CloseProcesses:
CreateRestorePoint:
EmptyTemp:
File: C:\Windows\system32\DESZCZ~1.SCR
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 [5]
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 [5]
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 [5]
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 [5]
HKU\S-1-5-21-2653901765-1614293054-823531881-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2653901765-1614293054-823531881-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\DESZCZ~1.SCR [674816 2014-09-19] () [Brak podpisu cyfrowego]
BootExecute: P
GroupPolicyUsers\S-1-5-21-2653901765-1614293054-823531881-1001\User: Ograniczenia <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
CHR HKU\S-1-5-21-2653901765-1614293054-823531881-1001\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {3B2AB9C4-DCBA-4622-9474-0AD02FA5F0FD} - System32\Tasks\Opera scheduled Autoupdate 1425385423 => C:\Program Files (x86)\Opera\launcher.exe [1493592 2019-06-14] (Opera Software AS -> Opera Software)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA
Tcpip\..\Interfaces\{5A05F7DE-070C-4219-9F0F-EC2ECAA5E8F1}: [DhcpNameServer] 192.168.0.1
SearchScopes: HKLM -> {4B1B6A88-EE79-4845-AD16-41270DCB3BB4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {4B1B6A88-EE79-4845-AD16-41270DCB3BB4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2653901765-1614293054-823531881-1001 -> DefaultScope {4B1B6A88-EE79-4845-AD16-41270DCB3BB4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2653901765-1614293054-823531881-1001 -> {4B1B6A88-EE79-4845-AD16-41270DCB3BB4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2653901765-1614293054-823531881-1001 -> {BBB33DD9-6CF1-48E2-AE87-BF92FEEAAE2B} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
FF HomepageOverride: Mozilla\Firefox\Profiles\z1vur4iz.default-1465629158958 -> Enabled: homepage@mail.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\z1vur4iz.default-1465629158958 -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @HUNT.com.tw/NP_HOEM_X -> C:\Windows\system32\WebWatch2\np_hoem_x.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [Brak pliku]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtn15.1.13.1&q={searchTerms}&fr=chxtn15.1.13.1
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR HKU\S-1-5-21-2653901765-1614293054-823531881-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx
S3 ManyCam; system32\DRIVERS\mcvidrv.sys [X]
S3 mcaudrv_simple; system32\drivers\mcaudrv_x64.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
S3 WiseHDInfo; \??\C:\Windows\WiseHDInfo64.dll [X]
2019-06-14 18:08 - 2019-06-14 18:08 - 000003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1425385423
2019-06-14 16:07 - 2013-10-01 07:35 - 000000610 __RSH C:\Users\al\ntuser.pol