CloseProcesses:
CreateRestorePoint:
EmptyTemp:
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
MSCONFIG\startupfolder: C:^Users^Misiaczek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CPUCooL.lnk => C:\Windows\pss\CPUCooL.lnk.Startup
MSCONFIG\startupreg: 1105478 => "C:\Users\MISIAC~1\AppData\Local\Temp\is-5MSIE.tmp\Hello.exe" /VERYSILENT
MSCONFIG\startupreg: 2736642 => "C:\Users\MISIAC~1\AppData\Local\Temp\is-U9411.tmp\Hello.exe" /VERYSILENT
MSCONFIG\startupreg: App => C:\Users\Misiaczek\AppData\Local\App\csrss.exe
MSCONFIG\startupreg: rAwmTiMXIB.exe => C:\Program Files\Internet Explorer\NQNIG6Q5VIJ1V\rAwmTiMXIB.exe 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{96CFC58D-5EEC-4AC2-918C-478A2A29E986}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe Brak pliku
FirewallRules: [{0076F8D7-F0A7-46AB-A6DE-0FE116ECEA32}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe Brak pliku
FirewallRules: [TCP Query User{7D46CBD0-B288-4BF9-9EFB-9DE6B8F62010}E:\starcraft ii\versions\base73620\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base73620\sc2_x64.exe Brak pliku
FirewallRules: [UDP Query User{A2FC3DE1-67A3-4A71-9592-E732530111AC}E:\starcraft ii\versions\base73620\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base73620\sc2_x64.exe Brak pliku
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\Run: [Opera Browser Assistant] => C:\Users\Misiaczek\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2312792 2019-06-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\MountPoints2: {9242eb06-1c10-11e9-8db8-002268e89b35} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\MountPoints2: {9d78647c-0cf5-11e9-b8e0-002268e89b35} - G:\autorun.exe
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\MountPoints2: {c5c33f82-1c13-11e9-9ad2-002556cd52fd} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2154026812-2834238318-2372351721-1000\...\MountPoints2: {c5c33f8f-1c13-11e9-9ad2-002556cd52fd} - H:\HiSuiteDownLoader.exe
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {08AA843F-DD92-4115-B839-E434FD5BB87F} - System32\Tasks\Opera scheduled Autoupdate 1557246208 => C:\Users\Misiaczek\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-06-14] (Opera Software AS -> Opera Software)
Task: {0A222BB7-AD65-4345-8703-6BFB05C6BC6C} - System32\Tasks\420827388763427 => C:\ProgramData\Performance Tool\conhost.exe <==== UWAGA
Task: {348A6115-D484-42D5-9A59-A78F478A9F60} - System32\Tasks\Opera scheduled assistant Autoupdate 1557421316 => C:\Users\Misiaczek\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-06-14] (Opera Software AS -> Opera Software)
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{00EDBFFE-773E-44CB-844E-747A5381CBE4}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{00EDBFFE-773E-44CB-844E-747A5381CBE4}: [DhcpNameServer] 82.163.142.9
Tcpip\..\Interfaces\{4A2A92D2-004A-4CEF-93D7-89DCF10855DB}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{666570F5-2E8E-41B0-A539-433970CEF569}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{666570F5-2E8E-41B0-A539-433970CEF569}: [DhcpNameServer] 192.168.43.1
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S4 zjdlqojo; C:\Windows\SysWOW64\zjdlqojo\wzhhfdhq.exe [0 0000-00-00] () <==== UWAGA (zerobajtowy plik/folder)
S1 jbyxzkff; \??\C:\Windows\system32\drivers\jbyxzkff.sys [X]
S1 ufxfngzc; \??\C:\Windows\system32\drivers\ufxfngzc.sys [X]
2019-05-30 14:17 - 2019-06-22 21:32 - 000000000 ____D C:\ProgramData\1D633562-0EA8-6589-034B-441BAF536F8A
2019-05-30 14:16 - 2019-05-30 14:16 - 000000000 ____D C:\ProgramData\{A9D7F710-056B-8696-1318-150A13FF4C5B}
2019-05-30 14:16 - 2019-05-30 14:16 - 000000000 ____D C:\ProgramData\{8F37543A-A641-A076-39BB-F52C395CAC7D}
2019-05-30 14:16 - 2019-05-30 14:16 - 000000000 ____D C:\ProgramData\{33B39231-604A-1CF2-327D-7190329A28C1}
2019-06-19 02:32 - 2019-05-07 18:23 - 000004120 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1557246208
2019-06-14 23:25 - 2019-05-09 19:02 - 000004320 _____ C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1557421316
2019-05-30 14:18 - 2019-05-09 19:12 - 000000000 ____D C:\ProgramData\{73CC9659-6422-5C8D-5A79-0ED05A9E5781}
2019-05-30 14:18 - 2019-05-09 19:12 - 000000000 ____D C:\ProgramData\{1949382C-CA57-3608-2FD7-8BBA2F30D2EB}
2019-03-28 16:11 - 2019-05-12 13:00 - 000152143 _____ () C:\Users\Misiaczek\AppData\Roaming\downloads.json
2019-05-09 19:20 C:\Windows\SysWOW64\zjdlqojo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Play -safe mode-.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Play.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Trainer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Options\Change language.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Options\Resolution\Custom resolution.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Options\Resolution\Readme.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Options\Field of view\Change FOV.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Underground 2\Options\Field of view\Readme.lnk
C:\Users\Misiaczek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Play Need For Speed Carbon Collectors Edition.lnk
RemoveProxy:
HOSTS:
CMD: netsh int ip reset
CMD: ipconfig /flushdns