CloseProcesses:
CreateRestorePoint:
EmptyTemp:
File: C:\Windows\eynurnvlrawse.eyn
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} =>  -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
Task: {403B7C94-322D-4AFB-AE59-A180FB9B8399} - \Homeville -> Brak pliku <==== UWAGA
Task: {5844F908-ED8C-4374-8F7F-34C3FC852AC3} - \Online Application V2G5 -> Brak pliku <==== UWAGA
Task: {8AAE80E0-462E-41D5-8DB9-134BA08F52E7} - \Online Application V2G2 -> Brak pliku <==== UWAGA
Task: {9F05594E-FA86-4E17-B75D-1E5CC8ADDC87} - \Online Application V2G1 -> Brak pliku <==== UWAGA
Task: {A0131E42-6B20-415C-9920-F3F7A0DF2316} - \Online Application V2G4 -> Brak pliku <==== UWAGA
Task: {B35CD2E2-AFA8-406A-96FD-5E679C17C61E} - \Online Application V2G3 -> Brak pliku <==== UWAGA
Task: {C1B25899-806C-46AA-8D97-C0EEDF412C2B} - \Online Application V2G6 -> Brak pliku <==== UWAGA
Task: {DC776874-854F-4E1F-A6B6-D9FFE86892D9} - System32\Tasks\Opera scheduled Autoupdate 1550945945 => C:\Users\bartw\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {F3D11DF7-6638-4F7D-8AE2-C330D6F24D39} - \RunBoosterUpdateTask -> Brak pliku <==== UWAGA
Task: C:\Windows\Tasks\Homeville.job => C:\Program Files\Homeville\Homeville.exe <==== UWAGA
2019-02-23 18:11 - 2019-02-23 18:11 - 001114624 _____ () C:\Windows\eynurnvlrawse.eyn
FirewallRules: [{456DBDCD-0D38-4F1F-A9D4-BC8635527125}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-703949266-4277099555-3312053967-1001\...\Run: [AdobeBridge] => [X]
Tcpip\..\Interfaces\{16743929-9335-4cf9-86d5-da35ee6fea8d}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{175fa0db-92ea-4097-867a-6d39236aeed3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b180db1e-7225-4055-971d-4f533fa71c6a}: [DhcpNameServer] 37.8.214.2 31.11.202.254
HKU\S-1-5-21-703949266-4277099555-3312053967-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoB-iIJEeBJMGnNphHfz4qyblggxyENTE4O3nnJhxsLcFPdIRa2W8RLE1n34n4qhuE6eIJFf8VjmKtIHyxlOyX_37ybcoWbBwT9LMmF2yZa0ZheJqxRSHmIpMKKOYq0GL20ih1dLYKxUo7-54hicac_mxFlbKBg7Yddsv0tVZCC&q={searchTerms}
HKU\S-1-5-21-703949266-4277099555-3312053967-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoB-iIJEeBJMGnNphHfz4qyblggxyENTE4O3nnJhxsLcFPdIRa2W8RLE1n34n4qhuE6eIJFf8VjmKtEKTnthLb7R5Sp0zXYdBfrfefZpg8EbfQkSMgD1hOuOVufGNclmU_wup9jx8UCuoVezJEZJSvRJl0opdj-PWasZLw-LA0y
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKU\S-1-5-21-703949266-4277099555-3312053967-1001 -> {A8FC49A6-A420-4B64-B0BC-25576D702116} URL = 
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Extension: (Adaware Secure) - C:\Users\bartw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-01-08]
CHR HKU\S-1-5-21-703949266-4277099555-3312053967-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
S3 KNDBWMService; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73008 2019-01-03] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NDRiZDRhY; C:\Windows\eynurnvlrawse.eyn [1114624 2019-02-23] () [Brak podpisu cyfrowego]
S2 YzhjZmJlMWNkYmVkO; C:\Program Files\YzhjZmJlMWNkYmVkO\NWVjNWVmMj.exe [905304 2019-02-23] (chavanactechnology.com -> )
R2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2019-02-23] (Nemea Mjukvaruutveckling AB -> Basil)
R1 NzJmNjQ0YWJm; \??\C:\Windows\system32\drivers\NzJmNjQ0YWJm [X]
2019-02-23 19:35 - 2019-02-23 19:35 - 000885752 _____ (Plumbytes Software Lp) C:\Users\bartw\Downloads\antimalwaresetup-ver_5de35cce-dirct.exe
2019-02-23 18:12 - 2019-02-23 18:12 - 007881728 _____ C:\Users\bartw\AppData\Local\agent.dat
2019-02-23 18:12 - 2019-02-23 18:12 - 002035386 _____ C:\Users\bartw\AppData\Local\Fixfix.tst
2019-02-23 18:12 - 2019-02-23 18:12 - 001895382 _____ C:\Users\bartw\AppData\Local\Don-Home.bin
2019-02-23 18:12 - 2019-02-23 18:12 - 000722944 _____ C:\Users\bartw\AppData\Local\sha.db
2019-02-23 18:12 - 2019-02-23 18:12 - 000278509 _____ C:\Users\bartw\AppData\Local\Goodfix.tst
2019-02-23 18:12 - 2019-02-23 18:12 - 000140800 _____ C:\Users\bartw\AppData\Local\installer.dat
2019-02-23 18:12 - 2019-02-23 18:12 - 000126464 _____ C:\Users\bartw\AppData\Local\noah.dat
2019-02-23 18:12 - 2019-02-23 18:12 - 000070896 _____ C:\Users\bartw\AppData\Local\Config.xml
2019-02-23 18:12 - 2019-02-23 18:12 - 000005568 _____ C:\Users\bartw\AppData\Local\md.xml
2019-02-23 18:12 - 2019-02-23 18:11 - 001632256 _____ C:\Users\bartw\AppData\Local\Goodfix.exe
2019-02-23 18:11 - 2019-02-23 18:20 - 000001524 _____ C:\Windows\Tasks\Homeville.job
2019-02-23 18:11 - 2019-02-23 18:11 - 001114624 _____ C:\Windows\eynurnvlrawse.eyn
2019-02-23 18:11 - 2019-02-23 18:11 - 000000000 ____D C:\Users\bartw\AppData\Local\AdvinstAnalytics
2019-02-23 18:11 - 2019-02-23 18:11 - 000000000 ____D C:\Program Files\YzhjZmJlMWNkYmVkO
RemoveProxy:
HOSTS: