CloseProcesses:
CreateRestorePoint:
EmptyTemp:
VirusTotal: C:\ProgramData\23B080A7\23B08064.dll
VirusTotal: C:\Users\Sekretariat\AppData\Roaming\update2501.exe
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-08-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ProxyEnable: [S-1-5-21-1921431682-952469367-1298936472-1000] => Proxy [funkcja włączona]
ProxyServer: [S-1-5-21-1921431682-952469367-1298936472-1000] => 127.0.0.1:1080
ManualProxies: 1127.0.0.1:1080
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2009-10-09] (RealNetworks, Inc.)
CHR Extension: (lackfehpdclhclidcbbfcemcpolgdgnb) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2015-07-20]
R2 23B080A7; C:\ProgramData\23B080A7\23B08064.dll [2686992 2018-06-29] () [Brak podpisu cyfrowego]
2013-02-22 12:43 - 2013-02-22 12:43 - 000016090 _____ () C:\Program Files (x86)\borg
2013-02-20 13:28 - 2013-02-22 12:43 - 000000417 _____ () C:\Program Files (x86)\error.log
2013-02-20 13:28 - 2013-03-05 08:25 - 000001397 _____ () C:\Program Files (x86)\INST.LOG
2013-02-20 13:28 - 2013-02-22 12:42 - 000001486 _____ () C:\Program Files (x86)\INST.LOx
2013-02-20 13:28 - 2013-02-22 12:43 - 000000051 ____N () C:\Program Files (x86)\INSTALL.INI
2012-06-24 19:03 - 2012-06-24 19:03 - 001718793 _____ () C:\Program Files (x86)\winrar-x64-411pl.exe
2016-01-25 09:53 - 2016-01-25 09:53 - 001128269 _____ () C:\Users\Sekretariat\AppData\Roaming\2501cr1.scr
2018-06-29 11:03 - 2018-06-29 11:03 - 000038745 _____ () C:\Users\Sekretariat\AppData\Roaming\RwZwYdI.dll
2013-05-27 12:21 - 2013-05-27 12:21 - 000000000 _____ () C:\Users\Sekretariat\AppData\Roaming\SharedSettings.ccs
2018-11-09 07:15 - 2018-11-09 07:15 - 000299070 _____ (Distribution One) C:\Users\Sekretariat\AppData\Roaming\ULsdvJ.dll
2016-01-25 10:28 - 2016-01-25 10:28 - 001121629 _____ () C:\Users\Sekretariat\AppData\Roaming\update2501.exe
2018-07-30 07:02 - 2018-07-30 07:02 - 001739776 _____ (Robert Simpson, et al.) C:\Users\Sekretariat\AppData\Local\System.Data.SQLite.dll
2012-02-29 16:19 - 2012-02-29 16:19 - 000000003 _____ () C:\Users\Sekretariat\AppData\Local\user_data.ini
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Task: {47356C32-051E-4D91-A312-B823F3852352} - System32\Tasks\HP AR Program Upload - c8fb5f7eb3e149aa9e6be9eb9719b8f1b3a40356ae0f4cdb97162c2b984321be => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {47794EDD-0C2F-4102-A952-1442B7A033ED} - System32\Tasks\HP AR Program Upload - 174757233bc2437a8580c76728d8271042b39cfff3874ff2999f56dd533a031c => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {4BD3E0CC-234C-41CD-8257-A04D3F94587D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {55554E10-5DDF-4F51-B7E9-13A705457861} - System32\Tasks\HP AR Program Upload - 0ea50c37d938455eb61135feed0a51fff5b6e1dd18e44f8fa2ec4da0d79b0bc1 => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {94EDB37C-8ABD-49D8-B988-4A16CB09B45C} - System32\Tasks\HPCustParticipation HP Deskjet 3540 series => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {994CB0B6-E2A6-45C7-9247-D38E19E67460} - System32\Tasks\HP AR Program Upload - 3c80e2f519c74b0e955b65398c240f42bb5f4db6b0a043d7997aa890b57b7188 => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {D1980C5B-73C5-4945-99A3-0FCCFB23C1A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E1DECA64-EC0B-4412-A02E-80D56EE13AF6} - System32\Tasks\HP AR Program Upload - e06e4359a51b45298bfa0140cde21b98aa62746a5f544662b017083319ff42c7 => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {E6B63256-4E81-4A85-9657-502422437A03} - System32\Tasks\HP AR Program Upload - 5ba77d516746431e859204a7d147045570aab64d57814d5c9c3b435095afcd3a => C:\Program Files\HP\HP Deskjet 3540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
2018-06-29 11:01 - 2018-06-29 11:01 - 002686992 ___RH () C:\ProgramData\23B080A7\23B08064.dll
2018-06-29 11:01 - 2018-06-29 11:01 - 001696272 ___RH () C:\ProgramData\23B080A7\23B08032.dll
MSCONFIG\startupfolder: C:^Users^Sekretariat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^mn.jse => C:\Windows\pss\mn.jse.Startup
MSCONFIG\startupfolder: C:^Users^Sekretariat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^sk32.jse => C:\Windows\pss\sk32.jse.Startup
ManualProxies:
RemoveProxy: