CloseProcesses: CreateRestorePoint: HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-3413964584-1768734902-2983301047-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Startup: C:\Users\BEATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive dla firm.lnk [2016-03-20] HKU\S-1-5-21-3413964584-1768734902-2983301047-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki SearchScopes: HKU\S-1-5-21-3413964584-1768734902-2983301047-1000 -> {6fcad291-2f36-47d8-a77e-d4a611fa774a} URL = hxxps://search.gmx.com/web/result?q={searchTerms}&origin=p_jkld_y0_w38&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=122 BHO: Brak nazwy -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Brak pliku BHO-x32: Brak nazwy -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Brak pliku BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll => Brak pliku DPF: HKLM-x32 {45830FF9-D9E6-4F41-86ED-B266933D8E90} hxxp://87.204.206.164/RtspVaPgDec.cab StartMenuInternet: IEXPLORE.EXE - iexplore.exe FF user.js: detected! => C:\Users\BEATA\AppData\Roaming\Mozilla\Firefox\Profiles\qbe9pdt4.default-1495047022141\user.js [2017-09-18] FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Brak pliku] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Brak pliku ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Brak pliku ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Brak pliku Task: {A6B6AF40-02EE-4BFB-AED7-6A691F0433C6} - System32\Tasks\{CBF8A447-6C00-4835-94DC-1A42BC9FFE89} => C:\Windows\system32\pcalua.exe -a "C:\Users\BEATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MZH1WPH\JavaSetup8u144.exe" -d C:\Users\BEATA\Desktop Shortcut: C:\Users\BEATA\Desktop\pendrive\Moje dokumenty\Print Styles\Create a Print Style Table.lnk -> C:\Program Files\dot4CAD\PStyleApp.exe (Brak pliku) Shortcut: C:\Users\BEATA\Desktop\pendrive\Moje dokumenty\Moje obrazy\Przykładowe obrazy.lnk -> [LFAz_Az_APO :i+002.tY^Hg3(GYr?DUk0Z1*<6MOJEOB~1B*<* [LF2-AAAPO :i+002.tY^Hg3(GYr?DUk0Z1*<6MOJAMU~1B*<* C:\Program Files\ADEG.NET\Logus_DEMO\logus.exe (Brak pliku) Shortcut: C:\Users\BEATA\Desktop\pendrive\laptop\Tablica\Seria Młody Einstein.lnk -> C:\DOCUME~1\Beata\USTAWI~1\Temp\$PowerISO$\start.exe (Brak pliku) Shortcut: C:\Users\BEATA\Desktop\pendrive\laptop\Moje obrazy\Przykładowe obrazy.lnk -> [LFAz_Az_APO :i+002.tY^Hg3(GYr?DUk0Z1*<6MOJEOB~1B*<* C:\Program Files\Netia\Bezpieczny Internet\FSGUI\fscuif.exe (Brak pliku) Shortcut: C:\Users\BEATA\Desktop\pendrive\Beata\Ocena Opisowa.lnk -> C:\Program Files\Librus\Ocena Opisowa\OcenaOpisowa_Sz.exe (Brak pliku) Shortcut: C:\Users\BEATA\Desktop\pen\Moje dokumenty\Moje obrazy\Przykładowe obrazy.lnk -> [LFAz_Az_APO :i+002.tY^Hg3(GYr?DUk0Z1*<6MOJEOB~1B*<*