CloseProcesses:
EmptyTemp:
HKU\S-1-5-21-3406381769-3967634618-1927701157-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil64_21_0_0_182_Plugin.exe -update plugin
HKU\S-1-5-21-3406381769-3967634618-1927701157-1002\...\MountPoints2: {d6162753-05e6-11e3-be83-b8763f0fd9ac} - "G:\autorun.exe" 
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Run: [Unified Remote V3] => "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Run: [pricefountainw.exe] => C:\Users\Kamil\AppData\Local\PriceFountain\pricefountainw.exe [461824 2014-12-07] (Price Fountain) [Brak podpisu cyfrowego]
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Run: [WallpaperSuite] => C:\Users\Kamil\AppData\Local\WallpaperSuite\WallpaperSuite.exe [1868288 2018-06-15] (WallpaperSuite) [Brak podpisu cyfrowego]
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\MountPoints2: {0df5462d-fc6b-11e7-bf4f-74d02b24b486} - "H:\Setup.exe" 
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\MountPoints2: {57e80b5c-c880-11e3-be9c-b8763f0fd9ac} - "F:\Setup.exe" 
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\MountPoints2: {d6162753-05e6-11e3-be83-b8763f0fd9ac} - "G:\MadTracks.exe" 
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {128BB1B3-90E7-4636-B963-BEF9DD0B7BB2} - System32\Tasks\Price Fountain => C:\Users\Kamil\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE
Task: {1528827E-C048-4D61-88B1-3CC30F5F19B4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {1528827E-C048-4D61-88B1-3CC30F5F19B4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {213582CA-7CF4-4D01-99FE-3ACAA4DE0385} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3406381769-3967634618-1927701157-1003Core => C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-13] (Facebook, Inc. -> Facebook Inc.)
Task: {24449DD4-A566-450E-AD29-83965C0B4116} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {295B72EA-7ED8-40E9-AE3E-95DB5B80985D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {295B72EA-7ED8-40E9-AE3E-95DB5B80985D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {320A81ED-D09A-4856-BC89-95EBCFB45BD9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3406381769-3967634618-1927701157-1003UA => C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-13] (Facebook, Inc. -> Facebook Inc.)
Task: {3CBB0E45-9280-4192-B346-6418D64CEE88} - System32\Tasks\Opera scheduled Autoupdate 1485964982 => C:\Program Files (x86)\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {CDE457F2-495A-4738-8834-197B285660F3} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3406381769-3967634618-1927701157-1003Core.job => C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3406381769-3967634618-1927701157-1003UA.job => C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe
Task: C:\WINDOWS\Tasks\Price Fountain.job => C:\Users\Kamil\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
Tcpip\..\Interfaces\{60348DA7-A05B-4E72-8DF6-4AB5B28D358B}: [DhcpNameServer] 192.168.43.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
FF SearchPlugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\searchplugins\google-avg.xml [2017-11-03]
FF SearchPlugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\searchplugins\mystartsearch.xml [2015-01-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\extensions\fftoolbar2014@etech.com => nie znaleziono
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono
FF HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi => nie znaleziono
WordAnchor 1.10.0.19 (HKLM-x32\...\WordAnchor_1.10.0.19) (Version: 1.10.0.19 - WordAnchor) <==== UWAGA
CustomCLSID: HKU\S-1-5-21-3406381769-3967634618-1927701157-1003_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ContextMenuHandlers1_S-1-5-21-3406381769-3967634618-1927701157-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
ContextMenuHandlers4_S-1-5-21-3406381769-3967634618-1927701157-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
ContextMenuHandlers5_S-1-5-21-3406381769-3967634618-1927701157-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
C:\Users\Kamil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
HKU\S-1-5-21-3406381769-3967634618-1927701157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-3406381769-3967634618-1927701157-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3406381769-3967634618-1927701157-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-3406381769-3967634618-1927701157-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406381769-3967634618-1927701157-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3406381769-3967634618-1927701157-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3406381769-3967634618-1927701157-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1420755756&from=wpc&uid=HitachiXHTS545050A7E380_TE85323Q32Z5MW32Z5MWX
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\StartupApproved\Run: => "pricefountainw.exe"
HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\StartupApproved\Run: => "Unified Remote V3"
FirewallRules: [{593CC8D9-C068-46B8-97A0-6CDBAA8A038C}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2010\F1_2010_game.exe => Brak pliku
FirewallRules: [{AF97287B-88F0-430A-92FB-EDA3C05BB50B}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2010\F1_2010_game.exe => Brak pliku
FirewallRules: [UDP Query User{C3C920AE-A311-4992-B094-ACE30491C1EF}D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe] => (Block) D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe => Brak pliku
FirewallRules: [TCP Query User{EDF3A676-AF7E-4C16-A7A2-8D74961F0468}D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe] => (Block) D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe => Brak pliku
FirewallRules: [{63F7871C-4925-42E5-B7B6-7A33BA25F9E0}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe => Brak pliku
FirewallRules: [{835E49A8-46E2-4285-A5F1-246BFEE70D71}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe => Brak pliku
FirewallRules: [{43A4B368-FEBD-4F53-870A-9EB533D56567}] => (Allow) LPort=1900
FirewallRules: [{D0FA0F34-2B11-4B51-BE43-943BD88E7185}] => (Allow) LPort=2869
FirewallRules: [TCP Query User{C04DC853-8866-440F-9839-FF85B597280A}D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe] => (Block) D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe => Brak pliku
FirewallRules: [UDP Query User{5FE037C8-037A-44DD-A603-ADE3F75C5A3F}D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe] => (Block) D:\gry\fifa.12.pl-prophet\fifa 12\game\fifa.exe => Brak pliku
FirewallRules: [{D526C520-B736-4965-92A5-C4BFB9241F04}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [{10572261-FA55-4E85-8C23-9E344D15E868}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [{D12CE54D-2907-4FE1-ADF5-5A19A3E720E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{152DF941-3221-412C-90DE-8F063A473A41}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [TCP Query User{B95BEF6C-A097-4A64-8174-00BF66C8F454}F:\programy\wondershare filmora 10.0.7.0 [portable]\wondershare filmora 10.0.7.0 [portable]\data\wondershare filmora\local\stubexe\0x043edd7cc2c03bdf\chrome.exe] => (Allow) F:\programy\wondershare filmora 10.0.7.0 [portable]\wondershare filmora 10.0.7.0 [portable]\data\wondershare filmora\local\stubexe\0x043edd7cc2c03bdf\chrome.exe => Brak pliku
FirewallRules: [UDP Query User{F7273E07-10CB-4E03-9658-478317179CFE}F:\programy\wondershare filmora 10.0.7.0 [portable]\wondershare filmora 10.0.7.0 [portable]\data\wondershare filmora\local\stubexe\0x043edd7cc2c03bdf\chrome.exe] => (Allow) F:\programy\wondershare filmora 10.0.7.0 [portable]\wondershare filmora 10.0.7.0 [portable]\data\wondershare filmora\local\stubexe\0x043edd7cc2c03bdf\chrome.exe => Brak pliku