CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\MountPoints2: {26336710-a54c-11e4-bebf-c8f733181b8a} - "E:\autorun.exe" 
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\MountPoints2: {26336728-a54c-11e4-bebf-c8f733181b8a} - "E:\autorun.exe" 
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\MountPoints2: {74d21859-3818-11e5-bed0-c8f733181b8a} - "E:\autorun.exe" 
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\MountPoints2: {779c2904-d026-11e4-bec0-c8f733181b8a} - "E:\Startme.exe" 
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\MountPoints2: {7ba8a39c-bdde-11e4-bebf-c8f733181b8a} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-4109652526-3747850710-83083684-1002 -> {F663D89E-C743-42FC-B8D2-C301C321BB54} URL = 
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => Brak pliku
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => Brak pliku
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://meetingsln.webex.com/client/WBXclient-T29L10NSP9EP2-10068/webex/ieatgpc1.cab
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-31] <==== UWAGA
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-06-06] (Digital Wave Ltd.)
U1 aswbdisk; Brak ImagePath
S3 SBIOSIO; \??\C:\Users\Blondi\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] <==== UWAGA
Ask Toolbar (HKLM-x32\...\{42435041-332D-5637-00A7-A758B70C2D01}) (Version: 12.45.1.1247 - APN, LLC) <==== UWAGA
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4109652526-3747850710-83083684-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ContextMenuHandlers1_S-1-5-21-4109652526-3747850710-83083684-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-4109652526-3747850710-83083684-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-4109652526-3747850710-83083684-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Blondi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
Task: {0CD929BA-3692-4440-AA9D-A5CD399B302C} - System32\Tasks\{50CF6BEB-9E00-4B78-A93E-B164C598AEAD} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {38AA0700-13BE-434D-8E83-0E076C024A4F} - System32\Tasks\e-pity2015a_kwiecien => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe
Task: {3BAA0CC6-2DCD-4F6D-9203-04C55D3451F9} - System32\Tasks\Product Updater => C:\Program Files (x86)\Power Sound Editor Free\FFProductUpdater.exe [2017-06-01] ()
Task: {4F8345F5-2BFB-465A-89E8-BF9A2B89A094} - System32\Tasks\{3177E07C-1E0A-459E-AEEB-C3F2271E5830} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/pl/go/help.faq.installer?LastError=1618
Task: {57187BFA-8B39-41A3-8E17-39CCECA4AB5A} - System32\Tasks\e-pity2015a_styczen => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe
Task: {5A1D586D-38FE-4FD6-ABB2-93A1006B66D6} - System32\Tasks\{76D3ED6D-AFDA-4435-AB22-B539C7C78ACD} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1618
Task: {5F95CEF3-7975-48FB-A252-5B31CFE4FB1C} - System32\Tasks\{F96C5AE7-FE8C-4146-9E8E-F2AF2DED5722} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1618
Task: {66DA02AF-CB93-4B17-A7B4-FD724091FCAE} - System32\Tasks\{5EB2F215-5F77-4448-82A5-2C42DCBD022E} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1618
Task: {7EFAE1F8-CBC6-46A2-9737-DE70D3512B52} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A66D3CBB-BB23-4AE6-9E8D-AA6BF3AC3528} - System32\Tasks\e-pity2016a_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe
Task: {B48DFD9F-830E-49A1-91B7-FD1F0516F08F} - System32\Tasks\{535BBA1E-3BAE-419B-A383-C9ED616CD8F8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1618
Task: {C58420C1-3EC5-4B1D-BBB5-2BF158251742} - System32\Tasks\{BF8EDE28-01B1-414A-82ED-261428C6748F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/pl/go/help.faq.installer?LastError=1618
Task: {C97E262B-DBD9-4465-81B2-729B7D23744B} - System32\Tasks\{AABEE710-BCF1-4461-8456-7E9B8F545CE1} => C:\windows\system32\pcalua.exe -a C:\Users\Blondi\Desktop\MONIKA\Francuski\supermemo\Uruchom.exe -d C:\Users\Blondi\Desktop\MONIKA\Francuski\supermemo
Task: {CDA274BB-B90D-4BD8-822A-22C6FB8CF0D4} - System32\Tasks\e-pity2016a_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe
Task: {D201FEA2-A62F-436F-A485-C73B121DAB43} - System32\Tasks\{7D717D40-E9C2-4501-BE8B-30DEFC64C516} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.3.0.101/pl/go/help.faq.installer?LastError=1618
Task: {DCD78444-84C4-4A9D-B634-A0666DC32417} - System32\Tasks\{187722AB-3D47-424E-AE71-8B83A54C0EA9} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.12.0.101/pl/go/help.faq.installer?LastError=1618
Task: {F779025F-D74F-4FC0-A601-D0B27D680DFD} - System32\Tasks\{93B4C392-248A-4F94-B26B-FDCEFAFDF1E2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/pl/go/help.faq.installer?LastError=1618
C:\Users\Blondi\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Moje witryny sieci Web w sieci MSN\target.lnk
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Absolute Notifier"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "WidgetPodatnikInfo"
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\StartupApproved\StartupFolder: => "Wysyłanie do programu OneNote.lnk"
HKU\S-1-5-21-4109652526-3747850710-83083684-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
FirewallRules: [{12BD6C15-6F5C-4965-8992-D37C419A131B}] => (Allow) C:\Users\Blondi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{104D5EBF-5280-48D7-9FEB-E733FA11A49B}] => (Allow) C:\Users\Blondi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0260C6F6-55A5-4F2E-A04E-872281B70B40}C:\users\blondi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\blondi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{12F302FA-5395-4428-AF1F-319F6A16E9C4}C:\users\blondi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\blondi\appdata\roaming\dropbox\bin\dropbox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIT pro 2015\PIT pro 2017.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\AVG.lnk
C:\Users\Blondi\Links\Alexia.lnk
C:\Users\Blondi\Links\Ana Carolina E Seu Jorge - Ao Vivo.lnk
C:\Users\Blondi\Links\Bad żywej kropli krwi.lnk
C:\Users\Blondi\Links\baixaria.lnk
C:\Users\Blondi\Links\capo.lnk
C:\Users\Blondi\Links\Detoks Szyszynki.lnk
C:\Users\Blondi\Links\Dieta.lnk
C:\Users\Blondi\Links\do certyfikatu.lnk
C:\Users\Blondi\Links\EMMA.lnk
C:\Users\Blondi\Links\Filmy.lnk
C:\Users\Blondi\Links\Jod i Nafta.lnk
C:\Users\Blondi\Links\Joga Kundalini.lnk
C:\Users\Blondi\Links\Kuchnia.lnk
C:\Users\Blondi\Links\Magda Mazur.lnk
C:\Users\Blondi\Links\Masaż chiński.lnk
C:\Users\Blondi\Links\Music.lnk
C:\Users\Blondi\Links\Newsletter Zdrowia.lnk
C:\Users\Blondi\Links\Oregano.lnk
C:\Users\Blondi\Links\Ramtha.lnk
C:\Users\Blondi\Links\viche mainha2007.lnk
C:\Users\Blondi\Desktop\MONIKA\Job\4. Grupa Żywiec materiały\2014\MO\Kundalini\Muzyka\04 - Nirinjan Kaur - Power of Prayer (So Purkh).mp3.lnk
C:\Users\Blondi\Desktop\MONIKA\1. Kundalini\1 Mantry\00. Mantry joga\1. Kundalini\1 Monika\Mantra.lnk
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\24 marca 2005.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\25 marca 2005.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\Jedzonko.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\NWARZ28K.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\Wyprzedaz MP.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\YR5S1SQS.LNK
C:\Users\Blondi\AppData\Roaming\Microsoft\Office\Niedawny\Zestaw relaksujący i uwalniający lęk.LNK
C:\Users\Blondi\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk
C:\Users\Blondi\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk
C:\Users\Blondi\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk
C:\Users\Blondi\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk
C:\Users\Blondi\AppData\Local\Microsoft\Windows\Application Shortcuts\33215634.MatchAShape_93pm5em6fk0sr\App.lnk
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}