CreateRestorePoint: CloseProcesses: EmptyTemp: File: C:\Windows\system32\wintab32.dll HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Run: [AdobeBridge] => [X] IFEO\taskmgr.exe: [Debugger] Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA Task: {19F5D4F6-00BA-44A4-9758-54B40835CB03} - System32\Tasks\Mrsycikesh Agent => C:\Program Files (x86)\Kdaghgujuent\bnent.exe [779712 2016-12-11] (Glarysoft LTD -> Glarysoft Ltd) Task: {20E410C7-9A9B-423C-9805-717B37F782CB} - System32\Tasks\{DF10CBC6-AC0F-43C1-95C4-0CC3585A4F2E} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\DRIVER\7\INTEL3~1\IDRIVER.EXE -d C:\Windows\SysWOW64 -c /reboot{07A540AB-D785-11D5-8E89-0090275862A0} /z Task: {60FDCB38-0139-4E80-8A97-716671ECDDE9} - System32\Tasks\{8C34442B-70C3-49F8-B920-753547265428} => C:\Windows\system32\pcalua.exe -a C:\PaintToolSAI\uninst.exe -d C:\PaintToolSAI Task: {6338096B-7333-47AE-8D1E-BE8AFA05CC93} - Brak ścieżki do pliku Task: {A20436DB-2CC0-411B-8501-049136F2EDC2} - Brak ścieżki do pliku Task: {B04E4E2E-589F-4E3D-8D95-4DDF21A4500E} - Brak ścieżki do pliku Task: {B191E081-3F7C-4EE6-986D-AD74AB6B946E} - Brak ścieżki do pliku Task: {B77DE1B8-5F27-4D76-8C03-9D9EC43C625D} - Brak ścieżki do pliku Tcpip\..\Interfaces\{35242337-E577-453E-AEC9-677CF8AEEE5D}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8C20FF42-A164-4F08-ABF3-586EF5B9DE68}: [DhcpNameServer] 192.168.2.1 S3 ekrnEpfw; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X] S1 chhvdfnv; \??\C:\Windows\system32\drivers\chhvdfnv.sys [X] S3 moufiltr; \SystemRoot\System32\drivers\moufiltr.sys [X] U2 snare; Brak ImagePath S3 vhidmini; \SystemRoot\System32\drivers\walvhid.sys [X] S1 xuffnqgq; \??\C:\Windows\system32\drivers\xuffnqgq.sys [X] NETSVCx32: HpSvc -> Brak ścieżki do pliku. NETSVCx32: GmSvc -> Brak ścieżki do pliku. NETSVCx32: WpSvc -> Brak ścieżki do pliku. 2021-01-17 23:03 - 2021-01-18 08:38 - 000000266 __RSH C:\ProgramData\ntuser.pol 2021-01-17 22:59 - 2016-12-17 11:15 - 000000000 ____D C:\Program Files\MBZN0EIRWP 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\X41L0UOL5Q 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\AT708TUM4M 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\8TE9G2OBLT 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\2AMZ3DQLV9 2021-01-17 22:59 - 2016-12-16 18:04 - 000000000 ____D C:\Program Files\0PQNGZSRRE 2021-01-17 22:59 - 2016-12-14 14:56 - 000000000 ____D C:\Program Files\BT5JZKUJYJ 2021-01-17 22:59 - 2016-12-14 14:56 - 000000000 ____D C:\Program Files\1CF2124EJB 2021-01-17 22:59 - 2016-12-12 20:06 - 000000000 ____D C:\Program Files\BL8OA46C2L 2021-01-17 22:59 - 2016-12-11 15:20 - 000000000 ____D C:\Program Files\0QE47M5KJK 2021-01-17 22:59 - 2016-12-11 13:30 - 000000000 ____D C:\Program Files\XBJHR73LSY 2021-01-17 22:58 - 2016-12-11 11:54 - 000000000 ____D C:\Program Files (x86)\Shubocult 2017-05-11 14:35 - 2017-05-11 14:35 - 000000000 _____ () C:\Users\Byaku\AppData\Local\{FAD5A184-C57E-478A-8159-3C7E25BC5F96} ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Brak pliku WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== UWAGA WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== UWAGA C:\Users\Byaku\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Kinga - Chrome.lnk CHR Profile: C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-01] <==== UWAGA AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [80850] AlternateDataStreams: C:\Windows\system32\drivers:x64 [360536] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1156450] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131523573115457195&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131523573115462959&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130928323672552439&GUID=2DA3CB6D-37F6-41D4-B344-003B8B5AF930 HKU\S-1-5-21-2709180964-3026329352-173763364-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku HKLM\...\StartupApproved\Run: => "WINCOM1AG" HKLM\...\StartupApproved\Run: => "WINCOM4EX" HKLM\...\StartupApproved\Run: => "WINCOM13V" HKLM\...\StartupApproved\Run: => "WINCOM28I" HKLM\...\StartupApproved\Run: => "WINCOM401" HKLM\...\StartupApproved\Run: => "WINCOMD0Q" HKLM\...\StartupApproved\Run: => "WINCOMDT2" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "Yahoo! Search" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "AH27DYG16T" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "PR7D21D2K0" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "2J6NU8VHC9" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "4THO1IK97G" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "F2SW9L1IOJ" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "OUIM9AU93L" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "PMM5FLRZ2E" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "R88HLBII65" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "IUYLLRM62N" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "I8GVKW93VJ" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "WF7NG36TRK" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "8YQI2IY2OK" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "20E6XMF978" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "5JB9R989OC" HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\StartupApproved\Run: => "W1TOWRVF70" FirewallRules: [TCP Query User{EE82B542-3AD5-4904-8A1C-9712A0470373}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [UDP Query User{F93CBF06-E12C-4B7D-A26E-9342750927C0}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [{B5C9ED09-6F56-49AB-9403-9823C9A0F757}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => Brak pliku FirewallRules: [{531FE1C0-8A78-4B71-BAE0-E0D76829A34F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => Brak pliku FirewallRules: [TCP Query User{44DD954A-0B4D-469A-9C47-981B66C968C9}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe => Brak pliku FirewallRules: [UDP Query User{10C1F563-45AB-423E-9C16-7FBB93880820}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe => Brak pliku FirewallRules: [TCP Query User{C01C9C43-9EE7-4F8B-BEE2-70491A498DC7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [UDP Query User{91E89B34-D418-4B37-B6BD-323C088ED4EA}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe => Brak pliku FirewallRules: [{426B5AB9-2E3E-4B2F-BD77-F95A9D142D6C}] => (Allow) C:\Users\Byaku\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [{ED374271-D7DA-4BEB-8A0B-797E6EE0C58A}] => (Allow) C:\Users\Byaku\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku FirewallRules: [{6668F4C7-C04D-4DAC-8C28-E69E0112B4F7}] => (Allow) C:\Users\Byaku\AppData\Roaming\360bizhi\Update\Link.exe => Brak pliku FirewallRules: [{6E5B88CF-37E8-4A37-9A4D-D72D03B69223}] => (Allow) C:\Users\Byaku\AppData\Roaming\360bizhi\Update\Link.exe => Brak pliku RemoveProxy: Hosts: