CloseProcesses:
CreateRestorePoint:
EmptyTemp:
File: C:\Users\Thomas\AppData\Local\csrss.exe
Task: {06C5C181-5F96-40B5-AA0B-0D6A0A29502C} - System32\Tasks\{7EDDCB7D-08AB-45D6-BC02-9BD9EE60A107} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Truck_Racing_By_Renault_Trucks\uninst.exe"
Task: {823B48E2-8617-4245-B300-6EC4DC5AEC69} - System32\Tasks\{F33A444C-4203-4F38-8693-B65934D78181} => C:\Program Files (x86)\FiFA 13 PL\fifa13.exe
Task: {DB43DD19-AFBB-4FF6-8135-DCD4F9C34093} - System32\Tasks\Opera scheduled Autoupdate 1549383939 => C:\Users\Thomas\AppData\Local\Programs\Opera\launcher.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA
Task: {F4C51A78-0F15-4924-A6B2-5702190617AD} - System32\Tasks\{2DA0BDB0-0B3C-4B99-84C1-0C32A7C4635E} => C:\Program Files (x86)\FiFA 13 PL\fifa13.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () [Brak podpisu cyfrowego] C:\Users\tom\AppData\Local\csrss.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () [Brak podpisu cyfrowego] C:\Users\Thomas\AppData\Local\csrss.exe
FirewallRules: [{2E7E17C8-53D5-4140-AB3E-7948B2A277ED}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe Brak pliku
FirewallRules: [{1E7280EE-1D7E-4A94-AF31-B9995FF4794C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe Brak pliku
FirewallRules: [{495133E3-E956-44D3-86C1-C47D1561AAC9}] => (Allow) C:\Users\Thomas\AppData\Local\Programs\Opera\58.0.3135.53\opera.exe Brak pliku
FirewallRules: [TCP Query User{97BEB3D3-0A39-4ED4-9C65-669CE94EE9B2}C:\users\thomas\appdata\local\temp\rarsfx0\quake3.exe] => (Block) C:\users\thomas\appdata\local\temp\rarsfx0\quake3.exe Brak pliku
FirewallRules: [UDP Query User{07B55132-04A0-40EF-A559-C80673C126F0}C:\users\thomas\appdata\local\temp\rarsfx0\quake3.exe] => (Block) C:\users\thomas\appdata\local\temp\rarsfx0\quake3.exe Brak pliku
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-704150869-3505933208-4032645983-1000\...\Run: [Tok-Cirrhatus] => C:\Users\Thomas\AppData\Local\smss.exe [42713 2006-03-17] () [Brak podpisu cyfrowego] <==== UWAGA
HKU\S-1-5-21-704150869-3505933208-4032645983-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-704150869-3505933208-4032645983-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-704150869-3505933208-4032645983-1000\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-704150869-3505933208-4032645983-1004\...\Run: [Tok-Cirrhatus] => C:\Users\tom\AppData\Local\smss.exe [42713 2006-03-17] () [Brak podpisu cyfrowego] <==== UWAGA
HKU\S-1-5-21-704150869-3505933208-4032645983-1004\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-704150869-3505933208-4032645983-1004\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-704150869-3505933208-4032645983-1004\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Wallpapers_WW.scr
GroupPolicy: Ograniczenia ? <==== UWAGA
Hosts: Kod HTML wykryty w pliku Hosts. Sprawdź sekcję Hosts w Addition.txt <==== UWAGA
Tcpip\..\Interfaces\{11BD8A2A-073A-4DC4-9050-B5AACE81777B}: [DhcpNameServer] 194.204.159.1 194.204.152.34
Tcpip\..\Interfaces\{1316F9B4-6B83-4522-9F7A-F025897AFCAD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{801F451A-D04E-4B46-BCC0-DB236BAC4BDB}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{B150F5BB-FC44-48C0-8374-D5D60304B85C}: [DhcpNameServer] 192.168.42.129
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_plPL729
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_plPL729
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-704150869-3505933208-4032645983-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [Brak pliku]
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM-x32\...\Chrome\Extension: [nlnpeeaafijaebcdgkdeojkpnkfkjdnh] - hxxps://clients2.google.com/service/update2/crx
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
U3 BcmSqlStartupSvc; Brak ImagePath
U2 CLKMSVC10_3A60B698; Brak ImagePath
U2 CLKMSVC10_C3B3B687; Brak ImagePath
U2 DriverService; Brak ImagePath
U2 IAStorDataMgrSvc; Brak ImagePath
U2 iATAgentService; Brak ImagePath
U2 idealife Update Service; Brak ImagePath
U3 IGRS; Brak ImagePath
U2 IviRegMgr; Brak ImagePath
U2 McAfee SiteAdvisor Service; Brak ImagePath
U2 McMPFSvc; Brak ImagePath
U2 McProxy; Brak ImagePath
U2 nvUpdatusService; Brak ImagePath
U2 Oasis2Service; Brak ImagePath
U2 PCCarerService; Brak ImagePath
U2 ReadyComm.DirectRouter; Brak ImagePath
U2 RichVideo; Brak ImagePath
U2 RtLedService; Brak ImagePath
U2 SeaPort; Brak ImagePath
U2 SoftwareService; Brak ImagePath
U3 SQLWriter; Brak ImagePath
2018-11-26 21:19 - 2018-12-13 19:56 - 000003752 _____ () C:\Users\Thomas\AppData\Local\AcStag.ini
2018-11-26 21:23 - 2018-12-13 19:56 - 000006527 _____ () C:\Users\Thomas\AppData\Local\AcStag.lyt
2019-03-13 13:01 - 2019-03-13 13:01 - 000003223 _____ () C:\Users\Thomas\AppData\Local\Bron.tok.A12.em.bin
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () C:\Users\Thomas\AppData\Local\csrss.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () C:\Users\Thomas\AppData\Local\inetinfo.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () C:\Users\Thomas\AppData\Local\lsass.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () C:\Users\Thomas\AppData\Local\services.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 _____ () C:\Users\Thomas\AppData\Local\smss.exe
2013-04-24 10:42 - 2006-03-17 02:17 - 000042713 ____N () C:\Users\Thomas\AppData\Local\winlogon.exe
RemoveProxy:
HOSTS: