CloseProcesses: CreateRestorePoint: ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> Brak pliku ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {02EE6893-D678-4AC2-9CCA-9DBB2E8AF444} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {BE40CB15-AB6F-4EB0-8526-0A11815518A5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {E64406E6-D934-4AB6-9496-EDBF909A308F} - System32\Tasks\update-S-1-5-21-3663144205-2508142941-3694714365-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: C:\WINDOWS\Tasks\update-S-1-5-21-3663144205-2508142941-3694714365-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe AlternateDataStreams: C:\ProgramData\Temp:08801FDB [128] AlternateDataStreams: C:\ProgramData\Temp:F6E5C7FB [111] HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F4865BC2E1E7FD7A7643589BE2CB0BA6" FirewallRules: [TCP Query User{68AFBB39-3359-456F-9A49-D0352B95C170}D:\nowy folder\sdi_x64_r1742.exe] => (Allow) D:\nowy folder\sdi_x64_r1742.exe FirewallRules: [UDP Query User{71FEC09B-01E9-4F70-BA0A-ED980C958B26}D:\nowy folder\sdi_x64_r1742.exe] => (Allow) D:\nowy folder\sdi_x64_r1742.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle Corporation) Startup: C:\Users\timeu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-01-08] Startup: C:\Users\timeu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-07-06] Tcpip\..\Interfaces\{6d192520-5a16-4ac2-bc23-973fdea8a1ee}: [DhcpNameServer] 150.206.1.3 HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-3663144205-2508142941-3694714365-1001 -> DefaultScope {6F9A2817-5767-4F16-AF19-A3F3318E9B9E} URL = SearchScopes: HKU\S-1-5-21-3663144205-2508142941-3694714365-1001 -> {6F9A2817-5767-4F16-AF19-A3F3318E9B9E} URL = Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Brak pliku FF Extension: (Disable Crash Auto Submit) - C:\Users\timeu\AppData\Roaming\Mozilla\Firefox\Profiles\1wqg1h59.default-1516219327999\features\{2a893c12-8798-4100-b311-7fcd2d8533d9}\disable-crash-autosubmit@mozilla.org.xpi [2018-01-29] [Przestarzałe] FF Extension: (IDM CC) - C:\Users\timeu\AppData\Roaming\IDM\idmmzcc5 [2018-02-21] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nie znaleziono CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20] CHR HKU\S-1-5-21-3663144205-2508142941-3694714365-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20] S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [Brak podpisu cyfrowego] S3 BstHdAndroidSvc; "C:\Program Files (x86)\Bluestacks\HD-Service.exe" BstHdAndroidSvc Android [X] C:\Users\timeu\Documents\Euro Truck Simulator 2\readme.rtf.lnk C:\Users\timeu\Documents\American Truck Simulator\readme.rtf.lnk C:\Users\timeu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord\BitLord.lnk EmptyTemp: Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} CMD: ipconfig /flushdns