CloseProcesses: CreateRestorePoint: ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku Task: {66E9BE42-374C-4EBC-92E8-F3AC5FF263F0} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== UWAGA C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk C:\Users\Magda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk HKU\S-1-5-21-1452098251-4272596591-3790038640-1000\Software\Classes\exefile: <==== UWAGA MSCONFIG\startupfolder: C:^Users^Magda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1452098251-4272596591-3790038640-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-1452098251-4272596591-3790038640-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] U0 aswVmm; Brak ImagePath S3 catchme; \??\C:\Users\Magda\AppData\Local\Temp\catchme.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S2 sbapifs; system32\DRIVERS\sbapifs.sys [X] 2018-02-25 09:41 - 2018-02-25 09:41 - 014085848 _____ (AVAST Software) C:\Windows\system32\instup_ais-916.vpx 2018-02-25 09:41 - 2018-02-25 09:41 - 002961008 _____ (AVAST Software) C:\Windows\system32\avbugreport_ais-916.vpx 2018-02-25 09:41 - 2018-02-25 09:41 - 002577624 _____ (AVAST Software) C:\Windows\system32\offertool_ais-916.vpx 2018-02-25 09:41 - 2018-02-25 09:41 - 001371808 _____ (AVAST Software) C:\Windows\system32\instcont_ais-916.vpx 2018-02-25 09:41 - 2018-02-25 09:41 - 001022720 _____ (AVAST Software) C:\Windows\system32\avdump_x64_ais-916.vpx 2018-02-25 09:41 - 2018-02-25 09:41 - 000810760 _____ (AVAST Software) C:\Windows\system32\avdump_x86_ais-916.vpx C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODDK\Zasady rachunkowości\Odinstaluj Zasady rachunkowości.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODDK\Zasady rachunkowości\Zasady rachunkowości.lnk C:\Users\Magda\Desktop\Programy\avast! Free Antivirus.lnk C:\Users\Magda\Desktop\Programy\Malwarebytes Anti-Malware.lnk C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader\YTDownloader.lnk C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk C:\Users\Magda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk CHR Extension: (BlockAndSurf) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfmakfhdhekifljomcfgaemdogknmhal [2014-11-01] EmptyTemp: Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}