Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-04-2017 01
Uruchomiony przez Michał (23-04-2017 16:54:49)
Uruchomiony z C:\Users\Michał\Desktop\FIXIT
Windows 10 Education Wersja 1703 (X64) (2017-04-23 09:41:58)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2280503538-1542354952-1058851140-500 - Administrator - Disabled)
Gość (S-1-5-21-2280503538-1542354952-1058851140-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2280503538-1542354952-1058851140-503 - Limited - Disabled)
Michał (S-1-5-21-2280503538-1542354952-1058851140-1001 - Administrator - Enabled) => C:\Users\Michał

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Avast Antivirus (Disabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Avast Antivirus (Disabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
AppHelper (HKLM-x32\...\AppHelper) (Version: 1.0 - AppHelper) <==== UWAGA
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.1.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.03.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.53 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
BDE_ENT (x32 Version: 5.1.1 - Borland Software Corp.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
Connectify 2017 (HKLM\...\Connectify) (Version: 2017.2.3.38497 - Connectify)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0229 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Diagnostyka drukarki Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
DiRT 3 Profile Import version 1.0 (HKLM-x32\...\{FCFCFCFC-FCFC-FCFC-FCFC-FCFCFCFCFCFC}_is1) (Version: 1.0 - )
Dying Light Update v1.5.1 (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
ElfBot NG 4.5.4 (HKLM-x32\...\ElfBot NG_is1) (Version:  - NGSoft, LLC)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version:  - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Mafia Game (HKLM-x32\...\Mafia Game) (Version:  - )
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
Microsoft Office Professional 2016 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProplusRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Project Professional 2016 - pl-pl (HKLM\...\ProjectProRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pl-pl (HKLM\...\VisioProRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.3 - Napisy24.pl)
Nero 9 Essentials (HKLM-x32\...\{69f339ca-d7a2-4743-adf9-54f7236c4066}) (Version:  - Nero AG)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Pakiet sterowników systemu Windows - ASUS (ATP) Mouse  (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
Panel sterowania NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.57.0 - Ralink)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.3.26.13113 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.833.833.101614 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25.05.2015) - Samsung Electronics Co., Ltd.)
Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.25 (07.09.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Ghost Warrior (HKLM-x32\...\Sniper Ghost Warrior_is1) (Version:  - )
Spotify (HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher 3 Wild Hunt (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: 1.02 - Релиз от R.G. Steamgames)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
War Thunder Launcher 1.0.1.702 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
World of Tanks (HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0617FCF0-45C6-4680-9638-155D11281CF1} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {0F12A525-C545-4C19-AC6F-CD86747AEF5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {21A22A5E-0E03-4AC5-B0B5-257ED093011E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.)
Task: {3460D9AB-E5DC-4374-9E7C-E4EE551E4DC1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {35CDB61C-2CED-4A00-9BBF-3E60BFB32708} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3F679736-9E76-4F83-8944-69F02E977255} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-11] (Microsoft Corporation)
Task: {4D8E05AB-D346-435B-9409-657E345D75BB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA
Task: {4FABA8FE-3BFD-4F73-9988-1AD25311F77C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {51E88A3C-E4E6-4213-97A8-B8128D0535C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {60E07311-2C9C-4A49-97A4-67A06B312A95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {770AEBE0-6566-4DA8-B217-5B2DABB7BB33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {7906427A-1DCF-4013-BB77-713B38CF59B2} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-09-11] (ASUS)
Task: {79784B90-92DA-4BE8-8BE8-485A25BC1E58} - \McAfee\McAfee Idle Detection Task -> Brak pliku <==== UWAGA
Task: {7DDBD915-5F00-4969-B2AA-2D271AB1966E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {93ED65EB-A353-44F7-A3B2-8DA3CAAD9A85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {948C6EA4-0401-44C4-9C40-F72AB6386D34} - \WPD\SqmUpload_S-1-5-21-2280503538-1542354952-1058851140-1001 -> Brak pliku <==== UWAGA
Task: {A107BAE4-3785-4BF4-AC18-8236BADD9BE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-23] (AVAST Software)
Task: {A891906D-C7BB-4455-ABB4-5ACA2B477A23} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {B0374D46-4AAA-4377-8591-A60D9BEFB434} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe 
Task: {B0C157A3-D6E8-4D56-8DD2-070AFF140740} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {BEA59336-96E3-4593-A2BF-0C12842516C2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {C24E804E-D11E-4B5B-A200-5AB9718AC468} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C87BCEDB-EEB9-46AE-9497-0A2167BBE8E9} - System32\Tasks\OInstall => C:\WINDOWS\OInstall.exe [2016-04-29] ()
Task: {CB8FB97F-EA4F-49E6-88BF-92C39802513E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.)
Task: {CF9756B8-FC27-48D4-B66E-4F1EC3F88BA2} - System32\Tasks\Priientpruretain Debuger => C:\Program Files (x86)\Drerrationphuceck\xdroverph.exe [2017-04-23] (Google Inc.)
Task: {D1814ABA-F15E-4EDF-B830-D8646D99EB99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {D278674A-7375-4C30-AC52-82206F40B1F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-23] (AVAST Software)
Task: {D29C3BF5-4571-41B1-8F0C-C3291C0991AC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {D5C9F630-ECCB-4AE9-8B24-3DCF047E2117} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {D68810D6-E38C-4515-A204-E40007CF450A} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe  <==== UWAGA
Task: {D9A429E4-EB06-46DA-A296-BB70CF9F0DA1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {DB54677E-010A-41ED-ADE0-9190E375017B} - System32\Tasks\{F1AC8AAB-C446-49AB-AB4C-09EB9FCE4B4F} => pcalua.exe -a D:\Games\Mafia\Game.exe -d D:\Games\Mafia\
Task: {EF081AEF-C316-40CC-911C-B155D43FDE74} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA

ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\MICHA~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\user0 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\276bc18f565c8259\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=chagulybuvertainmibile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\MICHA~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\MICHA~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/

==================== Załadowane moduły (filtrowane) ==============

2017-04-23 12:38 - 2017-04-23 12:38 - 00311296 _____ () C:\Program Files (x86)\Priientpruretain Debuger\local64spl.dll
2016-01-28 15:43 - 2015-12-05 13:02 - 00491328 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 05:59 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-10 21:10 - 2017-04-10 21:10 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 21:10 - 2017-04-10 21:10 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 21:10 - 2017-04-10 21:10 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 21:10 - 2017-04-10 21:10 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-06 19:31 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 19:31 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-04-11 20:06 - 2017-03-31 11:50 - 31113816 _____ () C:\Users\Michał\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.148\pepflashplayer.dll
2017-02-24 00:58 - 2017-02-22 23:08 - 00925240 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2017-04-23 14:47 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-04-23 14:47 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-04-23 14:47 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-04-23 14:47 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-04-23 14:47 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-04-23 13:22 - 2017-04-23 13:22 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-23 13:23 - 2017-04-23 13:23 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-23 13:22 - 2017-04-23 13:22 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-23 13:22 - 2017-04-23 13:22 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00114280 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QMAntiInject.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\zlib.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00491112 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\sqlite.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\tinyxml.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00049256 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00073320 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00039016 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\oDayProtect.dll
2017-04-23 15:44 - 2017-04-23 15:44 - 00134760 _____ () c:\program files (x86)\tencent\qqpcmgr\11.8.17919.214\qmrtpcontroller.dll
2017-04-23 16:54 - 2017-04-23 16:54 - 00380928 _____ () C:\Users\Michał\Downloads\4wo4h7y8.exe

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\ProgramData\TEMP:6BE50C2B [464]
AlternateDataStreams: C:\ProgramData\TEMP:A1454082 [640]
AlternateDataStreams: C:\ProgramData\TEMP:E25BED53 [634]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ==========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 15:25 - 2016-10-28 20:26 - 00002570 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com

Wykryto więcej niż wyliczono: 17 linii.


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 82.160.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: ClientAnalyticsService => 3
MSCONFIG\Services: gyrovede => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Uedeb => 2
MSCONFIG\Services: xehiqudyzbt => 2
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "ic-0.c227a52404b52"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "ALLUpdate"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "Napisy24.pl"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "Napisy24Update"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "ALLPlayer WiFi Remote"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "secap.exe"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{6D68D2BB-8AC3-4EDB-B5CE-B68B0038891A}C:\windows\files\bin\kmss.exe] => (Block) C:\windows\files\bin\kmss.exe
FirewallRules: [TCP Query User{1B3DA6D9-04CD-46A7-9E4A-24491935024E}C:\windows\files\bin\kmss.exe] => (Block) C:\windows\files\bin\kmss.exe
FirewallRules: [{40524261-9CD6-4AA8-A4B2-64CA4806C9DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{496A195A-35F3-413E-90CA-1B0E4FB6FB17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{62CCAE78-6C41-409E-9ED2-F4FC6DB57E45}] => (Allow) D:\Games\WOT\worldoftanks.exe
FirewallRules: [{69EE4068-95B7-428C-9163-42AD8ADDC5A4}] => (Allow) D:\Games\WOT\worldoftanks.exe
FirewallRules: [{251A8CDC-BD05-4DE4-968A-4FF8A0A17892}] => (Allow) D:\Games\WOT\WoTLauncher.exe
FirewallRules: [{EF5496A1-7EBB-4DD5-8B08-C846CC2AE772}] => (Allow) D:\Games\WOT\WoTLauncher.exe
FirewallRules: [UDP Query User{0DBF735F-22A1-4052-BC5F-7FEB0BE0608C}D:\games\russobit-m\worms armageddon\wa.exe] => (Allow) D:\games\russobit-m\worms armageddon\wa.exe
FirewallRules: [TCP Query User{AD92B0EC-3187-47D3-B978-710A2BFC4BDF}D:\games\russobit-m\worms armageddon\wa.exe] => (Allow) D:\games\russobit-m\worms armageddon\wa.exe
FirewallRules: [{26AA77A6-AF19-4560-8EA0-C2E981CD4151}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{ECFFBEB7-45EC-43E4-8826-29DFF082EAA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7D373D4A-B18D-4D4B-A722-145585E2519E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{63FE7EBC-D211-4FCD-A659-0103D3ACF5B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{C3E8033A-5FCD-485E-BDAA-C7A0BCE019C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21140F18-4BFB-4022-8DC5-9BC39880EDD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{892E2E88-33DB-468B-84E3-D2ED3B66B6BC}D:\games\call of duty- modern warfare 3\iw5mp_server.exe] => (Block) D:\games\call of duty- modern warfare 3\iw5mp_server.exe
FirewallRules: [TCP Query User{7736707B-908D-4E34-8BC1-DF4619B676BB}D:\games\call of duty- modern warfare 3\iw5mp_server.exe] => (Block) D:\games\call of duty- modern warfare 3\iw5mp_server.exe
FirewallRules: [UDP Query User{CF0A4A43-449E-41DC-9419-2D43F4BA7504}C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{ED33B35D-BEFA-4B2C-B209-FDAE28E04FD2}C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{87B1F406-A131-445F-913F-662276300F1C}C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{AF699F51-40ED-4F65-9E76-7531EDF3064F}C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\r.g. mechanics\grand theft auto v\gta5.exe
FirewallRules: [{ADFF8FE7-51DF-427F-B4C8-D932281D6DBF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{05FBC0A8-24E9-4C3C-AAAA-5A76184DDEC4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{081D9226-4EEF-4C42-B902-8869CFE8F44A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2023FBA9-6A8E-413E-8599-3727B8A7352C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9488FFF7-C58B-4492-9C7C-9B0C1404F3A8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{9E042E95-15FD-4D63-A673-BECCED3DFA8B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{691A92E7-BA3E-4866-8C6F-5F88F30EA173}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{6BB5CE92-203E-4CD0-90E6-C439CE8131F2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A3484DFE-8C9D-41EF-800A-96A96D46AD8C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{20380833-22ED-4CF6-AA72-1822B0575038}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{842DD310-A400-405F-9ACA-5275F4436E1D}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{214A75A0-7FA5-4E68-9D73-2553E510EE70}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{06BC7716-71E2-45D4-B2B2-1930E861B209}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66A129EB-29B1-4994-A1F2-2234BBD85FDA}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2767FE31-418F-448E-88B6-8F394CEDC8B8}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B8076938-48E9-4C1B-A41F-EBC258B79CF2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8C21C1DA-B51D-4A5C-88C5-A42F71D66573}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D5189C4B-C0C2-49B7-A652-B88FDA3E8F83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E9506DCA-B20E-4772-A831-69E14B7B6F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CC7B51FC-6952-4C28-93D4-21F9CDC80B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57930881-5B60-4A1B-A1E5-2A80F33EAE31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0018B0AA-C830-40C1-A4CC-0CE5292959D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{8046AE60-AC33-447B-BEE2-7007A9094189}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{2D7A0E7A-B898-4B3F-8E1E-D79738E4D326}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{854AEDAF-F03E-4A72-83F3-1834473D54B0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{D234D34F-27A1-42EB-92CC-63DCDEC0ABF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5A9281C5-BF4F-477E-A0BE-BC6696E0247C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6B1165CB-C745-4843-BAE8-51747EE9FBED}] => (Allow) D:\Games\WarThunder\launcher.exe
FirewallRules: [{BFF2792F-AB33-4C27-A4BE-4D0CCED9A269}] => (Allow) D:\Games\WarThunder\launcher.exe
FirewallRules: [{5798BDA4-A767-42BD-BA6A-54BD19278E9E}] => (Allow) D:\Games\WarThunder\run.exe
FirewallRules: [{688E6890-780C-4D95-96B1-4DDCA7DC8EE7}] => (Allow) D:\Games\WarThunder\run.exe
FirewallRules: [{3D017508-5C56-45BC-9A69-1C35E89AC5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{11AF3DB6-4A97-4FB9-9E56-9396E7637684}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BA9F0814-489A-4082-BEDE-55233B4AA132}] => (Allow) C:\Program Files (x86)\Wi-Fi\Wi-Fi.exe
FirewallRules: [{A44C0F21-F85D-434A-BBE5-8FCAEB6D07CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{AA865385-88CE-4447-9303-A69C41FF4437}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0D21FE97-C9C3-4256-A3C8-F3E0FD843AB7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D9A77B7F-58C1-403A-85C0-18F85A1E8A97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DE583685-212A-4DC9-AB44-60033711C375}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{72090E34-DF35-4E28-A7ED-53407D4604B7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{FB566DCD-221C-4335-AEF3-EED60A2C673E}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{927B3D9B-358B-4043-9A5A-EB1A0F02BB88}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{CA0F9B16-DFCD-45CF-ACBF-CEF927AB9423}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{D2746AB4-D93F-47A4-A3D2-62DBFF2EF105}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{D84F6DE6-5896-46B5-BD9D-328A0C09CF25}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{5524BCB6-C148-4106-991E-7C821B826788}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{D7DED479-704B-4089-B32D-45913A11A998}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{529D628C-40F9-41B7-B5B5-8E56188DB5AF}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{C0854B81-1506-420A-AA31-928C9523A1EC}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{957E4BD6-52A9-4461-965A-86DD2845F1BE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{8A9190F3-4BDF-4A3E-9C42-7EF5FD2957A0}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{380553DE-0C4D-4C4B-9674-6CE9C9C9A6B4}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{F1514600-B3D3-41CB-B9BA-B4248A30C7BC}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{795F1DAE-D3BB-41A9-ADF2-8620A09CE3ED}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{303E9D82-F636-4BBC-B8A5-792F2CF6BCF3}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{B8A807AC-BE03-41CC-9AE3-A67A16EC4F0E}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{0079B276-9521-4041-932F-996DC56B4D7F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCTray.exe
FirewallRules: [{E463E493-6AD6-476E-B4E0-01AAF6B6A7B7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCMgr.exe
FirewallRules: [{7AF57DA5-84D8-451F-B740-9DDB076C2FAC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCRTP.exe
FirewallRules: [{AD80385B-65E9-4E51-8874-5503BC026C51}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QMDL.exe
FirewallRules: [{1C53F4EF-446C-424B-B66D-7B5DDA28597C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\bugreport.exe
FirewallRules: [{727273CB-8676-459E-97B7-790801791D96}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCFileOpen.exe
FirewallRules: [{D4023438-3F6B-4CBE-BBE3-563F720756D1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCLeakScan.exe
FirewallRules: [{42E2A504-E4DE-4D09-971E-3A8B18D71E97}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPConfig.exe
FirewallRules: [{AEA00555-FE21-4A9F-B38D-5AF2EF3A4BEE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCSoftMgr.exe
FirewallRules: [{8009D749-7C2F-40FF-9E94-BE5912CF0F75}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{B088CFAE-2FD6-4901-A6C0-5A9C4C38C964}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCBTU.exe
FirewallRules: [{935A3E96-D921-485C-9F77-39F58A3332DC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCClinic.exe
FirewallRules: [{70E0D0B4-00B7-4D91-A728-5574DE00AD31}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCLaunch.exe
FirewallRules: [{0BE7C352-6BC3-46C5-A896-1B1BCA76C5C9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{3EA4BCA9-B841-44E6-806F-8F24FBDE0E6C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCSoftGame.exe
FirewallRules: [{B26956F3-86E7-44CE-BCF4-B78E4F69F1A8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCSysOptimize.exe
FirewallRules: [{1675ABCB-E86F-470C-9335-54F550607E0D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCUpdateAVLib.exe
FirewallRules: [{35240FFD-7F61-4869-A568-C76769719837}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQRepair.exe
FirewallRules: [{73881269-FF37-4E92-9184-9ADB26B24DB7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\Uninst.exe
FirewallRules: [{5BCC60BB-582F-40B1-90D4-8AFF495E9AC3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCPatch.exe
FirewallRules: [{7485423A-60D1-4A1A-B447-5530D59000AF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\TpkUpdate.exe
FirewallRules: [{4CE769CF-78E8-4930-A438-2354516D1B7D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QMAccountProtection.exe
FirewallRules: [{4BAE6164-1338-4F83-8A2E-8B2623B9F0DB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QMAdBlock.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Punkty Przywracania systemu =========================

23-04-2017 12:44:48 Removed Cuning
23-04-2017 13:30:57 JRT Pre-Junkware Removal
23-04-2017 13:52:17 JRT Pre-Junkware Removal
23-04-2017 14:10:37 JRT Pre-Junkware Removal
23-04-2017 15:10:30 JRT Pre-Junkware Removal
23-04-2017 16:42:23 JRT Pre-Junkware Removal

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/23/2017 04:55:40 PM) (Source: COM) (EventID: 10031) (User: )
Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {95CABCC9-BC57-4C12-B8DF-BA193232AA01} została odrzucona.

Error: (04/23/2017 04:55:38 PM) (Source: COM) (EventID: 10031) (User: )
Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {95CABCC9-BC57-4C12-B8DF-BA193232AA01} została odrzucona.

Error: (04/23/2017 03:45:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL)
Description: Aktywacja aplikacji Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/23/2017 03:44:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL)
Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/23/2017 03:25:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL)
Description: Aktywacja aplikacji Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/23/2017 03:10:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary QMUdisk.

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (04/23/2017 03:10:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary TSSysKit.

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (04/23/2017 02:57:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe w wersji 1.0.1703.13001 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.

Identyfikator procesu: 2f7c

Godzina rozpoczęcia: 01d2bc30dc007a43

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Identyfikator raportu: 34f46e6b-15b7-4313-9ea6-93a75c40a719

Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/23/2017 02:57:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/23/2017 02:37:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.


Dziennik System:
=============
Error: (04/23/2017 04:43:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (04/23/2017 04:10:19 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 i identyfikatorem aplikacji APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/23/2017 03:47:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Usługa Menedżer pobranych map zawiesiła się podczas uruchamiania.

Error: (04/23/2017 03:46:20 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {784E29F4-5EBE-4279-9948-1E8FE941646D} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/23/2017 03:45:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Intel(R) Management and Security Application Local Management Service z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (04/23/2017 03:45:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) Management and Security Application Local Management Service.

Error: (04/23/2017 03:45:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Intel(R) Dynamic Application Loader Host Interface Service z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (04/23/2017 03:45:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) Dynamic Application Loader Host Interface Service.

Error: (04/23/2017 03:45:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: 
Odmowa dostępu.
.

Error: (04/23/2017 03:45:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: 
Odmowa dostępu.
.


==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
Procent pamięci w użyciu: 34%
Całkowita pamięć fizyczna: 8081.05 MB
Dostępna pamięć fizyczna: 5264.13 MB
Całkowita pamięć wirtualna: 9987.05 MB
Dostępna pamięć wirtualna: 7183.14 MB

==================== Dyski ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:231.12 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:204.62 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2B0E4E47)

Partition: GPT.

==================== Koniec  Addition.txt ============================