CloseProcesses: CreateRestorePoint: EmptyTemp: HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1913670632-3480327133-3603414357-1000\...\MountPoints2: {7365a114-7f1c-11e2-bed8-bc7737e3f534} - F:\AutoRun.exe HKU\S-1-5-21-1913670632-3480327133-3603414357-1000\...\MountPoints2: {7365a131-7f1c-11e2-bed8-bc7737e3f534} - F:\AutoRun.exe HKU\S-1-5-21-1913670632-3480327133-3603414357-1003\...\MountPoints2: {9efded9d-805c-11e2-85c4-bc7737e3f534} - F:\autorun.exe ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-24] (EasyBits Software Corp.) Tcpip\..\Interfaces\{2C6C972C-529C-4F71-9500-9D5F426E700F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7FD63118-4EEB-40CB-91D5-9EAA1F35D8E5}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{8FD7DA46-1AA0-4FDC-8AC9-BD6CF3C470B7}: [NameServer] 0.0.0.0 Tcpip\..\Interfaces\{C818C8AC-8F46-410C-AC0E-C621E3AC4330}: [DhcpNameServer] 192.168.0.1 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1003 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1003 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1023 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1023 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1023 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1023 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-1913670632-3480327133-3603414357-1023 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku Toolbar: HKLM - Brak nazwy - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Brak pliku Toolbar: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1913670632-3480327133-3603414357-1000: samsung.com/AllSharePlayPCPlugin -> C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll [Brak pliku] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] 2018-08-15 21:36 - 2018-08-15 21:36 - 000000000 _____ C:\Users\IGOR\AppData\Local\{CF3FD698-125C-4011-B74E-764E73977693} 2018-08-15 21:36 - 2018-08-15 21:36 - 000000000 _____ C:\Users\IGOR\AppData\Local\{6B58DC69-90C2-4B2A-87C9-530E3965A92C} CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1913670632-3480327133-3603414357-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\molos\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Brak pliku Task: {03A64832-0070-4336-AFA5-C2915172A9EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-21] (Hewlett-Packard Company) Task: {0CA2676B-85BC-4708-BBF6-14656396318F} - System32\Tasks\{9045F847-60B7-4043-93A3-2AD6DF09178A} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\ Task: {109BD5B5-574F-489B-968E-52E2D8C27A30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard) Task: {444116F9-3405-4341-8E61-BF0148B28999} - System32\Tasks\{BF34A925-03C7-4F7E-9BC0-51762802A73E} => C:\Windows\system32\pcalua.exe -a C:\Users\molos\AppData\Local\Temp\jre-8u71-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {4E0D008C-58A9-4D10-A10E-AC468F23D7AE} - System32\Tasks\{D98F632E-5D62-4050-82A1-7C990082E1D9} => C:\Windows\system32\pcalua.exe -a C:\Users\molos\AppData\Local\Temp\jre-8u65-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {61A22478-12DA-463D-9B18-9B8EA4E0823B} - System32\Tasks\{8CE8B855-E055-4E2A-B978-2A6901D7D29C} => C:\Windows\system32\pcalua.exe -a "C:\Users\molos\Documents\Nowy folder\DriverInstall_IncludeDX9.0c(WIN8&WIN8.1).exe" -d "C:\Users\molos\Documents\Nowy folder" Task: {7464F26B-F60B-4251-9360-C91AC830BD96} - System32\Tasks\{36907E27-3EEA-45C4-8C91-69BF38DA6872} => C:\Windows\system32\pcalua.exe -a C:\Users\molos\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {B5919BDC-E8E2-4014-85E6-8B3EE15419E7} - System32\Tasks\{9EFDDC7C-39E5-4F67-AB06-3EEE06557D45} => C:\Windows\system32\pcalua.exe -a C:\Users\molos\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {E51ED41A-190D-42C1-AAB0-473CF4E694D5} - System32\Tasks\{2E85BF26-F7A4-416D-936E-08CE09EA4D3C} => C:\Windows\system32\pcalua.exe -a C:\Users\molos\AppData\Local\Temp\Temp1_ws2setup.zip\ws2setup.exe <==== UWAGA C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TGSoft\Magazyny, Faktury.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW 9\Instalacja i uwagi\Instalator produktów Corela.LNK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)\AVS Proxy GUI 2.7.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)\VS Proxy GUI 2.7.lnk C:\Users\IGOR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk C:\Users\molos\Links\nasluchy — skrót.lnk C:\Users\molos\Links\swarming — skrót.lnk C:\Users\molos\Documents\IGOR\z telefonu do 2014.04.09\nasluchy Tychowo.lnk C:\Users\molos\Desktop\nietoperze dla RDLP — skrót.lnk C:\Users\Default\Favorites\Links\Amazon.co.uk – Online Shopping.url C:\Users\Default\Favorites\HP\Amazon.co.uk – Online Shopping.url C:\Users\Hugo\Favorites\Links\Amazon.co.uk – Online Shopping.url C:\Users\Hugo\Favorites\HP\Amazon.co.uk – Online Shopping.url C:\Users\IGOR\Favorites\Links\Amazon.co.uk – Online Shopping.url C:\Users\IGOR\Favorites\HP\Amazon.co.uk – Online Shopping.url C:\Users\molos\Favorites\Links\Amazon.co.uk – Online Shopping.url C:\Users\molos\Favorites\HP\Amazon.co.uk – Online Shopping.url C:\Users\molos\Desktop\Justa\Justa\Favorites\Links\Amazon.co.uk – Online Shopping.url C:\Users\molos\Desktop\Justa\Justa\Favorites\HP\Amazon.co.uk – Online Shopping.url CMD: netsh advfirewall reset CMD: ipconfig /flushdns