CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [kissq] => C:\Users\OEM1\AppData\Local\Temp\kissq.exe************* <==== UWAGA
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\Run: [oiawmlye] => "C:\Users\OEM1\smmdoxoq.exe"
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\Policies\Explorer: [] 
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\MountPoints2: {4d724360-7245-11e5-beb3-0c8bfdc58e3c} - "E:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4625184 2020-08-12] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {169008FB-DB4B-4B28-83D4-25900121FBDF} - \Microsoft\Windows\Setup\EOSNotify -> Brak pliku <==== UWAGA
Tcpip\..\Interfaces\{053dd367-583b-473b-8db6-c5d315ff98cd}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{06fcaafb-4feb-4474-aa3e-01e30efd1d78}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{424d92ab-05ec-48e9-9965-3c1850745972}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{70781391-7A33-45D7-AE83-C4463FBA7033}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8233300d-9300-420c-a06e-bfe36bf52359}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C422DD51-B4DD-46E5-A97F-57367085D184}: [DhcpNameServer] 192.168.0.1
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-09-07 06:14:47&bName=
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> DefaultScope {FCC97E89-460F-4C53-B3A9-98C0F26E5419} URL = 
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> {FCC97E89-460F-4C53-B3A9-98C0F26E5419} URL = 
FF NewTab: Mozilla\Firefox\Profiles\ivzczqft.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-09-07 06:14:47&bName=
FF Session Restore: Mozilla\Firefox\Profiles\ivzczqft.default -> [funkcja włączona]
FF NewTabOverride: Mozilla\Firefox\Profiles\ivzczqft.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\ivzczqft.default -> Enabled: allegro-pl@search.mozilla.org
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono
S2 Main Service; C:\Program Files (x86)\MachinerData\AudioShellApp.exe 1 [X]
R1 4A08219E0C44; C:\WINDOWS\4A08219E0C44.sys [25368 2020-09-07] (大连纵梦网络科技有限公司 -> FsFilter Network) [Brak podpisu cyfrowego]
2020-09-07 08:15 - 2020-09-07 08:15 - 000025368 _____ (FsFilter Network) C:\WINDOWS\4A08219E0C44.sys
2020-03-10 13:59 - 2020-03-10 13:59 - 000014073 _____ () C:\Users\OEM1\AppData\Roaming\asfvcxds.exe
2017-12-08 16:55 - 2017-12-08 16:55 - 000000000 _____ () C:\Users\OEM1\AppData\Roaming\gdfw.log
2017-12-08 16:55 - 2018-12-11 10:07 - 000001558 _____ () C:\Users\OEM1\AppData\Roaming\gdscan.log
2020-04-16 22:01 - 2020-09-07 08:20 - 000000000 _____ () C:\Users\OEM1\AppData\Roaming\javvtbb
2020-09-07 08:14 - 2020-09-07 08:14 - 008620544 _____ () C:\Users\OEM1\AppData\Local\agent.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000043520 _____ () C:\Users\OEM1\AppData\Local\ApplicationHosting.dat
2020-09-07 08:15 - 2020-09-07 08:15 - 000000561 _____ () C:\Users\OEM1\AppData\Local\bowsakkdestx.txt
2020-09-07 08:14 - 2020-09-07 08:14 - 000071712 _____ () C:\Users\OEM1\AppData\Local\Config.xml
2020-09-07 08:14 - 2020-09-07 08:14 - 000016464 _____ () C:\Users\OEM1\AppData\Local\InstallationConfiguration.xml
2020-09-07 08:14 - 2020-09-07 08:14 - 000141312 _____ () C:\Users\OEM1\AppData\Local\installer.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000126464 _____ () C:\Users\OEM1\AppData\Local\lobby.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000018432 _____ () C:\Users\OEM1\AppData\Local\Main.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 001134592 _____ () C:\Users\OEM1\AppData\Local\Saonix.exe
2020-09-07 08:14 - 2020-09-07 08:14 - 000068019 _____ () C:\Users\OEM1\AppData\Local\Saonix.tst
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll => Brak pliku
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
2020-09-07 12:44 - 2020-09-07 12:44 - 002298368 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\0e49e848-9f00-42f0-91ce-897d9d1184dc.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 002298368 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\3bf82f6f-9c67-45cd-bbb9-5986d7753866.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\627c1387-091c-447f-a06d-3e8596f17ac9.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\68aaa1e1-1e5a-41ac-ac2a-06a5e2007f3d.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\d0da85d2-0cff-473a-ba5f-e523749e67fa.tmp.node
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKLM\...\.scr: Icad.load.scr =>  <==== UWAGA
IE trusted site: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{C9D8AEE4-52D7-4672-AF0B-662346C601C1}] => (Allow) C:\Ross-Tech\VCDS-AKP\VCDS.EXE => Brak pliku
FirewallRules: [{0480E3D6-B594-4355-9490-A77C20F812C6}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe => Brak pliku
FirewallRules: [{B897925E-3B26-4DCD-9403-1E5E3EC77EBD}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe => Brak pliku
FirewallRules: [{7C6E8566-8FB2-401C-89B3-B93DD152A6CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Brak pliku
FirewallRules: [{657AA8A7-8182-459A-8C88-8E5249CB23CE}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => Brak pliku
FirewallRules: [{CE4B961D-2EE6-4074-BF31-685639C193AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku
FirewallRules: [{ED589E69-03EC-4D01-99AA-25F83B08465A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku
FirewallRules: [{0632209F-13AA-4F63-8769-3A8C558CC8BE}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD 2018\XXX => Brak pliku
FirewallRules: [{307C0465-B62E-498C-B2A4-BA199C6012B6}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD 2018\XXX => Brak pliku
FirewallRules: [{487A371D-1DAA-4021-9920-08E16F8BA97E}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\CineRender\CineRender 64bit.exe => Brak pliku
RemoveProxy:
HOSTS: