CloseProcesses: CreateRestorePoint: EmptyTemp: VirusTotal: C:\Users\kryst\AppData\Roaming\auEUTuuyYf.exe HKU\S-1-5-21-3365352445-2847475061-7724402-1001\...\MountPoints2: {e92d4d14-85fc-11e8-9308-9822efd17fda} - "H:\setup.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-07-13] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Brak pliku) Tcpip\..\Interfaces\{9554b0dd-7245-4f2a-b5f5-fa3b0d44ac37}: [DhcpNameServer] 150.213.1.3 Tcpip\..\Interfaces\{fbf5796f-c0d2-4471-8923-c3ed12624223}: [DhcpNameServer] 192.168.0.1 2018-04-12 01:34 - 2018-04-12 01:34 - 000178688 ____N (Microsoft Corporation) C:\Users\kryst\AppData\Roaming\auEUTuuyYf.exe ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {5FE9D80C-36E3-40CF-BDEC-32DB4168CBC3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility:// Task: {6CDFA924-E534-4F21-BD7E-12182156D824} - System32\Tasks\{0415EB58-6298-1908-CE83-1C7CDFA0EA49} => "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://first-news.org/cl/?guid=dwrqmwhrkrco82i5wjwmv5h0sz34tcwx&prid=1&pid=4_1324_0 Task: {BC963068-45DA-4EE5-B5A4-03A2566B0418} - System32\Tasks\{E0F31E62-2061-5959-34DD-DD32C558C1BD} => C:\WINDOWS\TUReUuSj.exe [2018-04-12] (Microsoft Corporation) Task: {EB64B78C-2B8C-4029-BDDA-945F3DD4DBEB} - System32\Tasks\{1209305D-92E7-7041-7D26-3B779D3ECF62} => C:\WINDOWS\YJaGdw.exe [2018-04-12] (Microsoft Corporation) C:\Users\kryst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk FilesInDirectory: C:\Users\kryst\AppData\Local\*.exe;*.dll;*.ini FilesInDirectory: C:\Users\kryst\AppData\Roaming\*.exe;*.dll;*.ini FilesInDirectory: C:\WINDOWS\*.exe