CloseProcesses:
CreateRestorePoint:
EmptyTemp:
File: C:\Windows\SysWOW64\Rezip.exe
File: C:\Windows\System32\Drivers\sptd.sys
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Eaogok] => C:\Users\Pati\AppData\Roaming\Eaogok.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Windows Login access] => C:\Users\Pati\AppData\Roaming\web2net.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [BingSvc] => C:\Users\Pati\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c892-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c897-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {3cf513e8-bdfc-11e1-89f2-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {9ef5003e-bdff-11e1-93b0-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb41-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb48-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {ce7ff863-d323-11e0-9411-000b6b651b3d} - G:\LGAutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {e49ac23b-6453-11e4-aa9c-000b6b651b3d} - G:\Startme.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b07c-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b082-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {f8a3958b-a2fe-11e9-a874-000b6b651b3d} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {fcfd0a29-5aad-11e7-a334-000b6b651b3d} - G:\HiSuiteDownLoader.exe
Task: {1AD177E9-A356-4DCE-BBA7-B70C6411AD5A} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA
Task: {4FEA1C6F-1563-411B-ABDC-7E0834E6D84E} - System32\Tasks\{5083AD46-2029-4429-9FAF-23124CF0C906} => C:\Windows\system32\pcalua.exe -a C:\Users\Pati\Downloads\Nero-7.9.6.0_plk_trial(DobrePliki.pl).exe -d C:\Users\Pati\Downloads
Task: {7F2DA135-47E4-431E-BA02-8313A83401E8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {8DB39D44-643E-4DDA-9EF5-3A3E667C95F7} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA
Task: {D690AF97-5FA1-4109-9362-55FB7698CBC4} - System32\Tasks\NodEnabler => c:\nodNodEnabler.exe <==== UWAGA
Tcpip\..\Interfaces\{8C7EC1FB-1023-4C7F-B871-484617D467BA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {759BAE1A-1D16-4449-85D5-FD4C58ED355A} URL = hxxp://www.bing.com/search?FORM=MSNTLB&PC=MSNTDF&q={searchTerms}&src=IE-SearchBox
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll => Brak pliku
Toolbar: HKLM - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Brak pliku
Toolbar: HKLM-x32 - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Brak pliku
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension => nie znaleziono
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nie znaleziono
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-02-26] () [Brak podpisu cyfrowego]
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Brak podpisu cyfrowego]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-24] () [Brak podpisu cyfrowego]
S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [X]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2012-02-26] ( () [Brak podpisu cyfrowego])  [Plik w użyciu ]
U3 afbkhznu; C:\Windows\System32\Drivers\afbkhznu.sys [0 0000-00-00] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
2011-09-01 15:08 - 2012-07-29 15:37 - 000001892 _____ () C:\Program Files (x86)\INSTALL.LOG
2011-09-01 15:07 - 1998-04-30 14:56 - 000129024 _____ () C:\Program Files (x86)\UNWISE.EXE
2011-10-16 13:07 - 2011-10-16 13:07 - 000000000 ____H () C:\Users\Pati\AppData\Roaming\Hej8FIL77Eh7
2011-10-16 13:04 - 2011-10-16 13:04 - 000000000 _____ () C:\Users\Pati\AppData\Local\{017713EC-4DD1-4D54-872B-87F57AFA4E41}
2011-11-18 20:33 - 2011-11-18 20:33 - 000000000 _____ () C:\Users\Pati\AppData\Local\{2742A24C-7A85-4AB3-86BC-EE516A3C78C5}
2011-08-28 12:54 - 2011-08-28 12:55 - 000000000 _____ () C:\Users\Pati\AppData\Local\{3342FD3E-FE97-4504-9833-4010476E5273}
2014-09-05 22:58 - 2014-09-05 22:58 - 000000000 _____ () C:\Users\Pati\AppData\Local\{5AB1BC3C-D9E5-42FC-A733-ED23C23F28A3}
2011-11-18 21:00 - 2011-11-18 21:01 - 000000000 _____ () C:\Users\Pati\AppData\Local\{60D35849-EF15-4BCF-9A3A-ACF99CF6FAAD}
2011-07-30 14:08 - 2011-07-30 14:08 - 000000000 _____ () C:\Users\Pati\AppData\Local\{68F1F850-B947-4198-AF38-E3D5906F99AA}
2011-08-12 16:57 - 2011-08-12 16:57 - 000000000 _____ () C:\Users\Pati\AppData\Local\{85954DC2-B0ED-4722-99C9-2037E6E97ECA}
2011-08-04 22:29 - 2011-08-04 22:29 - 000000000 _____ () C:\Users\Pati\AppData\Local\{874CA239-9283-4922-9F5A-B1606BBF671C}
2011-07-31 13:57 - 2011-07-31 13:57 - 000000000 _____ () C:\Users\Pati\AppData\Local\{A051F34D-FAAB-45DB-B62C-735DE09A45CB}
2011-07-31 13:54 - 2011-07-31 13:54 - 000000000 _____ () C:\Users\Pati\AppData\Local\{B7C7E8FF-7E05-496F-AA74-272E24077CDD}
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [266]
FirewallRules: [{4BD4C31D-A7B0-4B7F-A1B8-6C15A8425673}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe => Brak pliku
FirewallRules: [{0251EF26-5855-4B4B-8C6E-7C80207C9F23}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB86BF37-3D6A-4BEB-A1BB-E0E96B832228}] => (Allow) LPort=2869
FirewallRules: [{E91C232B-1E26-4117-85F7-EB7E13A52832}] => (Allow) LPort=1900
FirewallRules: [{473A2608-00FD-4C62-9A5F-9130A1658F7D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE9E63B4-F8E7-425A-AF31-0B74122AD325}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A487D5C-DC1E-4D27-9513-288C038265DD}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1104656E-D335-462B-84A2-D1179619B08B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1E735ABD-361C-4952-80A8-1DCF5825C0AD}] => (Allow) C:\Windows\SysWOW64\dfrg\btc-miner.exe => Brak pliku
FirewallRules: [{75F4A938-0AAE-49D4-A5C7-D5908F3B3128}] => (Allow) C:\Windows\SysWOW64\dfrg\btc-miner.exe => Brak pliku
FirewallRules: [{79F58804-32D0-44D5-99C8-BF63826A20FA}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe => Brak pliku
FirewallRules: [{5F99346C-1B73-4C54-830F-8B8FAD94CA7B}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe => Brak pliku
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Download Licenses.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Insert license with the maximum expiration date.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Open Settings.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Recover current license.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Run hidden.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Update license.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\pgAdmin III.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\psql to 'postgres'.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Reload configuration.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\Installation Notes.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\Npgsql API Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\Npgsql Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\PL Java README.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\PL Java Users Guide.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\PostGIS Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2\Documentation\psqlODBC Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design\Icy Tower 1.3\Icy Tower Instructions.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design\Icy Tower 1.3\Icy Tower on the Web.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\NodEnabler\NodEnabler 3.0.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\NodEnabler\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk
C:\Users\Pati\Start Menu\Programs\Browser Manager\Uninstall Browser Manager.lnk
C:\Users\Pati\Desktop\zdj\Nowy folder (3)\Apps.lnk
C:\Users\Pati\Desktop\programy\McAfee Security Center.lnk
C:\Users\Pati\Desktop\programy\McAfee Security Scan Plus (2).lnk
C:\Users\Pati\Desktop\programy\McAfee Security Scan Plus (3).lnk
C:\Users\Pati\Desktop\programy\McAfee Security Scan Plus.lnk
C:\Users\Pati\Desktop\programy\Skype.lnk
C:\Users\Pati\Desktop\programy\Update NOD32 license.lnk
C:\Users\Pati\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Skype.lnk
C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter Video Converter.lnk
C:\ProgramData\BlueStacks\UserData\Library\My Apps\Appstore.lnk
RemoveProxy:
Hosts: