CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1165589590-67753357-495150563-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1165589590-67753357-495150563-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-1165589590-67753357-495150563-1001\...\MountPoints2: {b780fdb5-ed18-11e9-b783-408d5c8819cf} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Run: [Discord] => C:\Users\Administrator\AppData\Local\Discord\app-0.0.305\Discord.exe (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Run: [SHU] => "C:\Program Files (x86)\SHU\SHU.exe" silent (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Run: [Spotify] => C:\Users\Administrator\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Run: [Opera Browser Assistant] => C:\Users\Administrator\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku)
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\MountPoints2: {b780fdb5-ed18-11e9-b783-408d5c8819cf} - "F:\HiSuiteDownLoader.exe" 
Task: {3C42DEFE-045E-4132-8E5A-DD0C28A887FB} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Brak pliku)
Task: {4C25795C-D8ED-4E0B-92F0-EF69F35F950D} - System32\Tasks\Opera scheduled Autoupdate 1598457148 => C:\Users\Minecraft\AppData\Local\Programs\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software)
Task: {5324242A-C768-4C87-83BD-078F4341066C} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Brak pliku)
Task: {6B503FAB-4F04-4D26-B659-E9F7B4B63167} - System32\Tasks\Opera scheduled assistant Autoupdate 1626333780 => C:\Users\Minecraft\AppData\Local\Programs\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Minecraft\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {6CC6194E-0EE4-418B-9E25-01A5D4B80363} - System32\Tasks\Opera scheduled Autoupdate 1596906344 => C:\Users\Minecraft\AppData\Local\Programs\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software)
Task: {7AF3A40F-E47D-441C-B172-FAC81F0D5BB5} - System32\Tasks\Opera GX scheduled Autoupdate 1628881245 => C:\Users\Minecraft\AppData\Local\Programs\Opera GX\launcher.exe [2453496 2022-06-28] (Opera Norway AS -> Opera Software)
Task: {861865CC-E3D7-477A-9E67-1DEF2C5655D7} - System32\Tasks\Opera scheduled assistant Autoupdate 1598457149 => C:\Users\Minecraft\AppData\Local\Programs\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Minecraft\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9CC0236C-A241-49EB-8A64-7399EC545500} - System32\Tasks\UpdateWindows => C:\Users\Minecraft\AppData\Roaming\WinHost\svchost.exe (Brak pliku) <==== UWAGA
Task: {9CEA6187-BE42-4E83-97DC-EC99F2BEC0BB} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1630436553 => C:\Users\Minecraft\AppData\Local\Programs\Opera GX\launcher.exe [2453496 2022-06-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Minecraft\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {9D302BD3-8B89-4DB0-9031-9E81A69C51EA} - System32\Tasks\Opera scheduled assistant Autoupdate 1596906346 => C:\Users\Minecraft\AppData\Local\Programs\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Minecraft\AppData\Local\Programs\Opera\assistant" $(Arg0)
Tcpip\..\Interfaces\{019d5ce9-1b68-4548-9edf-d7d510532a4e}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{08d42cd1-063b-4aa7-ac51-59116b3f8ea7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{08d42cd1-063b-4aa7-ac51-59116b3f8ea7}: [DhcpNameServer] 192.168.1.1
CHR DefaultSearchURL: Default -> hxxps://ymp4.download/img/ympt-logo-large-192.png
S3 mracsvc; C:\Windows\System32\mracsvc.exe [23885544 2022-02-02] (My.Com B.V. -> My.com B.V.)
S2 sedsvc; "C:\Program Files\rempl\sedsvc.exe" [X]
S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [23122952 2022-02-02] (My.Com B.V. -> My.com B.V.)
S3 kgds service; \??\C:\CrossFire\CrossFire\kgds.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]
2022-06-28 08:07 - 2020-08-26 17:52 - 000004284 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1598457148
2019-12-18 20:26 - 2019-12-18 20:26 - 000000791 _____ () C:\Users\Minecraft\AppData\Roaming\ADM_10487.html
2019-12-19 14:44 - 2019-12-19 14:44 - 000000791 _____ () C:\Users\Minecraft\AppData\Roaming\ADM_7534.html
2019-07-31 22:48 - 2022-07-02 08:30 - 000192512 ____C () [Brak podpisu cyfrowego] C:\Users\Minecraft\AppData\Local\Temp\sfamcc00001.dll
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:19480092594194a127310869d618ccd6 [394]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:2e7adecd915fad7ede6cff9c6c6e4e6e [394]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Minecraft\Dane aplikacji:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:19480092594194a127310869d618ccd6 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:2e7adecd915fad7ede6cff9c6c6e4e6e [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Minecraft\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]
SearchScopes: HKU\S-1-5-21-1165589590-67753357-495150563-500 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
HKU\S-1-5-21-1165589590-67753357-495150563-1001\...\StartupApproved\Run: => "transactionservicesmain"
HKU\S-1-5-21-1165589590-67753357-495150563-1001\...\StartupApproved\Run: => "transactionservices"
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\StartupApproved\Run: => "transactionservicesmain"
HKU\S-1-5-21-1165589590-67753357-495150563-500\...\StartupApproved\Run: => "transactionservices"
Hosts:
RemoveProxy: