CloseProcesses: CreateRestorePoint: EmptyTemp: VirusTotal: C:\Program Files (x86)\Windows Updater\Win_Updater.exe HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {1dfcf80b-7e2c-11ea-a3a5-54271e251c25} - H:\Lenovo_Suite.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Updater.lnk [2014-12-20] ShortcutTarget: Windows Updater.lnk -> C:\Program Files (x86)\Windows Updater\Win_Updater.exe (Microsoft Corporation) [File not signed] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {0510C028-F05B-4820-950E-8300434037B1} - System32\Tasks\{FF071DC6-D034-4177-ACA1-113CC46BA027} => C:\Windows\system32\pcalua.exe -a D:\OFFICE\SETUP.EXE -d D:\OFFICE Task: {28C0B7A0-8742-4A0E-B819-5A59710F2DC2} - System32\Tasks\{E8A2A072-A991-47FA-9E86-46647E0ADAAB} => C:\Windows\system32\pcalua.exe -a C:\Users\Rafal\Downloads\setup.exe -d C:\Users\Rafal\Downloads Tcpip\..\Interfaces\{0BB45136-EB35-4031-AC8F-38BC4BEEC8AA}: [NameServer] 193.41.112.14 193.41.112.18 Tcpip\..\Interfaces\{0BC8CA51-D28F-4757-A5DC-3220937AB807}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{0D6C964A-665F-4E01-ADF9-6B5BBCEA6784}: [DhcpNameServer] 192.168.55.1 Tcpip\..\Interfaces\{2AE1FEB4-C346-4D53-BD75-70B3D8C16E6F}: [NameServer] 193.41.112.14 193.41.112.18 Tcpip\..\Interfaces\{4DFCEAF1-D653-48F0-91FF-39FD8AD4D5E5}: [NameServer] 193.41.112.14 193.41.112.18 Tcpip\..\Interfaces\{62DD25DE-078E-4E77-B168-B0018272E603}: [DhcpNameServer] 192.168.1.1 192.168.1.1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423 HKU\S-1-5-21-1193567628-3741132159-961158197-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423 FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FirewallRules: [TCP Query User{AE883555-C749-49D0-B0A0-A567C50FCE92}C:\program files\call of duty-do fw\codmp.exe] => (Allow) C:\program files\call of duty-do fw\codmp.exe => No File FirewallRules: [UDP Query User{C0F75A19-2F6C-48DC-B9E4-EC3B5EC5D0C0}C:\program files\call of duty-do fw\codmp.exe] => (Allow) C:\program files\call of duty-do fw\codmp.exe => No File FirewallRules: [TCP Query User{7D431FC6-E66A-49A8-B373-CA83D226031E}C:\program files\call of duty-do fw\call of duty-do fw1\codmp.exe] => (Allow) C:\program files\call of duty-do fw\call of duty-do fw1\codmp.exe => No File FirewallRules: [UDP Query User{DC7429BE-236C-4F48-AEC5-CAAB96641C19}C:\program files\call of duty-do fw\call of duty-do fw1\codmp.exe] => (Allow) C:\program files\call of duty-do fw\call of duty-do fw1\codmp.exe => No File FirewallRules: [TCP Query User{755BDFD3-A019-4BE6-A0D6-F491FC71A075}E:\call of duty\cod do fw\codmp.exe] => (Allow) E:\call of duty\cod do fw\codmp.exe => No File FirewallRules: [UDP Query User{F2EDAF23-6EFF-4310-A7FD-A93E445F802D}E:\call of duty\cod do fw\codmp.exe] => (Allow) E:\call of duty\cod do fw\codmp.exe => No File FirewallRules: [TCP Query User{8F1F5930-6886-4FBD-8730-C0F81D6D01B5}C:\users\rafal\desktop\call of duty-do fw\codmp.exe] => (Block) C:\users\rafal\desktop\call of duty-do fw\codmp.exe => No File FirewallRules: [UDP Query User{D3FCBE68-D06E-479A-8290-DC8304F2D19E}C:\users\rafal\desktop\call of duty-do fw\codmp.exe] => (Block) C:\users\rafal\desktop\call of duty-do fw\codmp.exe => No File FirewallRules: [TCP Query User{1586D538-5309-45B3-B4BF-2D82AFFFD7FF}C:0\toshiba\cod 1 + nowe cfg sound\call of duty-do fw\codmp.exe] => (Allow) C:0\toshiba\cod 1 + nowe cfg sound\call of duty-do fw\codmp.exe => No File FirewallRules: [UDP Query User{C9A0404A-B401-4590-9391-D5DD8F892126}C:0\toshiba\cod 1 + nowe cfg sound\call of duty-do fw\codmp.exe] => (Allow) C:0\toshiba\cod 1 + nowe cfg sound\call of duty-do fw\codmp.exe => No File FirewallRules: [TCP Query User{64E6EEDF-2B2A-4B11-9EB0-46E9333EFA59}C:\users\rafal\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\rafal\desktop\call of duty 4 - modern warfare\iw3mp.exe => No File FirewallRules: [UDP Query User{ABF03BAE-571A-439F-B48F-D560D7344754}C:\users\rafal\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\rafal\desktop\call of duty 4 - modern warfare\iw3mp.exe => No File FirewallRules: [TCP Query User{A48ECF80-5C64-4812-9BA4-20F30605CEA5}C:\program files\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe] => (Allow) C:\program files\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe => No File FirewallRules: [UDP Query User{FB5461F2-76F3-4A45-B2F0-4F904438123B}C:\program files\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe] => (Allow) C:\program files\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe => No File FirewallRules: [TCP Query User{69D6AFA7-DCCF-4F90-9AF1-E0943DFE2AC3}C:\program files\najnowsze cfg - cod 1\fifa 14\fifa 14\game\fifa14.exe] => (Allow) C:\program files\najnowsze cfg - cod 1\fifa 14\fifa 14\game\fifa14.exe => No File FirewallRules: [UDP Query User{2EB4FBBC-FB64-46E3-8E1D-340B48E6C3BC}C:\program files\najnowsze cfg - cod 1\fifa 14\fifa 14\game\fifa14.exe] => (Allow) C:\program files\najnowsze cfg - cod 1\fifa 14\fifa 14\game\fifa14.exe => No File FirewallRules: [{90929F8C-1100-4EF6-9B79-C2B1A382B36B}] => (Allow) C:\Program Files (x86)\cdp.pl\Farming Simulator 2013\FarmingSimulator2013.exe => No File FirewallRules: [{99DE522A-DDE0-47F5-9CBA-4CEE917ABA71}] => (Allow) C:\Program Files (x86)\cdp.pl\Farming Simulator 2013\FarmingSimulator2013Game.exe => No File FirewallRules: [TCP Query User{BB1600E6-1A5F-445F-9B95-820A85549930}F:\call of duty 1.5\codmp.exe] => (Allow) F:\call of duty 1.5\codmp.exe => No File FirewallRules: [UDP Query User{A82DBA71-17D8-461B-8C00-DCA2030463C5}F:\call of duty 1.5\codmp.exe] => (Allow) F:\call of duty 1.5\codmp.exe => No File FirewallRules: [TCP Query User{EA2D4B7D-7F26-480A-AF3A-7ABF3EA92C41}E:\call of duty 1.5\codmp.exe] => (Allow) E:\call of duty 1.5\codmp.exe => No File FirewallRules: [UDP Query User{BC4FC9D6-91C8-4E41-9C04-35F5F97D6C7A}E:\call of duty 1.5\codmp.exe] => (Allow) E:\call of duty 1.5\codmp.exe => No File FirewallRules: [TCP Query User{E81F8C33-5892-46C5-8064-8ECDEAB9748B}F:\toshiba\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\toshiba\call of duty 4 - modern warfare\iw3mp.exe => No File FirewallRules: [UDP Query User{84303BB8-048C-45D0-8027-DFD9D7A8AF9D}F:\toshiba\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\toshiba\call of duty 4 - modern warfare\iw3mp.exe => No File FirewallRules: [{57F2777A-4302-4D72-8FCE-0D3CFD9D040D}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe => No File FirewallRules: [{D03ED8DF-81B2-4E3E-AF36-BEDB8EA4E6F1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe => No File FirewallRules: [TCP Query User{B127C278-6A49-448E-B25B-D1BFC6CAAFE3}E:\ares\ares.exe] => (Allow) E:\ares\ares.exe => No File FirewallRules: [UDP Query User{4F818A0E-16FF-4663-9791-F03B59A17232}E:\ares\ares.exe] => (Allow) E:\ares\ares.exe => No File FirewallRules: [TCP Query User{DFD0DA2D-EBB0-4C21-82DD-30F1AA5A30A4}E:\call of duty - ang\codmp.exe] => (Allow) E:\call of duty - ang\codmp.exe => No File FirewallRules: [UDP Query User{A5B2D7CC-6CF7-4493-9FBC-4D7F65E7E40F}E:\call of duty - ang\codmp.exe] => (Allow) E:\call of duty - ang\codmp.exe => No File FirewallRules: [TCP Query User{CFA3D691-4F27-4B68-8934-B0F6B9FD8AE0}E:\cod 1.5\call of duty - 1.5\codmp.exe] => (Allow) E:\cod 1.5\call of duty - 1.5\codmp.exe => No File FirewallRules: [UDP Query User{D29B32C6-149C-4366-8F03-9F4160084B19}E:\cod 1.5\call of duty - 1.5\codmp.exe] => (Allow) E:\cod 1.5\call of duty - 1.5\codmp.exe => No File FirewallRules: [TCP Query User{ECE7D9C7-1318-4EE1-925D-A70623F00803}E:\cod do jumpowania\call of duty - jump\codmp.exe] => (Allow) E:\cod do jumpowania\call of duty - jump\codmp.exe => No File FirewallRules: [UDP Query User{5660E848-D4B4-4120-A414-32D534B02AAF}E:\cod do jumpowania\call of duty - jump\codmp.exe] => (Allow) E:\cod do jumpowania\call of duty - jump\codmp.exe => No File FirewallRules: [TCP Query User{19769B7E-9112-4BC5-BF51-E99227C7A6C1}E:\call of duty-do jumpowania\codmp.exe] => (Allow) E:\call of duty-do jumpowania\codmp.exe => No File FirewallRules: [UDP Query User{6AEE37AF-FE1F-4ED6-8ED0-274EAC1FA698}E:\call of duty-do jumpowania\codmp.exe] => (Allow) E:\call of duty-do jumpowania\codmp.exe => No File FirewallRules: [{F878E596-E3F8-46AD-BA8C-3B21E8B8CD5A}] => (Allow) E:\Driver San Francisco\Driver.exe => No File FirewallRules: [{A5881B8F-7476-424E-8133-76BA687DA763}] => (Allow) E:\Driver San Francisco\Driver.exe => No File FirewallRules: [TCP Query User{22CDE80D-18C2-4E13-B384-3996DC644379}G:\toshiba\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe] => (Allow) G:\toshiba\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe => No File FirewallRules: [UDP Query User{C61F0A67-C5DF-45B3-AA78-6471A7D03B9D}G:\toshiba\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe] => (Allow) G:\toshiba\najnowsze cfg - cod 1\call of duty-do fw\codmp.exe => No File FirewallRules: [TCP Query User{C6C16DE7-AB65-4AF7-BA58-A8ADFB93B134}G:\ares\ares.exe] => (Allow) G:\ares\ares.exe => No File FirewallRules: [UDP Query User{CEB4B743-3893-4AEF-9B11-ED8957D86DD3}G:\ares\ares.exe] => (Allow) G:\ares\ares.exe => No File FirewallRules: [TCP Query User{9B9BBFD6-15E0-4773-928D-4B71FD3DE2AD}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe => No File FirewallRules: [UDP Query User{00A1964E-EC29-4F7F-ACE2-BC563415A79D}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe => No File FirewallRules: [{B3631509-16EC-4030-A257-9F6514512F2C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe => No File FirewallRules: [{01F10BA9-51CC-4E08-BFCE-BD54398DE1DB}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe => No File FirewallRules: [{D8EF66B3-668E-43F7-9B4E-43B1272EFCA2}] => (Allow) E:\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{99E78B62-F75C-4612-AC6F-220C449B0829}] => (Allow) E:\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{9E36975D-67F8-4EA4-A58C-7130B0019330}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File FirewallRules: [{E398A6BC-49E3-4B22-8D0C-64A94432131B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File FirewallRules: [{7FBBC473-E6AE-4687-845F-F23D44EEDB7E}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{476E0645-F7E9-4E8B-AA33-6E0EC6177974}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{DE39FA70-3155-43ED-8C76-FE02AF6482CB}] => (Allow) E:\davinci\Resolve.exe => No File FirewallRules: [{7C6FCB3F-B7B7-4F7D-879E-6704D511A699}] => (Allow) E:\davinci\bmdpaneld.exe => No File FirewallRules: [{0C7CCD2B-9ACE-4A43-99B2-8A9720F77484}] => (Allow) E:\davinci\DaVinciPanelDaemon.exe => No File FirewallRules: [{1185A709-BD8F-4AB7-90E7-BD6C192599C3}] => (Allow) E:\davinci\JLCooperPanelDaemon.exe => No File FirewallRules: [{17F06F17-AFDA-4E59-88C4-B409A6ABC521}] => (Allow) E:\davinci\EuphonixPanelDaemon.exe => No File FirewallRules: [{302ABC3F-3E1C-4FF5-A304-A29C58491269}] => (Allow) E:\davinci\TangentPanelDaemon.exe => No File FirewallRules: [{D3C6E330-6BEE-4596-8D7B-34BAC3A272BB}] => (Allow) E:\davinci\ElementsPanelDaemon.exe => No File FirewallRules: [{F21C2DBA-F723-4027-9D2E-18BA7C0049AB}] => (Allow) E:\davinci\OxygenPanelDaemon.exe => No File FirewallRules: [{811428F1-7B14-4208-9312-81E452D5763C}] => (Allow) E:\davinci\DPDecoder.exe => No File FirewallRules: [{8DDA36E0-D7C5-4063-9DE5-106A14C4D608}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File