CreateRestorePoint:
CloseProcesses:
EmptyTemp:
File: C:\Users\Jan\AppData\Local\Programs\kryptex-app\Kryptex.exe
HKU\S-1-5-21-3681427606-3186991904-2750454075-1001\...\MountPoints2: {1fd0d894-806d-11e9-9651-3c2c30abf1d2} - "E:\startme.exe" 
HKU\S-1-5-21-3681427606-3186991904-2750454075-1001\...\MountPoints2: {f431d603-c077-11eb-9770-3c2c30abf1d2} - "E:\startme.exe" 
HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA
HKU\S-1-5-21-3681427606-3186991904-2750454075-1001\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA
Task: {1D8E3947-530C-4FD6-AACD-9ABEB2B0D837} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Tcpip\..\Interfaces\{5ca9f9fb-037e-486e-a3d7-16fd7901a3be}: [DhcpNameServer] 192.168.0.1
S2 DellUpdate; "C:\Program Files (x86)\Dell Update\DellUpService.exe" [X]
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> Brak pliku
HKU\S-1-5-21-3681427606-3186991904-2750454075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3681427606-3186991904-2750454075-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
FirewallRules: [TCP Query User{84F81623-6401-4A71-9262-8EF5144F3883}C:\users\jan\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.112\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{5697EBCF-F481-419E-96D2-2EF2E95F938B}C:\users\jan\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.112\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{AD2CAC87-E715-415F-B5D7-70C63F60C1B2}C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{E22AAB2E-EAE2-4218-A321-27FFF6D769F2}C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{63BF32A9-DBA7-4A6B-A0A6-DE666B503A3D}C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7825F051-AEF6-459E-B721-F736AF5FD905}C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\jan\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
Task: {4B1F8475-8DE9-469A-9B79-037C83650D49} - System32\Tasks\KryptexElevationFromStartup => C:\Users\Jan\AppData\Local\Programs\kryptex-app\Kryptex.exe
Task: {A0249C01-866E-45EC-89DA-9D2A3C0DA051} - System32\Tasks\KryptexElevation => C:\Users\Jan\AppData\Local\Programs\kryptex-app\Kryptex.exe
Hosts:
RemoveProxy:
cmd: netsh winsock reset catalog
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns