CloseProcesses: CreateRestorePoint: EmptyTemp: HKU\S-1-5-21-3791986242-2221896048-3452593811-1001\...\Run: [Komputer] => explorer.exe hxxp://exinariuminix.info <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Task: {038D293D-056B-4560-A73A-E652CDD96E2C} - System32\Tasks\{D34B66F4-3745-4541-BE48-BB65BD3EE192} => C:\Windows\system32\pcalua.exe -a M:\AutoRun.exe -d M:\ Task: {09FC6CA3-682F-42CF-AE0A-ED7D10476FE9} - System32\Tasks\Komputer => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Komputer /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== UWAGA Task: {57D8162C-9717-4AF9-8C66-A1BDF2AF182C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {685EED01-4659-4E82-AB1D-94D35B74AC70} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {E4D9CC28-C7F6-426D-9E19-983EF092126C} - System32\Tasks\Opera scheduled Autoupdate 1544292372 => C:\Users\Komputer\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-27] (Opera Software AS -> Opera Software) Tcpip\..\Interfaces\{419b1831-65f2-4b21-a56a-0b9ee01af0f4}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{70ec1b84-660f-4bde-9cef-7f79b6abd4b4}: [DhcpNameServer] 192.168.43.1 Edge HomeButtonPage: HKU\S-1-5-21-3791986242-2221896048-3452593811-1001 -> hxxp://www.web-pl.com/ Edge HomePage: Default -> hxxp://www.web-pl.com/ Edge StartupUrls: Default -> "hxxp://www.web-pl.com/" Edge DefaultSearchURL: Default -> hxxp://www.web-pl.com/search?q={searchTerms} Edge DefaultSearchKeyword: Default -> web-pl.com FF NewTab: Mozilla\Firefox\Profiles\6v30q8kr.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT170603&iDate=2020-04-13 04:17:21&bName=&bitmask=0600 FF NewTab: Mozilla\Firefox\Profiles\8thms93d.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT170603&iDate=2020-04-13 04:17:21&bName=&bitmask=0600 CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610" CHR NewTab: Default -> "active": true, "entry": "chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html" CHR DefaultSearchKeyword: Default -> McAfee S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] 2020-10-09 08:41 - 2020-10-09 08:41 - 000003634 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1544292372 2017-08-31 20:48 - 2019-07-21 17:31 - 000000553 ____C () C:\Users\Komputer\AppData\Roaming\Tribler.exe.log 2017-08-31 20:48 - 2019-07-21 17:31 - 000000553 ____C () C:\Users\Komputer\AppData\Roaming\Tribler.exe.old.log 2020-04-11 15:55 - 2020-04-11 15:55 - 000000017 _____ () C:\Users\Komputer\AppData\Local\resmon.resmoncfg 2017-10-28 15:31 - 2017-10-28 15:31 - 000000003 ____C () C:\Users\Komputer\AppData\Local\updater.log 2017-10-28 15:31 - 2017-10-28 15:31 - 000000425 ____C () C:\Users\Komputer\AppData\Local\UserProducts.xml ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku SearchScopes: HKU\S-1-5-21-3791986242-2221896048-3452593811-1001 -> DefaultScope {B37517F9-FA6D-4D8F-998F-69F015CB3B16} URL = hxxp://www.web-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3791986242-2221896048-3452593811-1001 -> {B37517F9-FA6D-4D8F-998F-69F015CB3B16} URL = hxxp://www.web-pl.com/search?q={searchTerms} IE trusted site: HKU\S-1-5-21-3791986242-2221896048-3452593811-1001\...\localhost -> localhost FirewallRules: [UDP Query User{F3362234-3244-41E4-8ABC-0340E36ECC17}D:\instalki\doom\doomx64.exe] => (Allow) D:\instalki\doom\doomx64.exe => Brak pliku FirewallRules: [TCP Query User{1517D5C6-B520-47A7-A745-A699B4D69740}D:\instalki\doom\doomx64.exe] => (Allow) D:\instalki\doom\doomx64.exe => Brak pliku RemoveProxy: Hosts: