jessica

START::
Task: {F16CD525-8C85-4F99-87F0-0A74F5101AA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC EngagedRebootReminder (Brak pliku)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
EmptyEventLogs: 
FirewallRules: [{04BB9588-6273-49D9-A4FD-4F1332C865CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{921BF9E0-F37B-44AB-8F79-8637BCD329EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{1BF1FFD6-0601-482F-8F64-755704631370}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{BA701DC2-C14E-4ED7-807E-D01C05A0CF3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{51AAF78E-0F20-476D-8708-3715FEAE1E87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{242634A7-6D51-48E9-9DE5-647E1630976D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{0A9990B1-2DFA-4B90-8B68-6BF4889CEE52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{90413C32-C2C0-4B66-BF96-DEF491BBB1FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku
FirewallRules: [{AF220909-C8E4-4200-92C4-403FCD8B3458}] => (Allow) C:\Users\Rodzice\AppData\Local\Temp\7zS19E1\HP.EasyStart.exe => Brak pliku
FirewallRules: [{533A3FED-93EC-4834-A476-67CE0213FB2E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Brak pliku
FirewallRules: [{B04988B4-DBCF-42F2-A525-F1E4F8156C26}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Brak pliku
HKLM\...\RunOnce: [DEL_ST_CPL] => CMD /C del "C:\WINDOWS\TEMP\ST_CPL.pkg.XML" /F (Brak pliku) <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
Task: {71BBFC01-FF67-40C8-8537-117D1BBF2EE0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery EngagedRebootReminder (Brak pliku)
Task: {780F4949-4282-40CD-AAF0-DA7C3CF54CB7} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe /checkin (Brak pliku)
EmptyTemp:
END::

START::
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKU\S-1-5-21-922879001-606978222-2516730686-1002\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe (Brak pliku)
BootExecute: 
Task: {BD8E89C7-D2B2-416C-A4C4-20F441B3F2DF} - System32\Tasks\SecurityServiceHub => C:\Users\kazim\AppData\Local\ServiceHub\SecurityServiceHub.exe (Brak pliku)
Task: {B83A0437-D080-4CDA-9D46-B6A5C6EE2C4A} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Brak pliku)
Task: {3DD077B1-B5A0-4017-80C6-3D1871B82076} - System32\Tasks\MicrosoftEnvelope => C:\Users\kazim\AppData\Local\windows\MicrosoftEnvelope.exe (Brak pliku)
Task: {5F44933B-285C-4587-9BC8-F69CC6DE443F} - System32\Tasks\SecurityHealthEnvelope => C:\Users\kazim\AppData\Local\windows\MicrosoftEnvelope.exe (Brak pliku)
EmptyEventLogs: 
EmptyTemp:
END::

START::
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
EmptyEventLogs:
EmptyTemp:
END::

START::
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
EmptyEventLogs: 
EmptyTemp:
END::

START::
HKU\S-1-5-19\...\Policies\system: [] 
HKU\S-1-5-19\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-20\...\Policies\system: [] 
HKU\S-1-5-20\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [] 
HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-18\...\Policies\system: [] 
HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1
FirewallRules: [{02E2C65F-E883-467A-AFC3-FB3FB5392466}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A52A8691-4A46-413C-AF22-F9B2D8A49570}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3D0D360F-A598-43FA-B85C-5EDF096B8326}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{0EFB1AF2-6603-4290-A29C-9281A020FEF7}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C52D4A72-3452-4B60-9951-BF89E9A28D21}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9346478C-F205-47CB-9E28-A22E00A6F14A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{73C89B12-BC69-424D-BEE9-BC4DDCA91B4E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{76C214D8-DF69-4FE5-AE05-B034A80E45F5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E351348D-158B-41B4-BF7F-47F92ED0B62E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{8CABBA64-7F4E-4304-871B-492B30AC372C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{D323A7DC-24F3-42D6-B1B6-6D3523BFDB97}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{75AE4A0E-40F7-42DC-AF21-313F5E254221}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{8FE5DD6C-C048-4DE1-A246-1BE702CF4EEB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B10EA169-0563-4513-A7B8-A6F6AB1DB202}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FFE75938-C863-4E8C-8006-C032A4820720}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{19218712-4D3B-449E-B7BE-EC8CE5A975DD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{78BA5A64-8897-4CE3-9D30-23F40B2725A1}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{193C5CC5-C6D8-403E-9AAC-027250652AD6}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{2C1E77E4-31AB-4795-8E5B-9F55988E4AA4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{92D02196-9354-44E4-A483-3CEB63F48738}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FC0E650B-8C89-443A-BF7A-BDB5766B2323}] => (Allow) C:\WINDOWS\System32\WScript.exe
EmptyTemp:
END::

START::
FirewallRules: [{28114C2E-C925-4679-BB0E-523FB8958FFE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{15E71875-724D-4B79-9548-035CECDB3B6B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{86A2635C-1F6E-4E64-A855-BD92CC740006}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4725F968-2ABF-4593-AB6D-2652CBF5EA40}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{78CD3739-452B-48D0-AB3C-472709ACF0D3}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{014CE9D2-4325-4DED-BB75-F53007081142}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{45629A0D-264F-4206-AFD5-E701BFBCDBD0}] => (Allow) C:\WINDOWS\System32\WScript.exe
HKU\S-1-5-19\...\Policies\system: [] 
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-31] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Policies\system: [] 
HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [] 
HKU\S-1-5-18\...\Policies\system: [] 
HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1
GroupPolicy\User: Ograniczenia ? <==== UWAGA
Task: {FA5D207C-18BC-44E1-9133-0E131D7C640A} - \TR_AntiHijack -> Brak pliku <==== UWAGA
EmptyTemp:
END::

START::
C:\Program Files (x86)\si4mre5k7p.dat
EmptyEventLogs: 
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [Debugger] rundll32.exe SECOPatcher.dll,PatcherMain
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
S3 GPU-Z-v2; C:\Users\Miloszpl\AppData\Local\Temp\GPU-Z-v2.sys [52008 2022-11-28] (TechPowerUp LLC -> ) <==== UWAGA
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
R4 edevmon; system32\DRIVERS\edevmon.sys [X]
S3 HWiNFO_171; \??\C:\Users\Miloszpl\AppData\Local\Temp\HWiNFO64A_171.SYS [X] <==== UWAGA
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
EmptyTemp:
END::

START::
HKU\S-1-5-19\...\Policies\system: [] 
HKU\S-1-5-19\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-20\...\Policies\system: [] 
HKU\S-1-5-20\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [] 
HKU\S-1-5-21-2737232935-218490253-4012713160-1001\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-18\...\Policies\system: [] 
HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1
EmptyEventLogs: 
FirewallRules: [{F554D1A2-8716-4ABC-8F8F-7B08C9A94C96}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084.exe => Brak pliku
FirewallRules: [{38BA87D3-8A72-4F47-B349-9068AE4863A9}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084.exe => Brak pliku
FirewallRules: [{D47463E2-18A9-4D7E-8659-90163BB0329B}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084 (1).exe => Brak pliku
FirewallRules: [{6F88EE3C-F6C8-40D7-81A2-AA4C31050C16}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084 (1).exe => Brak pliku
FirewallRules: [{E08E7CBF-F785-4604-AF98-4B3B40056569}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084.exe => Brak pliku
FirewallRules: [{85EE72D6-61C3-4C1F-A661-808CB0CBB07A}] => (Allow) C:\Users\Biuro\Downloads\AeroAdmin_616768926084.exe => Brak pliku
FirewallRules: [UDP Query User{251C7899-6F1C-4BF6-AA44-1B11E585261E}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => Brak pliku
FirewallRules: [TCP Query User{FEFF538E-45D9-4812-B9C2-FF76CE387690}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => Brak pliku
FirewallRules: [UDP Query User{61450169-87FE-494A-A499-1A487684DFE4}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => Brak pliku
FirewallRules: [TCP Query User{B896B489-6B7F-4F35-817B-B4EC18B33C50}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => Brak pliku
FirewallRules: [{ED493ABA-60ED-4FDF-8837-539DBF536499}] => (Allow) C:\Users\Biuro\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{834830C3-B9C8-454A-978B-C954D6441A0D}] => (Allow) C:\Users\Biuro\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{CFB09E16-A753-42D4-A03E-201EA4FA8241}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => Brak pliku
FirewallRules: [{42647F88-7517-4535-8DC1-CE1E75296DB4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => Brak pliku
FirewallRules: [{8C42FB7C-ABF2-4F32-BB49-8B976750F3FB}] => (Block) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe => Brak pliku
FirewallRules: [{DA6DB4A3-464D-40BE-9050-CE6720FDAC5A}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{76D0BEDF-82E4-47CB-AC08-CC8F683CA9EE}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{F14D96B3-22A1-483E-A04E-32FDC9E89DD5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{1655C731-C4A1-4D21-93C1-88F9EC151C07}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{0BC23F8C-ED92-4792-AF7A-F55B1C713F7C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3FF895AA-D205-419A-BE0C-2566A6066D03}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FFC6859C-E813-4065-B603-CB30CBF914CD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7D69B465-CE3E-4C42-BC4C-D8AA20AF991D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9516FA39-24CF-44A6-BDAD-76BD06383F65}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{8936013E-1809-4ACE-9E02-074C6FD3CB62}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5AF3F212-C443-4A9B-8AF1-CAE49AB318D1}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5C8AAC57-C89E-4B4B-9B28-70CB8D718636}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{AC3507A0-50C2-44FA-B65A-9DE71CCCDDEE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E2797E26-0B42-46FF-A038-65EE09ADBD3D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4C203D41-6C0F-4F9F-967D-CF3C68E421DC}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5B19CC47-FB5C-4F9B-8825-EA4FB31CDD48}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{480E7F30-87FD-48CC-982F-C6D5EC2DD718}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{37B2A245-F06B-4DAF-B7F1-3A17A3F04851}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{11AAFD96-F5F4-44A4-9765-D39FDB69B37D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4213E777-5A6D-4E6B-80CD-D6EBAE201ED2}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{062F0E8D-16A2-4722-9682-3FA993FDA319}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F422EA77-B64D-41B4-BDE4-91326883433B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F82A7658-04BA-4205-825D-5FC67B5C9362}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FE371CDD-BFDC-43DC-8C34-5F161B207569}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{2333B98E-8FE5-47E2-B6FD-A8B9A362161A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7A7B918F-D2D6-4785-9A7F-B2C437BED579}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F4030871-E7AB-413A-AED8-5ACF2FA2A868}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{70EF6AEA-0178-47D4-9674-0B2826639D3D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{63BFB4D0-C87D-4449-BD83-7A7759F43A49}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{449549BA-45F7-4794-96F7-37B6B4295CDE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E84A2C9E-7A76-4046-AFEA-F783789C5EFD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{EACA4FC8-81A3-4FA5-A46B-615EE2E2F0D9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E64A116D-B8A4-4862-A8F2-00605CC20390}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{93EC5DE0-23BA-413C-B10D-35B99ED63D9D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{44F0F64C-BD80-458D-A039-971B7B2CABF8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{200E298B-3D47-4478-BD63-96A299186CFE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{56709463-E18F-4738-9C02-D3F292C83C3A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CB0BD94F-E175-42DD-BCC8-359E04900783}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{1617CE4F-5E58-4D6C-BF5D-6E9AF5B40D63}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{62F0D83B-3EBB-4771-8827-28D22555F3AF}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{1A3E3FF6-3710-41E5-AAF9-69E2E8E905F4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{98B40A7B-C4F7-4144-A0D6-B75220DB092F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9AA8C231-DAC4-4903-BCBF-B47CEFEB4C36}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C0FE80BB-0331-4405-A564-E3FA879420DB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{EAAE7E32-C6C7-4CFF-98E8-F2FBB536C95E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{86CDA1B3-183B-4489-98ED-88FD83C7AD51}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{93DFDDBA-A6CD-42BC-BB06-A271178F35D1}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F20E51F4-0C17-4F70-8D28-3F50322F2ECE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FCE61E54-D759-45A6-8BDF-88440B3BA5A9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E0F87E6F-0B5C-4E25-86EB-F50D0F665DAC}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{05C1D9F6-B5E8-4277-A7E8-EEE3270E51B4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{0617D638-933B-41BE-9411-20A91CE81D12}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C0B787BD-891D-49E0-93A1-1AC6D1CB66F8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{8778E191-6AD7-4C6B-B506-62DC48937A21}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{30C1E9D2-1F57-4CAD-A2D9-BB6FA0EDE763}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{626D051F-D143-4834-B080-75AFAF1A20AF}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{50B60214-7C46-4952-AABC-3FD7E06DC5F4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F2676EEF-F55C-4DAF-A105-4F406F04917F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{064643F0-C1C5-46AD-9D73-4A6B224E4FE4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FF798977-49D3-4E66-B3A7-C29926D3BE1B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{90E67D66-1F1D-421B-A863-D00B5702849C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{AEB799A5-D17C-427A-BFBA-BBDE9D3FDBC9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{63919314-38C7-473F-A472-D081591FECB9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{DA7262F6-69FA-4EFF-8DBB-A0E5B11A6430}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{48F1BF99-2397-4991-B374-8C004D259596}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{66AA036D-F9C1-4EB0-97ED-EA11DAC070AA}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B1143427-D9C1-4BEB-9F3A-B3729C8D613F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{BAD49AEC-772E-49F4-ABFD-050FF1DB7D36}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{59A9883C-F266-4D79-B894-7F5AE5345C8A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{54913EF0-6ECB-4E7C-92BC-36EB41FAF164}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{0222909A-965A-407A-8B8D-7F2AEBB295AB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7761BDD3-C6CD-4DF0-A4A0-207A35F32D44}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{48008FA7-E008-4504-930B-530C47E85292}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{2FA25775-2788-4863-8DFB-1893E14C3EFA}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{6C5E24F8-AF66-4C4E-A686-FFE26926B31A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E68CF726-D15D-4C01-8F18-511BAD1BB39D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{95D590E3-3E67-433B-828F-898CBBEF647E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3B21B82C-5BE2-4C79-8CAE-33181D9F1C2F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9887CBF9-4E87-4770-8074-8D4BDA9E943A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{07DA6308-6C99-4DBC-B89E-78E656680E28}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{23CD6026-6870-41AD-A5B2-930224896BF5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CE605106-0D9C-4605-8ACD-01E657598407}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{41187563-5513-4E75-94D0-1D1B2D57DD0F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{56549E73-14DB-418B-9FFC-A6B17F0AA19E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{38858087-D2F4-449D-9D0B-C1A4DEEA56F8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7AF935E0-4E70-44ED-B5AD-2330318C979B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{030D0B33-F499-4A2B-AF02-DC47D41D49EA}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CC678969-763C-4E07-9BCB-CCBB29B9AA4F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{511C21DB-0CA1-4A63-9FDD-97BD29AE1AAC}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E303FD22-1F90-463F-AF5D-6F3A9E2C155C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{33EB964A-9F18-477B-B505-AD31D03FF106}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{13129A3B-D6B6-4BCE-B583-A053A3B7D73A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5F79757C-D248-4D83-A880-7EA4459D3482}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C16FB201-BD4A-4087-B582-ECFBE844B441}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E90318AE-3092-407E-800C-3E48EE83F4D0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{1DEB35C5-33F0-434A-A862-5C8D395E8AF0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9C716677-4CCB-4477-B9C1-80BFFA128DDE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{32232FE8-EC69-4647-96D0-807B697103F4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{95FB538B-6AC0-405C-9389-9FEACAE10181}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CAF8B1F1-FB8C-4831-B93E-2E4197357F6E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B55043C1-5761-40EC-B5BD-219325BAE835}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CABD83FC-672A-419A-B115-8915535DFF9C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{262699AC-6079-45BF-94D9-D191AB003E72}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{0D35A95A-342A-4679-B2D8-CA6C16E9E759}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{64B907BF-D8C1-4121-A99B-96CD143A8F8D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CCA323AC-05FD-4DE1-A331-4299F2F433B0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{70BBA849-8D02-465B-8AD7-70334834F0EC}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{406B58D3-9C7B-4E6C-9B82-AA4A2C7BED82}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{DCD3349E-5625-42C0-98B6-CC0EB54F9DBE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{EB3B199D-E8B4-4076-B422-9C645D2C5858}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{DAD7E1D3-9983-4C5A-845D-088C5CA5BFFE}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{AE15234A-6E0D-4399-A837-84747497CAC3}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{49C2654F-812E-4BAF-9BFD-49B05B08159C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{98BCC970-A263-4730-A993-6CF304D8D14A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FD266669-982C-4FEC-BA7A-64B4C27F03F5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E16E47B1-2431-4390-BB66-3FE4E782E7CB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{25FA537C-BA81-4772-9AF0-F6433190ED0A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3DEE726C-57E1-4833-BEB4-4465A31ADFEC}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A569E5DD-A418-4516-B30A-956D2B759BBB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{8859E461-9D02-424D-841A-CB6A17AAF88B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B3445D8C-938E-4F75-8ADE-7F84AF36B7D9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A3ED0063-5E51-4817-8E99-E3C739BC5C6E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{55425F6D-A2D7-4F4D-9A6A-75A7445E6A39}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{354E803F-3867-4B95-A12D-5C63BD7816D5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{6B08EA8F-428B-457A-BD60-6A100589E87D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A419AC82-E4BC-4161-879C-91B25CAE02C5}] => (Allow) C:\WINDOWS\System32\WScript.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\Users\Biuro\Desktop\Pulpit\Programy\EaseUS Partition Master 13.0.lnk 
C:\Users\Biuro\Desktop\Pulpit\Programy\EaseUS Todo Backup Free 13.0.lnk
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
GroupPolicy: Ograniczenia ? <==== UWAGA
GroupPolicy\User: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
Task: {38846E17-D0EB-4FA2-8150-7DA0A1E8860E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Brak pliku)
Task: {BDCE670D-95D3-468E-83F7-863E6343AD20} - System32\Tasks\TR_AntiHijack => C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe (Brak pliku)
C:\Users\Biuro\Downloads\fixlist.txt
EmptyTemp:
END::

START::
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA
RemoveDirectory: C:\ProgramData\boost_interprocess
EmptyEventLogs: 
HKU\S-1-5-21-4252821493-3314682548-1048800923-1001\...\Run: [TeraBoxWeb] => "C:\Users\neopl\AppData\Roaming\TeraBox\YunWebService.exe" (Brak pliku)
HKU\S-1-5-21-4252821493-3314682548-1048800923-1001\...\Run: [IGClient] => "C:\Program Files\IGClient\IGClient.exe" (Brak pliku)
HKU\S-1-5-21-4252821493-3314682548-1048800923-1001\...\Run: [ecad650074ed35d08ab9d84a81d9601d] => "C:\Program Files\DVDFab\Video Enhancer AI\LiveUpdate.exe" --run_mode=background_check (Brak pliku)
HKU\S-1-5-21-4252821493-3314682548-1048800923-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (Brak pliku)
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA
SearchScopes: HKU\.DEFAULT -> DefaultScope {C65B60E5-EA3F-4BD8-8992-E36281BD7BB7} URL = 
SearchScopes: HKU\S-1-5-21-4252821493-3314682548-1048800923-1001 -> DefaultScope {C65B60E5-EA3F-4BD8-8992-E36281BD7BB7} URL = 
SearchScopes: HKU\S-1-5-21-4252821493-3314682548-1048800923-1001 -> {C65B60E5-EA3F-4BD8-8992-E36281BD7BB7} URL = 
Task: {2E0A2E91-F4F7-4670-8E97-3A4C1594A7E3} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (Brak pliku)
Task: {3A5B8BB2-ECA3-47C9-9C2A-AD3219389D38} - System32\Tasks\{D667DBEC-B165-4CE8-8B4C-8DEFDDE15D9D} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe" -d "C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin"
Task: {6D28736B-509F-494D-B334-CA73F81E5E3B} - System32\Tasks\pontiac-powerseller => C:\ProgramData\prot-procedure\bin.exe [12686336 2022-04-05] () [Brak podpisu cyfrowego]
Task: {71E09425-5576-498B-8EFD-3277DA644EAF} - System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe (Brak pliku)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
FF Homepage: Mozilla\Firefox\Profiles\3rpon9tq.default-1483130207276-1633551053941 -> hxxps://www.mail.ru/
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Brak pliku]
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]
EmptyTemp:
END::

START::
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
EmptyEventLogs: 
EmptyTemp:
END::