CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-32606088-684590749-3801096948-1000\...\MountPoints2: {cbfd2dc9-78ad-11e4-bb0f-806e6f6e6963} - E:\Run.exe
SearchScopes: HKU\S-1-5-21-32606088-684590749-3801096948-1000 -> {02119149-E28D-4E5E-86FB-7BB27EC73CC9} URL = hxxps://www.google.com/search?q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\uhrc2oyj.default -> hxxps://search.avast.com/AV772/
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160706.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160706.008\EX64.SYS [X]
2018-02-05 20:01 - 2018-02-05 20:01 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-04 21:52 - 2018-02-05 20:25 - 000000000 ____D C:\AdwCleaner
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
Task: {BCAB1277-10D0-4899-863C-BFCB3386A318} - System32\Tasks\{34501752-3AE6-4A9F-ABC4-A793751A7CF4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FullTilt.EU\FullTiltUninstall.exe" -c /u:Full Tilt.eu
AlternateDataStreams: C:\ProgramData:dvci [36]
AlternateDataStreams: C:\Users\All Users:dvci [36]
AlternateDataStreams: C:\ProgramData\Application Data:dvci [36]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:dvci [36]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Malibu Club Casino.lnk -> C:\Program Files (x86)\RoyalApollo\RoyalApollo.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Pantasia.lnk -> C:\Program Files (x86)\Pantasia\Pantasia.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vegas Regal Casino\License.lnk -> C:\Program Files (x86)\VegasRegalCasino\locale\license.txt (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vegas Regal Casino\Uninstall.lnk -> C:\Program Files (x86)\VegasRegalCasino\uninst.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vegas Regal Casino\Website.lnk -> C:\Program Files (x86)\VegasRegalCasino\Vegas Regal Casino.url (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pantasia\Pantasia.lnk -> C:\Program Files (x86)\Pantasia\Pantasia.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pantasia\Uninstall.lnk -> C:\Program Files (x86)\Pantasia\uninst.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCasino\EULA – Umowa licencyjna użytkownika końcowego.lnk -> C:\Microgaming\Casino\MyCasino\theme\mycasino\local\pl\clientconfig\eula.txt (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malibu Club Casino\Malibu Club Casino.lnk -> C:\Program Files (x86)\RoyalApollo\RoyalApollo.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malibu Club Casino\Uninstall.lnk -> C:\Program Files (x86)\RoyalApollo\uninst.exe (Brak pliku)
Shortcut: C:\Users\Pimpusie 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\partypoker\partypoker.lnk -> C:\Programs\PartyGaming\PartyGaming.exe (Brak pliku)
Shortcut: C:\Users\Pimpusie 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\partypoker\Uninstall partypoker.lnk -> C:\programs\partygaming\PartyPoker\Uninstall\Setup.exe (Brak pliku)
Shortcut: C:\Users\Pimpusie 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\partypoker.lnk -> C:\Programs\PartyGaming\PartyGaming.exe (Brak pliku)
Shortcut: C:\Users\Pimpusie 3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malibu Club Casino.lnk -> C:\Program Files (x86)\RoyalApollo\RoyalApollo.exe (Brak pliku)
Shortcut: C:\Users\Pimpusie 3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pantasia.lnk -> C:\Program Files (x86)\Pantasia\Pantasia.exe (Brak pliku)
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}