Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by Marek at 2015-03-28 15:51:05 Running from C:\Documents and Settings\Marek\Pulpit Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-57989841-688789844-1417001333-1004\...\uTorrent) (Version: 3.4.2.36318 - BitTorrent Inc.) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2215 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mobile Internet blueconnect (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Mozilla Firefox 35.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 24-11-2014 00:04:36 Punkt kontrolny systemu 24-11-2014 19:48:15 Zainstalowane Mobile Internet blueconnect 25-11-2014 19:04:21 avast! antivirus system restore point 07-12-2014 08:18:52 Punkt kontrolny systemu 28-03-2015 13:34:06 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2008-04-15 13:00 - 2014-11-24 22:24 - 00000789 _RASH C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 mpa.one.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-11-24 22:23 - 2008-06-19 20:53 - 00060416 _____ () C:\WINDOWS\system32\antiwpa.dll 2015-03-28 13:35 - 2015-03-28 13:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-28 13:35 - 2015-03-28 13:35 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-03-28 13:32 - 2015-03-28 13:32 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032800\algo.dll 2014-11-25 19:08 - 2015-03-28 13:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-57989841-688789844-1417001333-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Idylla.bmp DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-57989841-688789844-1417001333-500 - Administrator - Enabled) Gość (S-1-5-21-57989841-688789844-1417001333-501 - Limited - Disabled) Marek (S-1-5-21-57989841-688789844-1417001333-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Marek Pomocnik (S-1-5-21-57989841-688789844-1417001333-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-57989841-688789844-1417001333-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/07/2015 01:22:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd plugin-container.exe, wersja 35.0.1.5500, moduł powodujący błąd mozalloc.dll, wersja 35.0.1.5500, adres błędu 0x00001425. Przetwarzanie zdarzenia określonego nośnika dla [plugin-container.exe!ws!] Error: (01/14/2015 06:06:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd plugin-container.exe, wersja 34.0.5.5443, moduł powodujący błąd mozalloc.dll, wersja 34.0.5.5443, adres błędu 0x00001425. Przetwarzanie zdarzenia określonego nośnika dla [plugin-container.exe!ws!] Error: (01/14/2015 06:06:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Aplikacja zawieszająca firefox.exe, wersja 34.0.5.5443, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error: (12/02/2014 04:56:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd plugin-container.exe, wersja 33.1.1.5430, moduł powodujący błąd mozalloc.dll, wersja 33.1.1.5430, adres błędu 0x00001425. Przetwarzanie zdarzenia określonego nośnika dla [plugin-container.exe!ws!] Error: (12/02/2014 04:56:15 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Aplikacja zawieszająca firefox.exe, wersja 33.1.1.5430, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. System errors: ============= Error: (03/28/2015 01:57:32 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:57:26 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:56:55 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:55:40 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:55:31 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:52:53 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:52:34 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:52:22 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:52:03 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Error: (03/28/2015 01:51:19 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort2 Microsoft Office Sessions: ========================= Error: (02/07/2015 01:22:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe35.0.1.5500mozalloc.dll35.0.1.550000001425 Error: (01/14/2015 06:06:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425 Error: (01/14/2015 06:06:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe34.0.5.5443hungapp0.0.0.000000000 Error: (12/02/2014 04:56:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe33.1.1.5430mozalloc.dll33.1.1.543000001425 Error: (12/02/2014 04:56:15 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe33.1.1.5430hungapp0.0.0.000000000 ==================== Memory info =========================== Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz Percentage of memory in use: 20% Total physical RAM: 2038.23 MB Available physical RAM: 1616.89 MB Total Pagefile: 3934.8 MB Available Pagefile: 3661.25 MB Total Virtual: 2047.88 MB Available Virtual: 1948.65 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.04 GB) (Free:139.84 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive e: () (Removable) (Total:3.75 GB) (Free:0.39 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 149 GB) (Disk ID: 3B2B3B2A) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================