CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {1f2acfa6-ba65-11e7-864b-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {24f5e2ea-9067-11e9-a7fd-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {2db2edb0-0cdf-11e9-b76a-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {2ec04d9c-ee1e-11e5-b1d3-dca9715a595a} - F:\LGAutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {6a223521-1520-11e6-9b34-dca9715a595a} - F:\AutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {6a223e20-1520-11e6-9b34-dca9715a595a} - F:\AutoRun.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {9a160f37-52e5-11e9-b330-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {9e9ee63b-7647-11e9-8c7e-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {a36469d4-b8f3-11e7-802b-dca9715a595a} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {bd96e6dd-db58-11e6-bd7a-dca9715a595a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\MountPoints2: {d6ecf216-cf97-11e8-a750-dca9715a595a} - F:\HiSuiteDownLoader.exe
Task: {471A6600-EEAA-4944-BDC3-F531FCD711A6} - System32\Tasks\{EDFB66FB-745C-4E73-AFC9-72B8DD712300} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {7EBA6690-F240-498A-9123-5368C2A24E14} - System32\Tasks\{1C41C78B-3AAF-4A80-B4A4-27BF318EA34E} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {8286C4A8-7287-4A33-B898-8C65ED2BB8EE} - System32\Tasks\{664CB88F-C957-448F-832C-AC05BDCD455B} => C:\Users\OM\Counter Strike Global Offensive - Launcher Setup.exe [51513088 2019-04-12] () [Brak podpisu cyfrowego]
Task: {D288EFFB-9B3E-42AD-99B5-ECBBE0BC5D23} - System32\Tasks\Opera scheduled Autoupdate 1456083253 => D:\Opera\launcher.exe [1520152 2019-09-03] (Opera Software AS -> Opera Software)
Tcpip\..\Interfaces\{0778A56B-3223-4AC1-BE1E-CA9EF2676382}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7A162578-3D2D-4C21-B37B-92A690E14A81}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93A28ACE-BECA-4EE8-BAF6-CE01A07CABC8}: [NameServer] 194.204.152.34 194.204.159.1
Tcpip\..\Interfaces\{BC21258A-A5F8-436D-B107-BAACFAFC4546}: [DhcpNameServer] 208.67.222.222 208.67.220.220
HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1923143551-3100905641-2904479667-1000 -> {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HomePage: Default -> amazon.com/websearch/?ie=UTF8__PARAM__
CHR RestoreOnStartup: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp"
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe
S3 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S3 ardrv; \??\C:\Users\OM\AppData\Local\Temp\ardrv.sys [X] <==== UWAGA
S3 cpuz138; \??\C:\Users\OM\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== UWAGA
S3 dbx; system32\DRIVERS\dbx.sys [X]
2019-09-22 18:29 - 2018-02-12 07:58 - 000003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1456083253
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
AlternateDataStreams: C:\Users\Public\AppData:CSM [230]
IE trusted site: HKU\S-1-5-21-1923143551-3100905641-2904479667-1000\...\amazon.com -> hxxps://amazon.com
C:\Users\OM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Narzędzia WPS Office\Sprawdź aktualizacje dla WPS Office.lnk
C:\Users\OM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk
RemoveProxy: