Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-08-2016 01
Uruchomiony przez Kuchta (2016-08-14 18:33:00)
Uruchomiony z C:\Users\Kuchta\Desktop
Windows 10 Pro Wersja 1607 (X64) (2016-08-10 14:14:07)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-549441426-3907127941-1763632220-500 - Administrator - Disabled)
defaultuser0 (S-1-5-21-549441426-3907127941-1763632220-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gość (S-1-5-21-549441426-3907127941-1763632220-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-549441426-3907127941-1763632220-503 - Limited - Disabled)
Kuchta (S-1-5-21-549441426-3907127941-1763632220-1001 - Administrator - Enabled) => C:\Users\Kuchta

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent Ad-Free (HKU\S-1-5-21-549441426-3907127941-1763632220-1001\...\uTorrent) (Version: 3.4.8.42499 - BitTorrent Inc.)
ACP Application (Version: 2016.0811.0433.30 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus dla IE (32-bitowego i 64-bitowego) (HKLM\...\{C125F8CB-B09F-4DA0-B74E-2A77B4462009}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.230 - Adobe Systems Incorporated)
Adobe Flash Player NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
ALLPlayer (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
AMD Crimson Edition (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Ashampoo MyAutoplay Menu  (HKLM-x32\...\Ashampoo MyAutoplay Menu_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
CCleaner Pro (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Crysis 3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Default Programs Editor (HKLM\...\Default Programs Editor) (Version: 2.7.2675.2253 - factormystic.net)
Defraggler Pro (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Driver Booster Pro (HKLM-x32\...\Driver Booster Beta_is1) (Version: 4.0.1 - IObit)
EMET 5.5 (HKLM-x32\...\{E27E74F0-0EAD-4C5D-8F6F-1C9192D24AA5}) (Version: 5.5 - Microsoft Corporation)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
IrfanView x64 (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 9 (64-bit) (HKLM\...\{DA69628A-2608-5BA9-8749-1EE90CB29D95}) (Version: 9.0.0.0 - Oracle Corporation)
Java 9 (HKLM-x32\...\{27F77A89-05E5-515A-B827-3267967CEC02}) (Version: 9.0.0.0 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.5.485 - Kaspersky Lab) Hidden
Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kaspersky Total Security 2016 (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Mondo 2016 - pl-pl (HKLM\...\MondoRetail - pl-pl) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 3.1.2 (HKLM-x32\...\{d705b4dc-2aa8-4215-9b13-4fad5dcda72b}) (Version: 12.0.30815.0 - Microsoft Corporation)
Microsoft Visual F# 4.0 (HKLM-x32\...\{ab9c007e-6675-4ab5-81f8-7001b49707cf}) (Version: 14.0.23020.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.0.1.20627 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.4.12.47 - Razer Inc.)
Realtek High Definition Audio Driver x64 (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7908 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro  (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Skype Web Plugin (HKLM-x32\...\{34E6C3B4-9354-41C2-9484-25B17F48E7E9}) (Version: 7.13.0.71 - Skype Technologies S.A.)
SSD Fresh 2016 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 5.0 - Abelssoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tracer Gaming Mouse (HKLM-x32\...\{4F2CBB98-A9AB-4A7A-9DDC-00E340E42B9F}) (Version: 1.00 - Tracer Gaming Mouse)
Unlocker (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual F# 4.1 SDK (HKLM-x32\...\{5ADB9708-9ADA-3786-8D8E-C93E5E9F2594}) (Version: 14.0.23801 - Microsoft Corporation)
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.3.551.30 - Vivaldi)
Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Winamp Color Themes Pack  (HKLM-x32\...\Winamp Color Themes Pack) (Version: 2.3 - Paweł Porwisz)
Winamp Pakiet PL (HKLM-x32\...\Winamp PL) (Version: 5.666 - Paweł Porwisz)
Winamp Pro (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-549441426-3907127941-1763632220-1001_Classes\CLSID\{34BEB704-B055-4D67-9AC1-C852E0E3DFA4}\localserver32 -> C:\Users\Kuchta\AppData\Local\SkypePlugin\7.13.0.71\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-549441426-3907127941-1763632220-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kuchta\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-549441426-3907127941-1763632220-1001_Classes\CLSID\{79DF62FC-32CA-4F29-A0C2-FBD17AB15D63}\InprocServer32 -> C:\Users\Kuchta\AppData\Local\SkypePlugin\7.13.0.71\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-549441426-3907127941-1763632220-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Kuchta\AppData\Local\SkypePlugin\7.13.0.71\EdgeCalling.exe (Skype Technologies S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0757809D-9B46-40E5-B67C-B388A3D820E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {154939E8-578B-4F1A-ACAB-47AD13208795} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {160E87CB-DB9F-40C8-A4AB-4E89B4187622} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {304D9080-AA43-4F06-8839-E4AFB8D7A9F5} - System32\Tasks\R@1n-KMS\Office16Mondo => wmic [Argument = path SoftwareLicensingProduct where (ID="9caabccb-61b1-4b4b-8bec-d10a3c3ac2ce") call Activate]
Task: {438A4D4E-663D-41E4-9692-64454B88564D} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-08-11] (Advanced Micro Devices, Inc.)
Task: {44AE62B5-E8C7-41A7-858B-A70552B9AF77} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-17] (Microsoft Corporation)
Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {5DC04922-7D91-493D-A7D0-FB6DE695D5D4} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-17] (Microsoft Corporation)
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {64EE046C-DF7D-4A87-B68D-03979E0364EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-08-12] (Microsoft Corporation)
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {87D2E113-6C10-4CF7-8110-E7D1753FBE33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-08-12] (Microsoft Corporation)
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation)
Task: {9CBCF63A-0264-4467-9214-6A1308C5B54D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {ADEB75AD-047B-42BA-813E-CD74579CD0A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-10] (Microsoft Corporation)
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

==================== Załadowane moduły (filtrowane) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-08-10 18:15 - 2016-08-10 18:15 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-06-30 10:23 - 2016-06-30 10:23 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\Windows\SYSTEM32\CHARTV.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-10 16:28 - 2016-08-10 16:28 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-10 17:29 - 2010-07-15 12:54 - 00159744 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\mousehid.exe
2016-08-10 17:29 - 2012-03-05 17:43 - 00135168 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\trayicon.exe
2016-08-11 14:16 - 2016-08-10 16:52 - 01012344 _____ () C:\Program Files\Vivaldi\Application\1.3.551.30\ffmpeg.dll
2016-08-11 14:16 - 2016-08-10 16:52 - 02358904 _____ () C:\Program Files\Vivaldi\Application\1.3.551.30\libglesv2.dll
2016-08-11 14:16 - 2016-08-10 16:52 - 00100472 _____ () C:\Program Files\Vivaldi\Application\1.3.551.30\libegl.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
2016-06-30 13:24 - 2016-06-30 13:24 - 00564224 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2016-08-10 17:29 - 2009-10-28 09:28 - 00249856 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\language.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\AcroTray.pol

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

HKU\S-1-5-21-549441426-3907127941-1763632220-1001\Software\Classes\batfile:  <===== UWAGA
HKU\S-1-5-21-549441426-3907127941-1763632220-1001\Software\Classes\.bat: batfile =>  <===== UWAGA
HKU\S-1-5-21-549441426-3907127941-1763632220-1001\Software\Classes\cmdfile:  <===== UWAGA
HKU\S-1-5-21-549441426-3907127941-1763632220-1001\Software\Classes\.cmd: cmdfile =>  <===== UWAGA

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ==========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2016-08-13 13:06 - 2016-08-13 13:06 - 00403627 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 idb.iobit.com
127.0.0.1 asc55.iobit.com
127.0.0.1 is360.iobit.com
127.0.0.1 asc.iobit.com
127.0.0.1 pf.iobit.com
127.0.0.1 iunins.iobit.com
127.0.0.1 sd.iobit.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com

Wykryto więcej niż wyliczono: 13216 linii.


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-549441426-3907127941-1763632220-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuchta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 85.11.66.36 - 85.11.66.45
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{9965AF68-57C7-46E6-85D3-0B462110713C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F89BC18C-A4D5-4416-A65E-1945EEB2AF34}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C27B5756-9763-4F76-BC62-37C1CBD9E274}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A78F9584-8804-4D01-9102-2E9E19112DF9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{62E1F75B-7DA4-4DD4-A565-0D0DCD30905B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{617D6635-A9D8-4F87-9592-C20484AFCB79}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E88C8705-0144-4D54-BB33-C6E563E149B8}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{65FCCF83-A31A-4D6D-9132-0AD2D6163F58}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{45026E52-5E8D-4336-9D8D-E6961F2ADDD3}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94520CC9-0F78-4AB9-8EB3-D43C3E0353CF}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DB4FAC7B-B103-40E9-B344-90C476EA6E7A}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9E8BBE84-63AC-4234-9D35-28F2CE6730BA}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67F4977C-F332-4C6F-A13C-576C0FF23671}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A362B9AA-DFA8-434D-B2E0-52A04AAD245A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{67DF0982-42F0-4FB4-8DBC-DC7F0FA2B5AC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7EFDC181-9F27-4ABC-A479-ED264A116C41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{1FBA6A6E-19E5-43B9-982E-5999F6F11426}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{0720371E-24A3-410A-8100-2E6953C7570F}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe
FirewallRules: [{B05209D8-A1F2-44F6-A10A-C2BC599F4241}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{CE816EAE-2CC9-441E-B6EF-7B9259FF6729}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe
FirewallRules: [{6B53D7AC-E734-4FC8-8007-D4FD73B37F12}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{14377D1C-4851-42DC-A2F1-EA8BEE6567A3}] => (Allow) C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7182107B-905B-4FC9-8DE9-9FEACEA23B04}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\DriverBooster.exe
FirewallRules: [{721843F3-4FB8-4F4F-B359-EB07DE0F4D22}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\DriverBooster.exe
FirewallRules: [{2435C805-DEB0-46EB-978C-83A804DC195B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\DBDownloader.exe
FirewallRules: [{55BA1867-6575-4836-86A4-9F376760FBC3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\DBDownloader.exe
FirewallRules: [{580938D6-35E5-4B59-8FCF-7DBBCF6C3116}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\AutoUpdate.exe
FirewallRules: [{57A87784-7468-4A57-9DBE-C3B0799E4B81}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.1\AutoUpdate.exe
FirewallRules: [{09868B24-BD9D-49F2-AC5D-BCEC64796AA9}] => (Allow) D:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{C43EFE30-C563-4705-93F3-158CC6DB7F0D}] => (Allow) D:\Origin Games\Crysis 3\Bin32\Crysis3.exe

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (08/14/2016 06:18:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: sh9g12bm.exe, wersja: 2.2.19882.0, sygnatura czasowa: 0x56e2cdca
Nazwa modułu powodującego błąd: sh9g12bm.exe, wersja: 2.2.19882.0, sygnatura czasowa: 0x56e2cdca
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0008dcc4
Identyfikator procesu powodującego błąd: 0x1700
Godzina uruchomienia aplikacji powodującej błąd: 0xsh9g12bm.exe0
Ścieżka aplikacji powodującej błąd: sh9g12bm.exe1
Ścieżka modułu powodującego błąd: sh9g12bm.exe2
Identyfikator raportu: sh9g12bm.exe3
Pełna nazwa pakietu powodującego błąd: sh9g12bm.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: sh9g12bm.exe5

Error: (08/14/2016 06:08:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ALLPlayer.exe, wersja: 6.8.0.0, sygnatura czasowa: 0x577bfefd
Nazwa modułu powodującego błąd: xvidcore.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x4de6d4f4
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0001aa20
Identyfikator procesu powodującego błąd: 0x2ac
Godzina uruchomienia aplikacji powodującej błąd: 0xALLPlayer.exe0
Ścieżka aplikacji powodującej błąd: ALLPlayer.exe1
Ścieżka modułu powodującego błąd: ALLPlayer.exe2
Identyfikator raportu: ALLPlayer.exe3
Pełna nazwa pakietu powodującego błąd: ALLPlayer.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: ALLPlayer.exe5

Error: (08/14/2016 06:08:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "LAVFilters.Dependencies,type="win32",version="1.0.0.0"1".
Nie można odnaleźć zestawu zależnego LAVFilters.Dependencies,type="win32",version="1.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (08/14/2016 06:08:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "LAVFilters.Dependencies,type="win32",version="1.0.0.0"1".
Nie można odnaleźć zestawu zależnego LAVFilters.Dependencies,type="win32",version="1.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (08/14/2016 06:06:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "LAVFilters.Dependencies,type="win32",version="1.0.0.0"1".
Nie można odnaleźć zestawu zależnego LAVFilters.Dependencies,type="win32",version="1.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (08/14/2016 06:06:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "LAVFilters.Dependencies,type="win32",version="1.0.0.0"1".
Nie można odnaleźć zestawu zależnego LAVFilters.Dependencies,type="win32",version="1.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (08/14/2016 06:06:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "LAVFilters.Dependencies,type="win32",version="1.0.0.0"1".
Nie można odnaleźć zestawu zależnego LAVFilters.Dependencies,type="win32",version="1.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.


Dziennik System:
=============

==================== Statystyki pamięci =========================== 

Procesor: AMD FX(tm)-8350 Eight-Core Processor 
Procent pamięci w użyciu: 23%
Całkowita pamięć fizyczna: 16355.04 MB
Dostępna pamięć fizyczna: 12437.11 MB
Całkowita pamięć wirtualna: 19295.04 MB
Dostępna pamięć wirtualna: 14942.14 MB

==================== Dyski ================================

Drive c: (Windows 10 i Programy) (Fixed) (Total:223.02 GB) (Free:199.48 GB) NTFS
Drive d: (Gry) (Fixed) (Total:499.98 GB) (Free:488.74 GB) NTFS
Drive e: (Multimedia i Dane) (Fixed) (Total:300 GB) (Free:299.07 GB) NTFS
Drive f: (Kopia Zapasowa) (Fixed) (Total:131.51 GB) (Free:117.33 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 57AB2FB1)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 451AA471)

Partition: GPT.

==================== Koniec  Addition.txt ============================