CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3664041683-170864151-414593356-1000\...\MountPoints2: {39fe4147-650a-11e4-a2fa-806e6f6e6963} - D:\Bin\ASSETUP.exe
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3664041683-170864151-414593356-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKU\S-1-5-21-3664041683-170864151-414593356-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
OPR StartupUrls:  "hxxp://www.gazeta.pl/0,0.html?p=173" 
2018-02-01 12:59 - 2015-03-17 10:13 - 000000000 ____D C:\AdwCleaner
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [00avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
Task: {A89FE142-12DA-4AF0-9DAD-FE01322E8F5D} - System32\Tasks\USREFibulaStatuesqueV2 => rundll32.exe UnforeseeableAbbess.dll,main 7 1 <==== UWAGA
Task: {C769AF2E-7267-454C-8123-D4DD2A5DDE63} - System32\Tasks\{045AE9E3-CAFF-78C8-3F70-0BD071F1AAC5} => C:\Users\USRE\AppData\Roaming\PRICEF~1\UPDATE~1.EXE <==== UWAGA
Task: C:\Windows\Tasks\{045AE9E3-CAFF-78C8-3F70-0BD071F1AAC5}.job => C:\Users\USRE\AppData\Roaming\PRICEF~1\UPDATE~1.EXE <==== UWAGA
MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
C:\Users\USRE\AppData\Roaming\Microsoft\Windows\SendTo\Android (ALLPlayer Pilot).lnk
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}