CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-2000041979-1871357136-1592836177-500\...\Run: [-YA8W7rR'k.exe] => C:\Program Files\Windows Media Player\FLUV9HZEMX271YS01CZ2GTQ\-YA8W7rR'k.exe 
GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObeR_98Utx3C8ptCIbHpqQr_nOmgGDmAvL7DeTQZl9VNe0zcnfeREulAw9i7KNZERK_bdexpOUwYkBN2Zkq8ino2gviVacjNXi_SxEdiIXyZszLNfyJrQDT0a2lvPpAWvSpyYRZy7Yp9BHghYgZMKZFs5n32m2TYDzr-YVVLbXq
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
2018-09-17 16:54 - 2018-09-18 00:55 - 000000000 ____D C:\Windows\{F3C70089-653A-40EE-A681-9499F3097E6A}
1601-01-03 21:33 - 1601-01-03 21:33 - 000197120 ____N (Microsoft Corporation) C:\Users\Administrator\EIAOuuuOXvOo.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Administrator\uxoXO.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Administrator\uyFo.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000197120 ____N (Microsoft Corporation) C:\Users\Administrator\vEYevfYCWHO.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\yykE.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\mnoaU.exe
Task: {16F2DEE2-E902-44D3-990C-91C57B705CFC} - System32\Tasks\{7FA547F9-9693-4980-3874-BB71C4997599} => C:\Users\Administrator\uyFo.exe [1601-01-03] (Microsoft Corporation)
Task: {4829404A-0462-497E-B606-B55D71E4491A} - System32\Tasks\{010F035C-CA4B-AB06-8985-8F9863A9C074} => C:\Program Files (x86)\yykE.exe [1601-01-03] (Microsoft Corporation)
Task: {9ACB9BBE-3525-4B79-9F7B-BB1D80DB2010} - System32\Tasks\Microsoft Malware Protection Command Line Utility => C:\Users\Administrator\AppData\Roaming\Microsoft\Security\svchost.exe <==== UWAGA
Task: {A90212B5-1153-431C-873A-E1FDC1987641} - System32\Tasks\{B76CEB02-7EBC-5183-274D-9B9F214C79D1} => C:\Users\Administrator\uxoXO.exe [1601-01-03] (Microsoft Corporation)
Task: {E50FF70C-19DB-4754-A068-1F582391F2ED} - System32\Tasks\{F9E987A3-123D-89D0-4842-8474B96D3A1E} => C:\Program Files (x86)\Common Files\mnoaU.exe [1601-01-03] (Microsoft Corporation)
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pulpit zdalny Chrome.lnk
HKU\S-1-5-21-2000041979-1871357136-1592836177-500\...\StartupApproved\Run: => "-YA8W7rR'k.exe"
FirewallRules: [{327F3C4A-DC1A-4489-9F6C-F0AB0062A6BA}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7301664A-A1AC-4A15-9AFF-2EFF3684DB5B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{139E6741-9151-4DAD-ACF0-1661602BC290}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{6CC73890-6788-42F5-86A6-3EAC722ACE90}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{6535AC38-28BE-48A3-818E-CFEDE5FFD689}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{1B7B3F05-1F53-40BC-90D0-65C666D3F3D9}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{2F337100-69D6-49B6-9342-2AE1F7CC589A}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{8FEE307F-5DCB-4588-BC8F-84FF0B155A16}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{FCD87F64-CA3F-4712-BE8F-B69083B4E812}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{ED283156-8AB6-4C10-B888-6D1BB51B6F6B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{B410A943-448E-4B18-B74F-7EC0AD0E5C4C}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{9E8AE21D-0676-4911-88B2-DF1D2E927731}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{1791D489-3495-4CD1-8D9B-2A8CCDC33CB5}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{3427C246-9BA8-4C65-A381-9D4297A59C48}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{50356EE5-765F-4E34-8E03-0B4D2402FCE4}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{77EA8606-5D06-42D8-9153-D10CC0D41AE0}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{DC061268-6EE1-4B00-8E42-D118FE7ECCF2}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{D8C64C20-C452-455F-969A-957607D13AA6}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{9706FA4C-34EA-435C-A3BE-0CB0772065AE}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{D73F94B4-70B1-4506-A130-4BDE6B79344E}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{A5FE9EBF-C8F4-46C2-A83D-F6C2DC3923D2}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{F2E26690-CD28-4B58-972C-41697A430268}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{DED94D82-A4E6-43F8-A732-3747E38BB17C}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{04B52D3B-44C5-4C66-8C07-74C655B2F0D2}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{084FFCA3-9510-420C-99FD-6A918706D168}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{488BF4A1-5A4C-4DC2-8F4A-D0B5FF9174F2}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{CA19268C-A097-49D8-A723-5EE7AAB6A0B2}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{35040122-4290-48B4-9C2D-211B4C972B26}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{8EBA0569-362C-4F12-9976-2A95BF4C7F4C}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{20675E6C-3B29-4006-A9CC-74316429D9D7}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{2D1321CC-C4F4-4E91-B179-54CDC1ADA0CD}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{9069F146-B4F6-4619-9303-EF86DFD7D42B}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{C0801168-EDC0-49A7-A67D-BEF03611BF93}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{54188AD6-1532-4A4A-B0E8-BD0F66E6CF4B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{A5BA3D2B-EEB0-492C-9A8F-DFE582255DA5}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{9ABCC77A-FEB2-4173-8185-608EB11F67C9}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{94D6F64B-2BC8-4CF4-8A67-6E21A6E9D831}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E0D84079-7C9C-4565-8824-FDBD73DFAE37}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{476EFF69-D9D4-455C-9E65-5E11D2F84338}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E283F2D6-9BFC-4019-9B6B-1A37D276F9D6}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{27D6440D-4442-47EE-A6D9-273A5A28442E}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{9434613B-C675-4B53-A9AF-25A86FFCA339}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{697EF90E-7062-453B-8A28-742EF5586E99}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{2FB2B092-4ECA-4BC4-A8DB-7E4887274706}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{C1BE7B95-6806-4D91-9357-68DAC06C204D}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{2CB856F2-7F2C-43EA-AB78-E0F01142984F}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{402981BE-835C-4772-B4EB-4A700F7ECB5E}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{95701E34-5DA2-4B50-A16A-567D7973BD46}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{CB08EB61-266D-45BC-B7B5-EAA41FA797AB}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E3B7D574-EDA9-4399-BA0F-6103390CFCF2}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{B522D0EA-6875-4DFB-BFFC-764162413FCE}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{3A7BC071-8FCC-45F0-B2F6-7A9D3B14B14D}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{9222D645-9553-4D27-BD2A-E3D595993CC4}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{C32A76FB-2EAB-4714-8464-637B04139258}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{72D63962-C178-4366-A7F9-1EAA90C5EC83}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{5B147C9A-D059-43AF-BFA1-9B944ABC7762}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{A2C5CAF3-F11D-4A37-AF6B-FB21D90F1AE9}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{513426B5-892D-4979-B0D0-A3958DFBD63A}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{54F8BD97-EFB2-4F8A-849A-FC23A10C3100}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{38D8C2C4-0E3B-471F-901B-A1C7CA3E696D}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E9919336-3830-4E4F-9F9D-F3E957C836AB}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{F65683FC-6969-4129-A6B0-7A3AFD1EF8C2}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{BFADE6A0-A383-424E-A468-CBCA50A44CA0}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{B8C10608-E727-494F-B4BA-F89A553EFAE6}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{BA40B32D-ECBA-45EE-B035-E420E860FDB6}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{25A3DC75-C023-4DF8-89B4-5CC80D9F31E0}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{56825804-6F4F-46CB-B9AA-8CAF0E0FB8EA}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{C54AA3DC-67F4-4C70-A502-659B89CF6F97}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7E2F039F-845A-4EF8-AA9A-FEA8CB6A7BAF}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{C8060CAA-CA84-44A9-A5FA-D13A368DA640}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E019018B-5C6A-42DF-8523-691E83E18A5E}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{6F43DAD3-C4AB-4473-A95A-91D9CCBC657A}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{2007DAE2-DEC6-4C50-8478-556C85BDFFF6}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{B543664B-EBDA-4370-BEAF-219181343B7B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7FF4074F-208E-4C22-9B41-03057148148F}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{FEBF1F74-8DD8-4777-854F-B074BC5D4B70}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{43207A35-E2C1-4190-9631-C78CE1B2E664}] => (Allow) C:\Windows\SysWOW64\svchost.exe
CMD: ipconfig /flushdns