CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKU\S-1-5-21-2624396024-4218587744-521422349-1005\...\Run: [ProductAuthenticationService] => C:\Users\K\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2019-05-07] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== UWAGA
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
Task: {300325B6-84C2-4CBD-8B0E-574730CA6873} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Brak pliku)
Task: {6CCD7F0A-3FF7-4C13-AB6F-9C68EBDED9F2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (Brak pliku)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe (Brak pliku)
Task: {7D993353-1A89-4BAE-93EC-DCDB7F64FB9F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exe Display (Brak pliku)
Task: {98D92948-F16E-47FE-A1C6-2CCFD19BD659} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Brak pliku)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Brak pliku)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Brak pliku)
Task: {FABC4308-9054-47E7-A0B2-5E8DBFB0D306} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (Brak pliku)
Tcpip\..\Interfaces\{037f1f48-ac15-4fc7-9d5b-8d33dff1ef36}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{037f1f48-ac15-4fc7-9d5b-8d33dff1ef36}: [DhcpNameServer] 31.11.173.2 89.228.4.126
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.119\elevation_service.exe" [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
CustomCLSID: HKU\S-1-5-21-2624396024-4218587744-521422349-1001_Classes\CLSID\{C5DC0A6A-55A6-DA07-3763-C0D9B53A9B94}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2624396024-4218587744-521422349-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\KONDKJE\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2624396024-4218587744-521422349-1005_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\K\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2624396024-4218587744-521422349-1005_Classes\CLSID\{C5DC0A6A-55A6-DA07-3763-C0D9B53A9B94}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
AlternateDataStreams: C:\Users\K\Downloads\Vysor-win-4.1.77.exe:MBAM.Zone.Identifier [622]
AlternateDataStreams: C:\Users\K\Documents\esetonlinescanner.exe:MBAM.Zone.Identifier [50]
AlternateDataStreams: C:\Users\K\Documents\FRST64.exe:MBAM.Zone.Identifier [50]
HKU\S-1-5-21-2624396024-4218587744-521422349-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-2624396024-4218587744-521422349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2624396024-4218587744-521422349-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2624396024-4218587744-521422349-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FirewallRules: [{0B7CC867-ED7E-4599-9310-F2B2AF8865E1}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Brak pliku
FirewallRules: [{5464C0C9-9B11-4FED-98E2-F6AC4F62885C}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Brak pliku
FirewallRules: [UDP Query User{D30B7C74-C91A-49BC-AA51-F8679A9BE7E2}C:\users\k\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\k\appdata\local\discord\app-1.0.9008\discord.exe => Brak pliku
FirewallRules: [TCP Query User{1A80DF97-7063-4321-A41E-FEC41105E614}C:\users\k\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\k\appdata\local\discord\app-1.0.9008\discord.exe => Brak pliku
FirewallRules: [{AA617D77-24AF-4C91-BAE7-5550826A2F9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{075D7FA2-A3F6-418A-B09D-36663BB613AC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{D5426C81-F9B6-404C-8ED8-B1C9C7B02C97}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{051751BF-E22A-4103-A0FB-060130B59535}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{F2D641BD-CC39-4CEC-A9B7-532F69E197EC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{DA42C364-351F-4B34-A77A-A00C8F0DB195}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{6DD3A1C1-43A7-4293-8E32-46AB0D709C3D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{417EB1B2-C34D-45C9-AC80-9D0354C3D360}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{E501B17C-82BC-4415-BA44-062E184E6DE3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{F4941733-F477-4ADF-9AE0-6D49CB9F7920}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{EE3EE196-1A79-47D7-B8CC-BB8E34FE97A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{8339D73F-47F3-4DEE-A4E8-EF04B06B78A7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => Brak pliku
FirewallRules: [{FF4B6447-8B8A-4AD0-8F24-6D3239326EB7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{BA5EAC07-8C24-4E29-A54F-A8C7F4552F8E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{764A6111-E62F-4B45-8559-424821939066}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [{5C3F09DE-9312-489A-88EE-45A61C87214C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe => Brak pliku
FirewallRules: [UDP Query User{555E5060-AB18-41E7-8786-CC5462A36A8D}C:\users\kondkje\appdata\roaming\mobaxterm\slash\bin\xwin_mobax.exe] => (Allow) C:\users\kondkje\appdata\roaming\mobaxterm\slash\bin\xwin_mobax.exe => Brak pliku
FirewallRules: [TCP Query User{B59195DA-248D-4D9F-9578-B718059AE1E4}C:\users\kondkje\appdata\roaming\mobaxterm\slash\bin\xwin_mobax.exe] => (Allow) C:\users\kondkje\appdata\roaming\mobaxterm\slash\bin\xwin_mobax.exe => Brak pliku
FirewallRules: [{5B21EB2E-83A5-47FF-8130-0B335617A9DB}] => (Allow) C:\Program Files (x86)\Embarcadero\Studio\21.0\bin\bds.exe => Brak pliku
FirewallRules: [{C1AF3927-5E1A-4547-AE87-BD6D1C155863}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => Brak pliku
FirewallRules: [{855D5990-C955-416B-8079-5498F35A6133}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Brak pliku
FirewallRules: [TCP Query User{9075E7F4-35C5-4639-88C6-7CBECA267BEC}C:\windows.old\users\kondkje\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\windows.old\users\kondkje\appdata\roaming\telegram desktop\telegram.exe => Brak pliku
FirewallRules: [UDP Query User{4A5ABA80-7FB4-4533-8A4F-1194B2A00818}C:\windows.old\users\kondkje\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\windows.old\users\kondkje\appdata\roaming\telegram desktop\telegram.exe => Brak pliku
FirewallRules: [{0D0F288D-43A2-423E-B90F-318FFAED694E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => Brak pliku
FirewallRules: [{FB6ED2AA-4401-4020-9A00-7441A969B2F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => Brak pliku
FirewallRules: [TCP Query User{FC7DC845-7A78-462C-A473-64F7B004A324}C:\users\kondkje\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\kondkje\downloads\utorrentportable\app\utorrent\utorrent.exe => Brak pliku
FirewallRules: [UDP Query User{C7A0E5B1-BF43-4761-9F2C-D0BB24F89B33}C:\users\kondkje\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\kondkje\downloads\utorrentportable\app\utorrent\utorrent.exe => Brak pliku
C:\WINDOWS\system32\Elan_FP_Image_*.txt
Hosts: