CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\Win7\...\Run: [SummerFrog] => "C:\Windows\rss\csrss.exe" <==== UWAGA
HKU\Win7\...\Run: [6951720] => "C:\Users\Win7\AppData\Local\Temp\is-TEQI4.tmp\Dragula.exe" /VERYSILENT <==== UWAGA
HKU\Win7\...\Run: [4753501] => "C:\Users\Win7\AppData\Local\Temp\is-PQK2L.tmp\Dragula.exe" /VERYSILENT <==== UWAGA
HKU\Win7\...\Run: [2413674] => "C:\Users\Win7\AppData\Local\Temp\is-LGRS2.tmp\Dragula.exe" /VERYSILENT <==== UWAGA
HKU\Win7\...\Run: [7241379] => "C:\Users\Win7\AppData\Local\Temp\is-JMPBL.tmp\Dragula.exe" /VERYSILENT <==== UWAGA
HKU\Win7\...\Run: [2279172] => "C:\Users\Win7\AppData\Local\Temp\is-26382.tmp\Dragula.exe" /VERYSILENT <==== UWAGA
HKU\Win7\...\Run: [CloudNet] => "C:\Users\Win7\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" 1-8 <==== UWAGA
HKU\Win7\...\Run: [B76ZVRQE184FK9O] => "C:\Program Files\7TXUCHP8S8\CFVBEH8ZP.exe"
HKU\Win7\...\Run: [3460537] => "C:\Users\Win7\AppData\Roaming\tsjfzn2n4uv\wpkrwdjhvzl.exe" /VERYSILENT
HKU\Win7\...\Run: [9167794] => "C:\Users\Win7\AppData\Roaming\f444tob0vsz\2hyd02uf53i.exe" /VERYSILENT
HKU\Win7\...\Run: [1461864] => "C:\Users\Win7\AppData\Roaming\41tu001dvhn\4zkffovcw4u.exe" /VERYSILENT
HKU\Win7\...\Run: [5690267] => C:\Users\Win7\AppData\Roaming\zj33av5eaaw\eymkloeypk1.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [5249173] => C:\Users\Win7\AppData\Roaming\b44l4xaplex\lg5gp4zlttj.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [7031276] => C:\Users\Win7\AppData\Roaming\gxvtme5ouf0\v1az0j20rwi.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [2200331] => C:\Users\Win7\AppData\Roaming\mqb2qfcgtzw\zasprb01mwa.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [6622160] => C:\Users\Win7\AppData\Roaming\4ub1h2giw1f\hayqv5x4uvc.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [6635396] => C:\Users\Win7\AppData\Roaming\em5sdgq2ez0\a4cs5uyjy12.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [1016765] => C:\Users\Win7\AppData\Roaming\2o3irszmcn3\41lhpar2saa.exe [2600591 2019-08-14] ( )
HKU\Win7\...\Run: [3476935] => C:\Users\Win7\AppData\Roaming\qyt2lzwrmo0\u4x5latn3jg.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [5111378] => C:\Users\Win7\AppData\Roaming\hllu1mn1wzo\fo0fzjzuft3.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [8347391] => C:\Users\Win7\AppData\Roaming\ecd40rfnkxf\cly1lbpkx2y.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [5788108] => C:\Users\Win7\AppData\Roaming\cdmi5iav1dd\gex3ttwy2p0.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [6926983] => C:\Users\Win7\AppData\Roaming\za34iv5yvzu\pbvfjbcvf1p.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [7990349] => C:\Users\Win7\AppData\Roaming\wgwqtxgyzpg\bnzlmwkjrmy.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [8881312] => C:\Users\Win7\AppData\Roaming\qle3rvw5kcg\1pipdosdjzv.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [4467620] => C:\Users\Win7\AppData\Roaming\2ajebnd4mwd\ydgf3onng4u.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [8960650] => C:\Users\Win7\AppData\Roaming\ffzxapwiv5y\ihs2c3eamjc.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [9850081] => C:\Users\Win7\AppData\Roaming\kccyaaw2kb3\r1yfkcp2fzi.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [7100309] => C:\Users\Win7\AppData\Roaming\spevgckgi3w\atnfof0wuez.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [DreamTrip] => C:\Program Files (x86)\DreamTrips\DreamTrip.exe [815992 2018-09-09] (Ashampoo GmbH & Co. KG -> Ashampoo)
HKU\Win7\...\Run: [9325398] => C:\Users\Win7\AppData\Roaming\qegzxpll4ab\trtl5ndxhm3.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [3759280] => C:\Users\Win7\AppData\Roaming\ctfor3kwnha\zwlr3jytgi4.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [41D737BLMWZBTT7] => "C:\Program Files\UFCHQ1MCG9\7OLHUOLW0.exe"
HKU\Win7\...\Run: [JQC4IO79T2YGDK8] => "C:\Program Files\UFCHQ1MCG9\7OLHUOLW0.exe"
HKU\Win7\...\Run: [6K9A5DTRF81JUJF] => "C:\Program Files\74IWY1SDF6\PFNS90H6B.exe"
HKU\Win7\...\Run: [1140376] => C:\Users\Win7\AppData\Roaming\oqxhls3zpes\ioaux3o0ary.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [9358311] => C:\Users\Win7\AppData\Roaming\r30cxuyaq3f\maadgpscsd3.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [8334498] => C:\Users\Win7\AppData\Roaming\y3ev1mb4nwi\frvmdni1g5f.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [ZB0XPBHG64XDKRX] => "C:\Program Files\EQJDWB8MCZ\RFPS4AENB.exe"
HKU\Win7\...\Run: [0MB8OZFXA7SSJZZ] => "C:\Program Files\D01X280SXA\QP7CA86TX.exe"
HKU\Win7\...\Run: [911FXQ41C4MP84Q] => "C:\Program Files\0766S2Q7LM\0766S2Q7L.exe"
HKU\Win7\...\Run: [1937368] => C:\Users\Win7\AppData\Roaming\eje52apvjrn\lokwubap2zn.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [J79Q8KY1ATSJTSV] => "C:\Program Files\PMY4PXRWH7\PMY4PXRWH.exe"
HKU\Win7\...\Run: [6558187] => C:\Users\Win7\AppData\Roaming\sezv3x2unji\m445x1b0szd.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [523GDGBBIIB1NAC] => "C:\Program Files\B40S2KBR8L\VWVTANDC1.exe"
HKU\Win7\...\Run: [6161163] => C:\Users\Win7\AppData\Roaming\vwdtipzimdc\4dbemu4ipyk.exe [2600591 2019-08-15] ( )
HKU\Win7\...\Run: [360DesktopLite] => C:\ProgramData\360TotalSecurity\DesktopPlus\DesktopPlus64.exe [3287944 2018-12-11] (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
HKU\Win7\...\RunOnce: [svcfdom0] => C:\Users\Win7\AppData\Roaming\svcfdomd\svcfdom0.exe [248320 2018-03-29] (Open Source Developer Federica Domani (federicadomani.wordpress.com))
HKU\Win7\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
GroupPolicy\User: Ograniczenia ? <==== UWAGA
Task: {099B8C71-0F1E-4274-89A9-A6B19DAA98BF} - \Microsoft LocalManager[Windows 7 Home Premium] -> Brak pliku <==== UWAGA
Task: {25440280-EF9B-4EB3-B2B2-3BB0EF04165D} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== UWAGA
Task: {31F310F6-4E3A-4EEF-A0A0-8B8AB65084A7} - Brak ścieżki do pliku
Task: {3ACCA5D3-5665-4091-8216-5DED0E67B491} - System32\Tasks\{273985D4-4F44-4955-9E52-1577E64B2C20} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {4D3449A4-15B8-4AC2-ADBB-D844E923E284} - \mDRdVxnbfVSDgmQtv2 -> Brak pliku <==== UWAGA
Task: {5BF0308A-9CF0-4077-8235-EEB75D10A31E} - \Updater_Online_Application -> Brak pliku <==== UWAGA
Task: {5CBDC44F-23D6-4113-8F96-EE4EC426647D} - System32\Tasks\{0A537D29-B911-4786-A45B-0F90B61E0FB2} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.21.64.104/pl/abandoninstall?page=tsMain
Task: {5CD11C70-5439-4F93-81A5-D3318B881324} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [3916104 2019-07-02] (Byte Technologies LLC -> Byte Technologies LLC) <==== UWAGA
Task: {5F8490B0-E6C9-433E-BCE0-97B7D1C5F5F3} - System32\Tasks\{BE56BA81-6DF9-46AE-ACB5-1EDB5440583E} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {60B83FE2-4A97-4A60-99F1-FDEC079DDECD} - \ScheduledUpdate -> Brak pliku <==== UWAGA
Task: {6A909EB0-2370-4E2C-A239-41240585D47F} - \VXcSDwrjctCfElU2 -> Brak pliku <==== UWAGA
Task: {6E63D434-8EBB-42D9-83E1-3AF068DD92AF} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== UWAGA
Task: {745A7DD5-DE4D-4951-B363-EB161FBF12EC} - System32\Tasks\Homeville => C:\Program Files\Homeville\Homeville.exe <==== UWAGA
Task: {792DE3FC-CA8A-463D-BE05-B2DD03FBD642} - System32\Tasks\{9CBD32F2-F825-4DB5-B5F6-9AC189B29325} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {806ABC00-47DE-42E9-B178-D84AE388497D} - System32\Tasks\{251E93B8-68DC-483C-9592-9D80D9866A4D} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {8382C4BB-92FE-427C-9A78-7F5BAECA8157} - System32\Tasks\Opera scheduled Autoupdate 1523210869 => C:\Users\Win7\AppData\Local\Programs\Opera\launcher.exe [1348120 2019-08-07] (Opera Software AS -> Opera Software)
Task: {89523D8F-C717-48D6-BC83-1879F81D39D7} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== UWAGA
Task: {89C236BF-8560-48E4-A6E8-FEB2CE79C2EF} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== UWAGA
Task: {9065457C-130B-4B10-86CE-1355666D3B05} - \Online Application V2G1 -> Brak pliku <==== UWAGA
Task: {9D080810-87D3-4B7F-9D13-626430EAB006} - System32\Tasks\Opera scheduled Autoupdate 711520318 => C:\Users\Win7\AppData\Roaming\Microsoft\Windows\budsujjw\cawvvais.exe
Task: {A2918232-39BF-4904-8DC0-236454511B90} - \PRqDsAmBDBAyI2 -> Brak pliku <==== UWAGA
Task: {A2E9C55E-2C0D-4316-8DA3-70D798EF6542} - \YHS rarer -> Brak pliku <==== UWAGA
Task: {AB04A425-897F-4687-986C-795750590A3A} - \gwDiGgxMbcwZRH -> Brak pliku <==== UWAGA
Task: {B789EE34-41E2-4F08-8FF7-C8EA45C084A9} - System32\Tasks\{0B0BB220-7EDA-4638-8242-A1583F93DABF} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {C2142453-95A1-436B-8220-1E33E7F5212D} - \nemalrDSYMbTPtovlle2 -> Brak pliku <==== UWAGA
Task: {CB8642AD-052B-4AFF-B05F-F7EE01D64610} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== UWAGA
Task: {DEE540D2-5400-4A5C-86AF-A46B8DC8882F} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe <==== UWAGA
Task: {E57A16D0-1BDC-4584-A0F0-E70C4D654709} - System32\Tasks\{CAE8961E-D6A0-4E30-BEC7-6601E0DEFA8D} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {F372A1B8-1A49-4C5E-A294-C1D60AA2BFB1} - System32\Tasks\{D497DF7E-469B-48BE-8BDA-3FA65632F034} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {F586E600-EA91-4A49-9BEE-00CEA6C078A6} - System32\Tasks\{40D8BFBF-AE06-44E5-B65E-6230BC3D3E92} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {FDB1ADC3-6CEA-4F75-A790-9B256BB413F2} - System32\Tasks\{2CCE638F-C3A0-4719-8F7F-E9BA69245470} => msiexec.exe /package "C:\Users\Win7\Downloads\EpicInstaller-9.7.0-fortnite (4).msi"
Task: {FEA9FF2F-80C3-4A05-88B6-41E3727B59B4} - \{4A7795A2-607F-45AF-8294-8C698B5E2461} -> Brak pliku <==== UWAGA
Task: C:\Windows\Tasks\Homeville.job => C:\Program Files\Homeville\Homeville.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
S2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [169848 2019-03-05] (VoiceFive, Inc. -> VoiceFive, Inc.) <==== UWAGA
S2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2019-08-03] (Byte Technologies LLC -> Byte Technologies LLC.) <==== UWAGA
S2 backlh; C:\ProgramData\Logic Cramble\set.exe [X] <==== UWAGA
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -runtimeupdated [X]
S4 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S3 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
S2 WIFIService; C:\ProgramData\WIFIService\WIFIService.exe [X] <==== UWAGA
S2 WinDefender; C:\Windows\windefender.exe [X]
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [0 2019-08-15] () <==== UWAGA (zerobajtowy plik/folder)
S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
2019-08-14 22:54 - 2019-08-15 01:31 - 000000000 ____D C:\ProgramData\Logic Cramble
2019-08-14 22:52 - 2019-08-14 22:52 - 000000000 ____D C:\ProgramData\Quoteexs
2019-08-14 22:51 - 2019-08-15 01:31 - 000000000 ____D C:\ProgramData\CloudPrinter
2019-08-11 20:21 - 2019-08-12 18:32 - 000000266 __RSH C:\Users\Win7\ntuser.pol
2019-08-11 19:20 - 2019-08-15 01:24 - 000000266 __RSH C:\ProgramData\ntuser.pol
2019-08-11 19:20 - 2019-08-11 20:19 - 000000000 ____D C:\Users\Win7\AppData\Local\Mail.Ru
2019-08-11 19:20 - 2019-08-11 19:20 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-08-15 01:06 - 2019-08-03 15:11 - 000000000 ____D C:\Program Files\ByteFence
FCheck: C:\Windows\System32\Drivers\aswbuniv.sys [2019-08-15] <==== UWAGA (zerobajtowy plik/folder)