CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1747648977-2420826609-2285400798-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 3510 series (Kopia 1).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll (Brak pliku)
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {CF485460-1DFC-46E0-BEB2-6E1FC4D5DCF0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1747648977-2420826609-2285400798-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1747648977-2420826609-2285400798-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1747648977-2420826609-2285400798-1001 -> {CF485460-1DFC-46E0-BEB2-6E1FC4D5DCF0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\mblxfa8p.default -> hxxps://pl.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10140_yahoo_160508__yaff
2018-01-29 19:35 - 2018-01-30 18:18 - 000000000 ____D C:\AdwCleaner
WinThruster (HKLM\...\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}) (Version: 1.26.1 - Solvusoft Corporation) Hidden <==== UWAGA
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> Brak pliku
Task: {05CEBB2C-DC9F-45B2-8E81-E04E86943BCC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {05DC41B7-CC3C-4280-9608-87676BD5B602} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: {0B4CEE84-09AA-46EA-A99F-385DAB744E2C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\DJ3830_Full_WebPack_40.11.1124.exe <==== UWAGA
Task: {1EC4482D-9A4C-4CE5-958A-07C3F5828510} - System32\Tasks\WinThruster64-Dawid-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== UWAGA
Task: {25B63AA2-B1C8-495F-8373-DB2E724A84ED} - System32\Tasks\{AF9C0787-4C24-49F8-A205-AD053A4BDD8C} => C:\WINDOWS\system32\pcalua.exe -a H:\Autorun.exe -d H:\
Task: {2D61469E-8CA5-49E7-B836-C13EE21757B5} - System32\Tasks\Driver Booster SkipUAC (Dawid) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
Task: {309B77A6-0D93-4239-AB60-56D9488BFC51} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {38CCAD06-2F59-4DA8-9909-8775FC44FF52} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {47E32C75-CEF7-447E-86F9-E6B0B548CFA4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {6F376465-D1C1-47A0-827F-F978B1E2CB12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
Task: {7065013E-F691-491E-807A-5DF70A525BDC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {8B0380F5-DA46-47EF-9A84-7F56DE083B41} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {98B1ACC8-2349-4545-8C7F-81467B7CE7AE} - \WPD\SqmUpload_S-1-5-21-1747648977-2420826609-2285400798-1001 -> Brak pliku <==== UWAGA
Task: {9E0E22FB-231B-4FD3-8F39-F27E55505B2C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {B1B1CFEE-F30A-4894-BC11-93F153BB3E17} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {BEE77DE4-B2FF-4AD5-9AAC-7B5FEBC04616} - \Optimize Start Menu Cache Files-S-1-5-21-1747648977-2420826609-2285400798-1001 -> Brak pliku <==== UWAGA
Task: {C4FBBE10-CE51-480E-8DD2-DA875B0BAE1C} - System32\Tasks\WinThruster64-Dawid-Startup => C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe <==== UWAGA
Task: {C5845C52-0EF3-4D30-AB20-9B825DB13450} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {EA580482-C811-40B8-A75D-C364358AF3F4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: C:\WINDOWS\Tasks\WinThruster64-Dawid-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\WinThruster64-Dawid-Startup.job => C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe <==== UWAGA
HKU\S-1-5-21-1747648977-2420826609-2285400798-1001\Software\Classes\regfile: regedit.exe "%1" <==== UWAGA
IE trusted site: HKU\S-1-5-21-1747648977-2420826609-2285400798-1001\...\localhost -> localhost
Hosts:
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}