CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKU\S-1-5-21-1021472211-3131425956-1835072169-1001\...\MountPoints2: {64981654-3e76-11ec-b16d-3085a93de9b3} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1021472211-3131425956-1835072169-1001\...\MountPoints2: {7972ec4d-0608-11e7-bf30-3085a93de9b3} - "F:\setup.exe" 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
Task: {08A8C2F3-65CB-4072-A336-D152662EFE84} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (Brak pliku)
Task: {51B776BC-977E-4D84-BE16-38B95F0846CC} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (Brak pliku)
Task: {691F452F-CFB7-4B13-9F50-9125D1297127} - System32\Tasks\Opera scheduled Autoupdate 1646142067 => C:\Users\Bartosz\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku)
Tcpip\..\Interfaces\{7c278129-509c-4bd4-b19b-0aa3e5d7ccf8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d4c5f0ca-5b2e-46c2-81a8-07d82faba501}: [DhcpNameServer] 192.168.0.1 192.168.0.1
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1021472211-3131425956-1835072169-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\Bartosz\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => Brak pliku
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Brak pliku
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Brak pliku
AlternateDataStreams: C:\Users\Bartosz\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Bartosz\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [{3351669E-037C-41A7-B425-599A3885FA44}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{0D149253-A968-4645-A298-9A35E056799F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{FE99A5A6-D1F9-4224-868D-8C31E45549CB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{EF6B331E-9BDD-4730-8C87-2342E70A7716}] => (Allow) C:\Users\Bartosz\AppData\Local\Programs\Opera\84.0.4316.21\opera.exe => Brak pliku
FF NewTab: Mozilla\Firefox\Profiles\wacqrsu3.default-1615227724883 -> hxxps://poshukach.com?fr=ps&gp=496722&altserp=1
File: C:\Users\Bartosz\dnMEuInbOw.exe
2018-08-07 11:29 - 2018-08-07 11:29 - 000000002 _____ () C:\Users\Bartosz\AppData\Local\imw.ini