CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [setup.exe -start] => C:\Users\Milosz\AppData\Local\Temp\setup.exe -start <==== ATTENTION
HKU\S-1-5-21-2456154830-1714413037-2813533712-1000\...\MountPoints2: {3d8e9e68-1d29-11e6-b151-84a6c8e2d564} - G:\autorun.exe
HKU\S-1-5-21-2456154830-1714413037-2813533712-1000\...\MountPoints2: {e64ad2d6-22d9-11e7-8a44-84a6c8e2d564} - G:\SISetup.exe
HKU\S-1-5-21-2456154830-1714413037-2813533712-1000\...\MountPoints2: {e64ad4e9-22d9-11e7-8a44-84a6c8e2d564} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2456154830-1714413037-2813533712-1000\...\MountPoints2: {e64ad4ed-22d9-11e7-8a44-84a6c8e2d564} - G:\HiSuiteDownLoader.exe
ShortcutTarget: fury-pol-5986466.lnk -> C:\ProgramData\{0747480c-8125-0dd3-0747-7480c8122032}\fury-pol-5986466.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2456154830-1714413037-2813533712-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ProfilePath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
FF Plugin HKU\S-1-5-21-2456154830-1714413037-2813533712-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2009-07-14 03:14 - 2009-07-14 03:14 - 000073216 ____N (Microsoft Corporation) C:\Users\Milosz\IgPgRYAos.exe
2009-07-14 03:14 - 2009-07-14 03:14 - 000186368 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\AyaYoi.exe
ContextMenuHandlers1-x32: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> No File
ContextMenuHandlers4-x32: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> No File
Task: {0389F70E-7127-4BCC-904E-059AE8447025} - System32\Tasks\Opera scheduled Autoupdate 1396700227 => C:\Program Files (x86)\Opera\launcher.exe [2018-08-14] (Opera Software)
Task: {0D5D10C3-6994-4085-93A6-05B0B34D06A9} - System32\Tasks\gfl202it => C:\Program Files\Common Files\ymzky2ez\e4052jyb25jqk.exe <==== ATTENTION
Task: {27ACF9AC-1C82-47BD-A785-23C3DF2048CB} - System32\Tasks\34hcq1ho => C:\Program Files\Common Files\4qfhktt4\bd7ccq0msg0eb.exe <==== ATTENTION
Task: {32ED21A0-627D-4FC5-A10A-598A5ACD2BEB} - System32\Tasks\{899107FC-CDCC-0011-7330-F43DCC5294CF} => C:\Windows\SysWOW64\iAoI.exe [2009-07-14] (Microsoft Corporation)
Task: {5285EF88-D897-4F98-8CCE-B1285B71C3C8} - System32\Tasks\ehdsvweo => C:\Program Files\Common Files\huhl22oz\51ca5rt535ktd.exe <==== ATTENTION
Task: {542FFC6F-0A7E-4289-AB24-9DABA3ACAB81} - System32\Tasks\prfoucrdow => C:\Windows\system32\config\systemprofile\AppData\Local\Tampity [Argument = /t 8150 7526] <==== ATTENTION
Task: {59C393F3-D136-4468-9406-FD945CDAC136} - System32\Tasks\{9613C12C-2CEB-58EC-8836-7B3DDA3EFAA7} => C:\Users\Milosz\IgPgRYAos.exe [2009-07-14] (Microsoft Corporation)
Task: {59D10341-9391-4259-ACAE-6E37369EA35E} - \Cooking Form -> No File <==== ATTENTION
Task: {6CC3C96D-AA49-4B3E-BF5F-1E95938DF1F5} - System32\Tasks\FineLine => c:\programdata\{cd649df4-fcc5-f785-cd64-49df4fcc77d3}\gta v key generator.exe <==== ATTENTION
Task: {761BF238-FF02-4900-9BE4-C1165606B4B4} - System32\Tasks\{9D33F494-0776-4C8A-8C97-EC7FE863FD11} => C:\Windows\system32\pcalua.exe -a G:\SISetup.exe -d G:\
Task: {7ECE1757-5A86-4678-99E4-9581719003ED} - System32\Tasks\{11FC5E2C-70E9-4CE5-B659-68C7A7C92695} => C:\Program Files (x86)\1C Company\7,62 Hard Life\HLA.exe [2015-10-05] (HardLife Addon Developers Team)
Task: {81E4AF63-025E-4FD1-9F11-7C2FD1190622} - System32\Tasks\bmk2gfnv => C:\Program Files\Common Files\lohllsoq\c1627h2pdxkqj.exe <==== ATTENTION
Task: {9E6D05CC-572D-4DAB-A0C6-82B791ABCD6A} - System32\Tasks\HeatDestroyer => c:\programdata\{0a8ebdaa-bf24-1eb3-0a8e-ebdaabf2f6aa}\6187012998759244504b.exe <==== ATTENTION
Task: {AFF6E682-F524-4F9A-9A13-EBB4D888AE57} - System32\Tasks\fahichne => C:\Program Files\Common Files\oxdjvsqs\f988diky5aeap.exe <==== ATTENTION
Task: {B30BCE0F-9D30-4CE8-B607-4F02E0B720C2} - System32\Tasks\{77A2CC61-7BA2-690B-6E92-58B8A785037C} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://youhomepage.org/cl/?guid=p6s27b6v3yxb569snlihs8iji9hipos5&prid=1&pid=4_1324_0
Task: {BE21192A-F8D4-42CC-9319-8B70D0DF851E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {CA8B39B9-57FF-42DB-A0A4-4CA6D1FE349A} - System32\Tasks\SpeakerUp => c:\programdata\{2009d71c-f914-cec6-2009-9d71cf915c73}\3331506882853432045b.exe <==== ATTENTION
Task: {CF504883-9327-4691-BB48-0F2B6977086F} - System32\Tasks\PocketUtilities => c:\programdata\{da09725a-be27-0457-da09-9725abe2c96a}\5280389908494857810b.exe <==== ATTENTION
Task: {D143A8BF-23D1-4DE7-AC90-C3D1A0F53653} - System32\Tasks\tzdwtddv => C:\Program Files\Common Files\d5g5ploq\e0a78o0hj4vjg.exe <==== ATTENTION
Task: {D52A8279-6BAD-4A4E-832C-8B9BF4804FFD} - System32\Tasks\BitcoinProtect => c:\programdata\{b21bb061-8fba-d9ca-b21b-bb0618fbc186}\1652822150021144352b.exe <==== ATTENTION
Task: {DF76B5D5-9A37-44AC-AA35-93D955DAD95F} - System32\Tasks\TalkingBook => c:\programdata\{58cb9e65-b2d3-54c8-58cb-b9e65b2d7996}\sevensetup.exe <==== ATTENTION
Task: {F06AC407-6F15-4F33-A91E-2DB6FCEA96A5} - System32\Tasks\SweetSave => c:\programdata\{3c392852-57a8-81b3-3c39-9285257aa149}\6101963581763177640b.exe <==== ATTENTION
Task: C:\Windows\Tasks\BitcoinProtect.job => c:\programdata\{b21bb061-8fba-d9ca-b21b-bb0618fbc186}\1652822150021144352b.exe <==== ATTENTION
Task: C:\Windows\Tasks\FineLine.job => c:\programdata\{cd649df4-fcc5-f785-cd64-49df4fcc77d3}\gta v key generator.exe <==== ATTENTION
Task: C:\Windows\Tasks\HeatDestroyer.job => c:\programdata\{0a8ebdaa-bf24-1eb3-0a8e-ebdaabf2f6aa}\6187012998759244504b.exe <==== ATTENTION
Task: C:\Windows\Tasks\PocketUtilities.job => c:\programdata\{da09725a-be27-0457-da09-9725abe2c96a}\5280389908494857810b.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeakerUp.job => c:\programdata\{2009d71c-f914-cec6-2009-9d71cf915c73}\3331506882853432045b.exe <==== ATTENTION
Task: C:\Windows\Tasks\SweetSave.job => c:\programdata\{3c392852-57a8-81b3-3c39-9285257aa149}\6101963581763177640b.exe <==== ATTENTION
Task: C:\Windows\Tasks\TalkingBook.job => c:\programdata\{58cb9e65-b2d3-54c8-58cb-b9e65b2d7996}\sevensetup.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Heroes 3 Campaign Editor.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Heroes 3 Map Editor.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Heroes of Might and Magic 3 Complete.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Uninstall Heroes of Might and Magic 3 Complete.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Documents\Manual Armageddon's Blade.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Documents\Manual The Shadow of Death.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Documents\Manual.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Documents\Readme.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Heroes of Might and Magic 3 Complete\Documents\Tutorial.lnk
C:\Users\Milosz\Documents\Euro Truck Simulator 2\readme.rtf.lnk
C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk
C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk
C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk
C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fury-pol-5986466.lnk
C:\Users\Milosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\7\Heroes 3 Map Editor.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\6\Heroes 3 Campaign Editor.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\5\Tutorial.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\4\Manual The Shadow of Death.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\3\Manual Armageddon's Blade.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\2\Manual.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\1\Readme.lnk
C:\Users\Milosz\AppData\Local\Microsoft\Windows\GameExplorer\{FD624853-148D-4EB8-994D-F9E986D21274}\PlayTasks\0\Play.lnk
CMD: netsh advfirewall reset
CMD: ipconfig /flushdns
RemoveProxy: