CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
URLSearchHook: [S-1-5-21-753499855-3652640966-3772351912-1000] UWAGA => Brak domyślnego URLSearchHook
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
Task: {09292E1D-CC9F-42AB-8CBA-14A4ADB1FBC2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {166C21E4-6864-40C5-9252-F912580654D7} - System32\Tasks\{3521BB37-978A-4B57-B5DA-FE7C2DB91D39} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {210511E3-D82D-404C-A0FC-338BEA4957D9} - System32\Tasks\{BC283061-B081-47B1-B8DE-8EF7B67081D5} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {2F1C3F46-308C-4929-900C-97CD65711BD6} - System32\Tasks\{44968B84-73F1-4E83-8333-B3DCA69EFDD5} => E:\autorun.exe
Task: {3ACC8368-B2B2-44B0-AD88-7184E7BD5799} - System32\Tasks\{39CA8976-5623-46CD-BF3C-667A9D43BC16} => C:\Windows\system32\pcalua.exe -a E:\autorun.exe -d E:\
Task: {441C7A5D-3635-4E95-A50B-5EE7B061AFAE} - System32\Tasks\{E076E85A-513B-48D5-959E-7667F1EE5010} => E:\autorun.exe
Task: {456B533D-6CD2-4091-BE9D-461426158A35} - System32\Tasks\{207AA6CF-2AAD-43A3-99D0-E60B657C7881} => E:\autorun.exe
Task: {565C12D7-9CBF-4EF6-BB69-41DB16C4D9D0} - System32\Tasks\{7C2C1C77-FD28-4168-95C1-D1E9190E1C8E} => C:\Windows\system32\pcalua.exe -a F:\WPN111_SW_v3.0_setup.exe -d F:\
Task: {592C9990-DBD1-4148-BC19-8BC464F13988} - System32\Tasks\{49FF0A4D-DC27-42B6-A641-32CC3AE9CF72} => C:\Windows\system32\pcalua.exe -a C:\Users\i5\Downloads\cwk230.exe -d "C:\Program Files\Mozilla Firefox"
Task: {61075391-EC12-4930-BEE2-3ECA1A4BB389} - System32\Tasks\{914DD193-9367-430A-AA01-0C48CE16CD0B} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {811AC30C-A3E9-43AD-BF85-432B1B0392D2} - System32\Tasks\{CB7CB08F-2515-4408-B2A1-700A67CA59A7} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {86FE88EA-7A40-4253-A847-14EEAABD8C67} - System32\Tasks\{4CC1A1BF-277C-427B-B14E-404A6E38551A} => E:\autorun.exe
Task: {8F9EB7C6-790E-4E70-948D-31199B40A3B7} - System32\Tasks\{53A3A08F-9139-463E-AAD7-0122F8F08B56} => C:\Program Files\BearShare Applications\BearShare\UninstallUsers.exe
Task: {96AB1C71-2378-42BE-8E5D-65C555442795} - System32\Tasks\{7039ADA3-9B65-4971-853F-391E82955E08} => E:\autorun.exe
Task: {9962D949-0177-4D30-92E5-E1E98DC47DFF} - System32\Tasks\{CE9ADFA2-3D0B-4C29-B287-FF23EF9B643E} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {A086026D-BE8E-4EF7-9C6D-BA7CEE271614} - System32\Tasks\{C792DCCC-5B47-41ED-B4C7-35812553B257} => E:\autorun.exe
Task: {A8753DF8-3BBC-4E2E-9CA9-11A85D578057} - System32\Tasks\{CA5A91F2-6998-4FFF-BFC1-0C3C1A2DBA11} => C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B27F6A86-4854-4FB4-81F3-B60DB1F23658} - System32\Tasks\{3FD65C79-29BF-490A-BE97-34AEE98A62DA} => E:\autorun.exe
Task: {B5AE6408-68EF-4113-8DC5-85E44EE8D186} - System32\Tasks\{F0461ABE-039B-4EFE-85D3-2630A03462B4} => E:\autorun.exe
Task: {B7231084-D14F-4D14-B769-34B606DF9F74} - System32\Tasks\{05611711-1956-484F-BE03-BE8F7D9E8EE8} => E:\autorun.exe
Task: {BE4BA677-293B-4E73-B4C5-10DCE5DFC885} - System32\Tasks\{DE2F3943-8861-42DB-9190-6EE144C38E7A} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {C1C91D29-40AB-4E26-B49D-B60C8C1522C8} - System32\Tasks\{5B01E96F-1996-4E46-A148-C7BAAC8634F1} => E:\autorun.exe
Task: {E701A81A-A9EF-4211-B745-68EF04F784E3} - System32\Tasks\{42C83ABD-B228-4EC1-B988-3D5AA232A25C} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {E805C4D7-5DD0-46C3-86AF-988060B7F782} - System32\Tasks\{095491EA-5BFF-4B84-A809-C9932C72AE00} => C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe
Task: {EBB142E7-BFED-4796-91EB-0C2F84A20DBC} - System32\Tasks\{2E4999CD-A2AF-47D5-937C-8CF4B914FB09} => E:\autorun.exe
Task: {F5384724-6390-4123-9BC9-1ED6E98C41B2} - System32\Tasks\{DFA50DF1-02DB-4831-8661-D6DE615F0EBB} => E:\autorun.exe
Task: {F722CDC1-D512-460D-AEC1-9BF195E86921} - System32\Tasks\{6D7DB3D6-36CF-46E7-80A0-D1EDB5160EB9} => C:\Program Files\BearShare Applications\BearShare\UninstallUsers.exe
AlternateDataStreams: C:\ProgramData\Temp:63238B95 [129]
FirewallRules: [{5CA871B6-BD35-4CE9-B667-27757CA31B6D}] => (Allow) E:\setup\hpznui01.exe
FirewallRules: [TCP Query User{3A3F3A1C-8618-4CF4-AC19-82F9A0DE93D0}C:\program files\java\jre1.8.0_172\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_172\bin\javaw.exe
FirewallRules: [UDP Query User{40264540-4E5C-4B96-8600-1A478BFAAE3E}C:\program files\java\jre1.8.0_172\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_172\bin\javaw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expekt Poker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Half-Life Movie Information.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Half-Life Movie.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Lords of Magic Movie.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes III\The Restoration of Erathia\Edytor Map.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Instrukcja.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Pomoc techniczna Blizzard.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Zarządzanie kontem Battle.net.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\AVG.lnk
C:\Users\i5\Desktop\Inne Pliki\Adobe Reader XI.lnk
C:\Users\i5\Desktop\Inne Pliki\ALLPlayer V4.5.lnk
C:\Users\i5\Desktop\Inne Pliki\ALLPlayer V5.0.lnk
C:\Users\i5\Desktop\Inne Pliki\AVG 2014.lnk
C:\Users\i5\Desktop\Inne Pliki\Biznes Filmowy 2 (v0.8.7 Beta).lnk
C:\Users\i5\Desktop\Inne Pliki\Camstudio 2.1 Setup.lnk
C:\Users\i5\Desktop\Inne Pliki\CWK.lnk
C:\Users\i5\Desktop\Inne Pliki\CyberLink PowerDVD 9.lnk
C:\Users\i5\Desktop\Inne Pliki\e-Deklaracje.lnk
C:\Users\i5\Desktop\Inne Pliki\Gadu-Gadu.lnk
C:\Users\i5\Desktop\Inne Pliki\Malwarebytes Anti-Malware.lnk
C:\Users\i5\Desktop\Inne Pliki\Nokia PC Suite.lnk
C:\Users\i5\Desktop\Inne Pliki\QuickTime Player.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Adobe Reader X.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Adobe Reader XI.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Ashampoo Undeleter.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\AVG 2014.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Avira AntiVir Control Center.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Battlefield 3.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\CWK.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\CyberLink PowerDVD 9.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Dr. Tax Light - PIT 2010.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\e-Deklaracje.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\JDownloader.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Malwarebytes Anti-Malware.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\McAfee Security Scan Plus.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Nokia PC Suite.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Ontrack EasyRecovery Professional Trial.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Origin.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Przyspiesz Komputer.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\QuickTime Player.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\R i386 3.0.1.lnk
C:\Users\i5\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\%Common Desktop%\Recuva.lnk
C:\Users\i5\AppData\Roaming\Microsoft\Windows\Start Menu\FoxTab Media Player\FoxTab Media Player.lnk
C:\Users\i5\AppData\Roaming\Microsoft\Windows\Start Menu\FoxTab Media Player\Uninstall FoxTab Media Player.lnk
C:\Users\i5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer V4.5.lnk
C:\Users\i5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer V5.0.lnk
C:\Users\i5\AppData\Local\Microsoft\Windows\GameExplorer\{3302B802-DF32-478D-98DD-1C14E159A9D9}\PlayTasks\0\Zagraj.lnk
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}