CreateRestorePoint: CloseProcesses: EmptyTemp: HKU\S-1-5-21-2656019591-1657363-1624219959-1001\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-2656019591-1657363-1624219959-1001\...\MountPoints2: {08380dae-6e9b-11ea-9fdd-7c67a2be0054} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2656019591-1657363-1624219959-1001\...\MountPoints2: {46f5c31f-d280-11ea-a010-7c67a2be0054} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2656019591-1657363-1624219959-1001\...\MountPoints2: {76d0084f-02f5-11e9-9f10-509a4cb623a2} - "D:\Setup.exe" HKU\S-1-5-21-2656019591-1657363-1624219959-1001\...\MountPoints2: {f40f6ee8-e73f-11e9-9f98-509a4cb623a2} - "D:\HiSuiteDownLoader.exe" Task: {C269EB2A-747B-4768-9E14-3119BC519B98} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies) Task: {EDCA137C-5344-4649-8260-9EDE4FBD1CEA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\PTAutoUpdate.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe Task: C:\WINDOWS\Tasks\PTSchedule.job => C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe Tcpip\..\Interfaces\{19ad5b58-3232-4177-a79a-663e810fbe34}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{950d0c62-90a2-4bc2-ad51-db84c93588ab}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{e16f3490-41f0-4951-9530-91a50b204819}: [NameServer] 8.8.8.8,8.8.4.4 HKU\S-1-5-21-2656019591-1657363-1624219959-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E210PL91105G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee U4 ekrn; Brak ImagePath 2020-09-03 16:05 - 2019-09-07 19:25 - 000004244 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1537799184 RelevantKnowledge (HKLM-x32\...\{d08d9f98-1c78-4704-87e6-368b0023d831}) (Version: 1.3.338.320 - TMRG, Inc.) <==== UWAGA ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku 2020-09-03 16:52 - 2020-09-03 16:52 - 000064512 ____N () [Brak podpisu cyfrowego] C:\Users\User\AppData\Local\Temp\cr_sdk_temp_15832321.tmp AlternateDataStreams: C:\ProgramData\TEMP:0D786AE3 [148] FirewallRules: [{9FF830F2-9158-4A80-890C-7FF563B3A25C}] => (Block) %SystemRoot%\Installer\{C5262276-0075-498B-B80F-7D997482E4DB}\NewShortcut1.exe => Brak pliku FirewallRules: [{65C6BC5A-76B7-476D-8E82-0E00C26ECA98}] => (Block) %SystemRoot%\Installer\{C5262276-0075-498B-B80F-7D997482E4DB}\NewShortcut1.exe => Brak pliku StartBatch: cd C:\WINDOWS\system32\config\systemprofile\AppData\Local mkdir TileDataLayer cd TileDataLayer mkdir Database EndBatch: