S-1-5-21-3484390013-3890596361-3067502036-500 - Administrator - Disabled) Gość (S-1-5-21-3484390013-3890596361-3067502036-501 - Limited - Disabled) I (S-1-5-21-3484390013-3890596361-3067502036-1000 - Administrator - Enabled) => C:\Users\I ==================== Faulty Device Manager Devices ============= Name: Globetrotter HSUPA Modem Description: Globetrotter HSUPA Modem Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (11/01/2014 06:27:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (11/01/2014 06:26:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: %%1053 Error: (11/01/2014 06:26:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. OUC. Error: (10/31/2014 08:12:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (10/31/2014 08:12:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: %%1053 Error: (10/31/2014 08:12:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. OUC. Error: (10/31/2014 03:21:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (10/31/2014 03:21:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: %%1053 Error: (10/31/2014 03:21:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. OUC. Error: (10/31/2014 03:13:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-11-01 06:36:02.077 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-11-01 06:25:42.411 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 21:25:12.832 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 21:11:12.483 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 20:55:20.924 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 20:47:27.290 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 20:11:04.536 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 15:20:22.333 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-31 15:11:58.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-29 20:52:46.455 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz Percentage of memory in use: 47% Total physical RAM: 2037.95 MB Available physical RAM: 1064.51 MB Total Pagefile: 4075.89 MB Available Pagefile: 2596.64 MB Total Virtual: 2047.88 MB Available Virtual: 1879.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.49 GB) (Free:124.49 GB) NTFS Drive m: () (Fixed) (Total:86.29 GB) (Free:71.59 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0006BA52) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=86.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================