CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {8246b260-975b-11e9-a596-001fd0366ed0} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {c8fff495-ce18-11e7-b1a0-001fd0366ed0} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {d18efea5-47bd-11e8-b11b-001fd0366ed0} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {d93b3b14-a2cb-11e7-ae91-001fd0366ed0} - K:\autorun\autorun.exe
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {f82725cf-7077-11e7-9215-806e6f6e6963} - E:\FreakOut.exe
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\MountPoints2: {fecea902-a5ff-11e8-b772-001fd0366ed0} - E:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {0AE32E5D-77B0-4265-AA6B-A076AF90491A} - System32\Tasks\7king hacker suck => cmd.exe /c shutdown -s -t 0 <==== UWAGA
Task: {80C7B269-625A-41DB-AFEA-1FB0D112F5BD} - System32\Tasks\Microsoft LocalManager[Windows 7 Ultimate] => C:\ProgramData\{54654910-5465-5465-546549107317}\lsm.exe [886784 2019-08-01] () [Brak podpisu cyfrowego] <==== UWAGA
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Brak pliku 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Brak pliku 
Tcpip\Parameters: [DhcpNameServer] 185.170.226.34 185.170.226.2
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{09C15CB7-8E91-4370-B7D8-F26BDE94D745}: [DhcpNameServer] 185.170.226.34 185.170.226.2
Tcpip\..\Interfaces\{95FD77AB-533C-4E94-82F4-B240824CFE4F}: [NameServer] 8.8.8.8
HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190
CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190"
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 mracsvc; C:\Windows\System32\mracsvc.exe [12941464 2019-08-04] (Mail.Ru LLC -> LLC Mail.Ru)
S2 mssecsvc2.0; C:\WINDOWS\mssecsvc.exe [3723264 2019-05-16] () [Brak podpisu cyfrowego]
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [12239280 2019-08-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2019-08-16 16:23 - 2019-03-01 23:09 - 000000266 __RSH C:\Users\Kondi\ntuser.pol
2019-08-16 14:40 - 2018-02-23 16:12 - 000003186 __RSH C:\ProgramData\ntuser.pol
2018-04-12 17:53 - 2018-04-12 17:53 - 000030601 _____ () C:\Users\Kondi\x.exe
2019-04-30 06:26 - 2019-08-03 23:14 - 000002667 _____ () C:\Users\Kondi\AppData\Roaming\downloads.json
2019-08-08 16:40 - 2019-08-08 16:40 - 000000789 _____ () C:\Users\Kondi\AppData\Roaming\droid4xinstaller.log
2018-03-13 23:54 - 2018-03-13 23:54 - 000140800 _____ () C:\Users\Kondi\AppData\Local\installer.dat
2018-03-13 23:56 - 2018-03-13 23:56 - 001895384 _____ () C:\Users\Kondi\AppData\Local\Zottech.bin
2019-02-22 09:54 - 2019-02-22 09:54 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{31B68977-4F58-454B-82C4-6904ECA3FF98}
2019-02-20 09:54 - 2019-02-20 09:54 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{5A1E6EE6-5F9A-4E7A-A711-47F259C72813}
2019-03-02 16:48 - 2019-03-02 16:48 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{7DB1FD76-59B0-4A23-800E-AD0F8E996B52}
2019-02-25 16:40 - 2019-02-25 16:40 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{B1DA92F2-921C-46C5-A5C5-F68B930D8080}
2019-03-01 09:54 - 2019-03-01 09:54 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{C83ABF4C-7DE0-40E3-A39C-F3F31F5A8F98}
2019-02-23 09:54 - 2019-02-23 09:54 - 000000000 _____ () C:\Users\Kondi\AppData\Local\{EC9ED414-58FE-4518-8E1C-D52D6D9D65B0}
ContextMenuHandlers2: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Brak pliku
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> Brak pliku
AlternateDataStreams: C:\Users\Kondi\Dane aplikacji:05989ba9835688c880afaaa90a04c180 [394]
AlternateDataStreams: C:\Users\Kondi\AppData\Roaming:05989ba9835688c880afaaa90a04c180 [394]
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1255634179-2396725886-1912766959-1000\...\localhost -> localhost
FirewallRules: [TCP Query User{1F35132E-6D2D-4ED3-BE51-51AD91627D6D}D:\mygames\warface my.com\bin32release\game.exe] => (Allow) D:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [UDP Query User{ABC60843-01DF-4973-B80C-A51359096B3A}D:\mygames\warface my.com\bin32release\game.exe] => (Allow) D:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
RemoveProxy:
Hosts:
CMD: netsh int ip reset
CMD: ipconfig /flushdns