CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3020137172-1804870369-863837663-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1784664 2023-02-25] (Overwolf Ltd -> Overwolf Ltd.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKU\S-1-5-21-3020137172-1804870369-863837663-1001\...\Run: [MicrosoftEdgeAutoLaunch_C912C9CDE0175182D1A3053112C390AF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3020137172-1804870369-863837663-1001\...\Run: [ProductAuthenticationService] => C:\Users\Monika\AppData\Roaming\ProductAuthenticationService\pas.exe [1003024 2023-01-28] (DVJ LIMITED -> DVJ LIMITED) <==== UWAGA HKU\S-1-5-21-3020137172-1804870369-863837663-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {023D35DE-58A5-4D45-AF69-89E69565DA46} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2645880 2023-02-25] (Overwolf Ltd -> Overwolf LTD) Task: {5AD7AA5F-C41A-4BD0-863A-B5BEDE7AAD9B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3020137172-1804870369-863837663-500 => C:\Users\Monika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {70EA9B95-89FC-4F63-8213-DF622E3F0523} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {7E729723-FBFA-40F5-AAEC-5EC871401239} - System32\Tasks\Opera scheduled assistant Autoupdate 1607496987 => C:\Users\Monika\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Monika\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {D7C33D81-E21A-47BD-94E8-7351FC63E6B8} - System32\Tasks\Opera scheduled Autoupdate 1607496929 => C:\Users\Monika\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) Task: {E184069D-6C07-48AC-96BA-9DB7C8AE0A42} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform) Task: {E94E6FF7-7DBF-4036-9337-B7D50BA37057} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1ff238c7-636b-4aee-a0c1-71874cc71584" --version "6.09.10300" --silent Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: {F62B3995-9DBC-446B-BCF1-1C8E966E75F6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Brak pliku) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{60e3ace2-4bf6-4ede-9129-49c9b2b6574e}: [DhcpNameServer] 192.168.1.1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3020137172-1804870369-863837663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank C:\Users\Monika\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKU\S-1-5-21-3020137172-1804870369-863837663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] C:\Users\Monika\AppData\Roaming\ProductAuthenticationService\pas.exe S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X] S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X] S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X] AV: Kaspersky Free (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} AV: Emsisoft Anti-Malware (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B} Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden AlternateDataStreams: C:\desktop.ini:CachedTiles [8702] AlternateDataStreams: C:\ProgramData:err [1682] AlternateDataStreams: C:\Users\All Users:err [1682] AlternateDataStreams: C:\ProgramData\Dane aplikacji:err [1682] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2680] FirewallRules: [UDP Query User{44DED444-0CCD-4355-8429-8BD70A029D61}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => Brak pliku FirewallRules: [TCP Query User{A4D6C6FC-3306-4680-82F9-FE2DBF419409}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => Brak pliku FirewallRules: [{E5AB3B57-AF39-4382-B60A-30DDDD428CF1}] => (Allow) C:\Games\Grand Theft Auto V\GTA5.exe => Brak pliku FirewallRules: [{1F07F63C-47FF-43F5-9712-01B49FB7705F}] => (Allow) C:\Games\Grand Theft Auto V\GTA5.exe => Brak pliku FirewallRules: [{F647C9DA-FE65-4B2E-8C31-2C2D349B6C61}] => (Allow) C:\Program Files (x86)\Overwolf\0.218.0.8\OverwolfBrowser.exe => Brak pliku FirewallRules: [{5B019947-D7AF-4A8B-A0FA-9CC2F26FDB2D}] => (Allow) C:\Program Files (x86)\Overwolf\0.218.0.8\OverwolfBrowser.exe => Brak pliku FirewallRules: [{2E1D3332-6338-4A91-9267-20A3A500463F}] => (Block) C:\Program Files (x86)\Overwolf\0.218.0.8\OverwolfBrowser.exe => Brak pliku FirewallRules: [{14F40A52-88D8-461A-A59E-05AAA7C2AFA5}] => (Block) C:\Program Files (x86)\Overwolf\0.218.0.8\OverwolfBrowser.exe => Brak pliku CMD: sfc /scannow EmptyEventLogs: EmptyTemp: