CreateRestorePoint: CloseProcesses: EmptyTemp: HKU\S-1-5-21-1662803595-2493366942-667640475-1000\...\MountPoints2: {368fa269-9372-11e6-92b4-50e549e6572c} - I:\startme.exe HKU\S-1-5-21-1662803595-2493366942-667640475-1000\...\MountPoints2: {e2e6e931-3be1-11e2-99e0-50e549e6572c} - F:\setup.exe HKU\S-1-5-21-1662803595-2493366942-667640475-1000\...\MountPoints2: {f6565c2d-c6d0-11ea-87ce-50e549e6572c} - I:\startme.exe HKU\S-1-5-21-1662803595-2493366942-667640475-1000\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-1662803595-2493366942-667640475-1000\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\admin\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\admin\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA Task: {22FC41FE-AD93-4145-B3B6-EF65EBF39DB3} - System32\Tasks\{1928F799-3905-4754-8AA2-CC0C9FC03116} => C:\Windows\system32\pcalua.exe -a C:\Users\admin\Downloads\0004-32bit_Win7_Win8_Win81_Win10_R277.exe -d C:\Users\admin\Downloads Tcpip\..\Interfaces\{DB63B216-E745-458B-AF5E-0955B88409FC}: [DhcpNameServer] 192.168.1.1 192.168.1.1 HKU\S-1-5-21-1662803595-2493366942-667640475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/ U3 aswbdisk; Brak ImagePath ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers4: [WinZip] -> [CC]{E0D79304-84BE-11CE-9641-444553540000} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [WinZip] -> [CC]{E0D79304-84BE-11CE-9641-444553540000} => -> Brak pliku AlternateDataStreams: C:\Users\admin:Heroes & Generals [38] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0] RemoveProxy: