Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01 Ran by Gizela at 2014-11-25 13:49:41 Running from C:\Users\Gizela\Desktop\Karolina naprawa! Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.) Anytime USB Charge Utility (HKLM-x32\...\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}) (Version: 1.00.00.001 - FUJITSU LIMITED) App Lid (HKLM-x32\...\App Lid) (Version: 1.35.9.29 - Lid) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Internet Security (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) Barbie(TM) jako Księżniczka i żebraczka (HKLM-x32\...\{A83FB5BD-3A15-48C4-824C-5FFEF8F87C16}) (Version: 1.00.0000 - Activision) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013PL_is1) (Version: 1.0 - GIANTS Software) Farming Simulator 2013 Demo (HKLM-x32\...\FarmingSimulator2013DemoEN_is1) (Version: 1.0 - GIANTS Software) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version: - ) Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED) Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.001 - FUJITSU LIMITED) Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.3.0.0 - FUJITSU LIMITED) Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation) Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Menedżer Piłkarski 2004/2005 (HKLM-x32\...\Menedżer Piłkarski) (Version: 2004/2005 - Play Sp. z o.o.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Minecraft Packages (HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\...\Minecraft Packages) (Version: - ) <==== ATTENTION Niezbędnik rowerzysty (HKLM-x32\...\{4849E74C-3408-467A-AF8B-F3DEC3C07542}) (Version: 1.00.0000 - YDP) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.) Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation) Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation) Piraci z Karaibów - Na krańcu świata (HKLM-x32\...\{01CBFCE7-95AD-40F3-BC63-C46EFB2FC9C4}) (Version: 1.0 - Disney Interactive Studios) Piszę poprawnie 4 (HKLM-x32\...\Piszę poprawnie 4) (Version: - ) Play Pickle Games Console (HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\...\PlayPickle) (Version: 1.1.4 - Play Turtle,LLC) Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 5.4.0.1 - FUJITSU LIMITED) Plugfree NETWORK (Version: 5.4.001 - FUJITSU LIMITED) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.009 - FUJITSU LIMITED) Professional Farmer 2014 (HKLM-x32\...\Steam App 258880) (Version: - PlayWay S.A.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Rajd Polski (HKLM-x32\...\Rajd Polski_is1) (Version: - IQ Publishing) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6263 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.) Ski Region Simulator 2012 Demo (HKLM-x32\...\SkiRegionSimulator2012DemoEN_is1) (Version: 1.0 - GIANTS Software) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Symulator Demolki Demo (HKLM-x32\...\DemolitionCompanyDemoPL_is1) (Version: - GIANTS Software) Symulator Farmy 2011 (HKLM-x32\...\FarmingSimulator2011PL_is1) (Version: 1.0 - GIANTS Software) Symulator Samochodów Wyścigowych (HKLM-x32\...\Symulator Samochodów Wyścigowych 1.3) (Version: 1.3 - Techland) Symulator Samochodów Wyścigowych (x32 Version: 1.3 - Techland) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated) Szkoła podstawowa klasa 4 - Tajemnice przyrody (HKLM-x32\...\Szkoła podstawowa klasa 4 - Tajemnice przyrody) (Version: - ) Szkoła podstawowa klasa 4 - Wczoraj i dziś (HKLM-x32\...\Szkoła podstawowa klasa 4 - Wczoraj i dziś) (Version: - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.16.10 - Electronic Arts Inc.) Unity Web Player (HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Wesoła szkoła i przyjaciele klasa 1 (HKLM-x32\...\Wesoła szkoła i przyjaciele klasa 1) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinRAR 5.11 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WorldofTanks (HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\...\WorldofTanks) (Version: - WorldofTanks) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3448794057-2279744148-3698898670-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Gizela\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 20-11-2014 13:58:18 Zainstalowany program DirectX 21-11-2014 07:34:58 Instalator modułów systemu Windows 21-11-2014 15:42:46 avast! antivirus system restore point 23-11-2014 18:00:45 Kopia zapasowa systemu Windows 24-11-2014 11:37:42 Removed Bonjour 24-11-2014 11:48:52 Installed STOPzilla 24-11-2014 12:00:45 Removed STOPzilla 24-11-2014 12:08:58 Removed STOPzilla 24-11-2014 12:14:33 Installed SpyHunter 25-11-2014 08:21:26 Windows Update 25-11-2014 12:21:36 avast! antivirus system restore point 25-11-2014 12:23:59 Removed SpyHunter ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-11-24 12:51 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2D4724B6-F323-44A7-BEED-A454E4236A79} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-1 => C:\Program Files (x86)\App Lid\App Lid-codedownloader.exe <==== ATTENTION Task: {331BFE01-26B0-4399-8180-E2EE9E571EFF} - System32\Tasks\{C90CEAE7-17B9-4F29-BAAE-635A2BE1BD13} => C:\Program Files (x86)\Symulator Farmy 2011\FarmingSimulator2011.exe [2010-10-27] (GIANTS Software GmbH) Task: {37B01AE4-DBA0-4FF0-9B71-29E0489AA463} - System32\Tasks\41cc74a2-f9e1-42ce-b674-9b073cebf85d => C:\Program Files (x86)\App Lid\41cc74a2-f9e1-42ce-b674-9b073cebf85d.exe [2014-11-06] () <==== ATTENTION Task: {3DD06DEF-2928-489E-AB47-2506724714F3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3448794057-2279744148-3698898670-1000 Task: {46DC9BFD-B548-482A-A212-B3FB599C2A55} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-11 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-11.exe <==== ATTENTION Task: {603BB8CF-6D82-4A5A-A0AF-359D7D38061E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.) Task: {6218ABFE-5B18-47CF-B84C-46107215B666} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-2 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-2.exe <==== ATTENTION Task: {67734A5B-CB63-4097-A58F-54178EED332E} - System32\Tasks\{634D9B69-1634-4909-87C5-2D5E59B31A0A} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.115/pl/go/help.faq.installer?source=lightinstaller&LastError=1618 Task: {7E62BFFB-B689-41E6-90B9-174C736C4362} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-7 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-7.exe <==== ATTENTION Task: {8948E107-93FD-4E78-A712-C58434D679FB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software) Task: {8FD661F4-B96F-4B70-85A9-DA0BA942827F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-17] (Adobe Systems Incorporated) Task: {9477279D-9F73-4B3D-AC23-4218D9846C26} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9A055981-E0DF-4BD6-B553-9A5AC5DD9306} - System32\Tasks\{0777358C-9C35-47DB-B729-1A4313986CED} => C:\Program Files (x86)\Symulator Farmy 2011\FarmingSimulator2011.exe [2010-10-27] (GIANTS Software GmbH) Task: {A2814395-F36A-4498-98BC-BA27A5D1A97F} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-6 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-6.exe <==== ATTENTION Task: {A6C4BC99-D3CD-4592-B7DD-156E610FCE21} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3448794057-2279744148-3698898670-1000Core => C:\Users\Gizela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-21] (Facebook Inc.) Task: {B463169F-4DDE-44FC-90D7-1519AB33B924} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-4 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-4.exe <==== ATTENTION Task: {BBED1248-27A0-499D-811B-4263E37D3D27} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-5 => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-5.exe <==== ATTENTION Task: {BCE42ECF-001D-4AA6-AA1C-26C4BB021889} - System32\Tasks\6070a7d1-1af5-40e0-b8d0-b739e1342b90 => C:\Program Files (x86)\App Lid\6070a7d1-1af5-40e0-b8d0-b739e1342b90.exe [2014-11-06] (Lid) <==== ATTENTION Task: {C4B19A72-971A-4541-9E5D-C48BFEF37846} - System32\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-5_user => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-5.exe <==== ATTENTION Task: {E0D5CE10-E546-491F-BC4B-A55DE857AE22} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3448794057-2279744148-3698898670-1000UA => C:\Users\Gizela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-21] (Facebook Inc.) Task: {ED68F98D-7B27-4BF9-A5A9-62E082B786FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.) Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-1.job => C:\Program Files (x86)\App Lid\App Lid-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-11.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-11.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-2.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-2.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-4.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-4.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-5.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-5.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-5_user.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-5.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-6.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-6.exe <==== ATTENTION Task: C:\Windows\Tasks\15a95899-4597-4892-b9fc-55ff763ceba5-7.job => C:\Program Files (x86)\App Lid\15a95899-4597-4892-b9fc-55ff763ceba5-7.exe <==== ATTENTION Task: C:\Windows\Tasks\41cc74a2-f9e1-42ce-b674-9b073cebf85d.job => C:\Program Files (x86)\App Lid\41cc74a2-f9e1-42ce-b674-9b073cebf85d.exe <==== ATTENTION Task: C:\Windows\Tasks\6070a7d1-1af5-40e0-b8d0-b739e1342b90.job => C:\Program Files (x86)\App Lid\6070a7d1-1af5-40e0-b8d0-b739e1342b90.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3448794057-2279744148-3698898670-1000Core.job => C:\Users\Gizela\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3448794057-2279744148-3698898670-1000UA.job => C:\Users\Gizela\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-01-05 20:53 - 2011-01-05 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2014-11-06 17:54 - 2014-11-06 17:54 - 00032672 _____ () C:\Program Files (x86)\App Lid\41cc74a2-f9e1-42ce-b674-9b073cebf85d.exe 2011-05-02 01:21 - 2011-04-15 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-01-05 20:53 - 2011-01-05 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2014-11-25 09:18 - 2014-11-25 09:18 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112500\algo.dll 2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-21 09:40 - 2014-04-21 09:40 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-29 20:24 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-10-29 20:24 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-10-29 20:24 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-29 20:24 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2014-10-29 20:24 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll 2014-11-25 13:25 - 2014-11-25 13:25 - 00193120 _____ () C:\Users\Gizela\AppData\Local\Temp\GLC70.tmp ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\Software\Classes\.exe: exefile => <===== ATTENTION! HKU\S-1-5-21-3448794057-2279744148-3698898670-1000\Software\Classes\exefile: <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3448794057-2279744148-3698898670-500 - Administrator - Disabled) Gizela (S-1-5-21-3448794057-2279744148-3698898670-1000 - Administrator - Enabled) => C:\Users\Gizela Gość (S-1-5-21-3448794057-2279744148-3698898670-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Microsoft Virtual WiFi Miniport Adapter #2 Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/25/2014 10:52:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/25/2014 10:51:42 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/25/2014 08:56:05 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10670 Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10670 Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/25/2014 07:51:58 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 07:47:08 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 07:46:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/24/2014 02:52:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (11/25/2014 10:52:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (11/25/2014 10:51:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd: %%16405 Error: (11/25/2014 10:51:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (11/25/2014 10:50:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Host systemu diagnostyki z powodu następującego błędu: %%1115 Error: (11/25/2014 10:50:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Serwer zakończyła działanie; wystąpił następujący błąd: %%1062 Error: (11/25/2014 10:50:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Agent zasad IPsec z powodu następującego błędu: %%109 Error: (11/25/2014 10:50:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (11/25/2014 07:45:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Kod błędu: 258 Error: (11/25/2014 07:44:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (11/25/2014 07:44:18 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 07:42:24 na ‎2014-‎11-‎25 było nieoczekiwane. Microsoft Office Sessions: ========================= Error: (11/25/2014 10:52:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/25/2014 10:51:42 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/25/2014 08:56:05 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10670 Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10670 Error: (11/25/2014 08:19:16 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/25/2014 07:51:58 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 07:47:08 AM) (Source: Google Update) (EventID: 20) (User: Gizela-Komputer) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (11/25/2014 07:46:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/24/2014 02:52:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 75% Total physical RAM: 4008.62 MB Available physical RAM: 995.98 MB Total Pagefile: 8015.42 MB Available Pagefile: 4604.3 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:156 GB) (Free:63.82 GB) NTFS Drive d: (Data) (Fixed) (Total:289.13 GB) (Free:105.33 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E9EAF4FC) Partition 1: (Active) - (Size=2.1 GB) - (Type=27) Partition 2: (Not Active) - (Size=463.7 GB) - (Type=OF Extended) ==================== End Of Log ============================