CloseProcesses:
CreateRestorePoint:
EmptyTemp:
CustomCLSID: HKU\S-1-5-21-1592127240-3151276365-4077433474-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\KOciamber\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1592127240-3151276365-4077433474-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\KOciamber\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncApi64.dll => Brak pliku
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll -> Brak pliku
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
Task: {4BCB1C78-085C-456E-86DE-744D27F5BF47} - System32\Tasks\{16ABBAA3-C6F5-4C61-91E1-F5B3F49F2EF0} => C:\Windows\system32\pcalua.exe -a C:\win32_154028.4501.exe -d C:\
Task: {BFD0C1C2-6662-4518-98F0-141203AC9DD9} - System32\Tasks\{8E175D8A-6316-42AD-9BCB-2546F41B4814} => C:\Windows\system32\pcalua.exe -a C:\Users\KOciamber\Desktop\Okami\setup.exe -d C:\Users\KOciamber\Desktop\Okami
MSCONFIG\startupreg: Osvics => C:\Windows\SysWOW64\regsvr32.exe C:\Users\KOciamber\AppData\Local\Ummedia\ltqnatkt.dll
MSCONFIG\startupreg: Ummedia => C:\Users\KOciamber\AppData\Local\Ummedia\qatuvdz.exe
FirewallRules: [TCP Query User{FF8AD932-0217-43C1-92D8-D1A48E969346}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{0D78A1B8-8685-4C6C-85B4-A3FD0C8CF95B}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{93AD2692-03A7-436E-85B3-A41A8515A731}] => (Allow) C:\Users\KOciamber\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{B71A6462-1B18-4AF4-866B-5DC9585D25D7}] => (Allow) C:\Users\KOciamber\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [TCP Query User{3B319A3C-32BC-43A3-913F-66D0CB53FF00}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{D4D11066-C002-4103-A942-70B9C8C841C1}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{5A1D7D4C-DA6B-4762-8CD0-38A8825A2FF9}C:\program files (x86)\java\jre1.8.0_121\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\java.exe
FirewallRules: [UDP Query User{74D15146-98DB-443B-8EBE-40662D184704}C:\program files (x86)\java\jre1.8.0_121\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\java.exe
C:\Users\Administrator\Desktop\EVEREST Home Edition.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TalonRO\Ragnarok Options.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TalonRO\TalonRO.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TalonRO\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3Doctor PRO\Mp3DoctorPRO.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Oprogramowanie Logitech Unifying.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys\EVEREST Home Edition\EVEREST Home Edition Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys\EVEREST Home Edition\EVEREST Home Edition on the Web.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys\EVEREST Home Edition\EVEREST Home Edition.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys\EVEREST Home Edition\Uninstall EVEREST Home Edition.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy\HandyAndy.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy\Start Andy.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk
C:\Users\KOciamber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
C:\Users\KOciamber\AppData\Local\Microsoft\Windows\GameExplorer\{DE0A237C-7DA2-4BE2-AEA8-159C7BBF4346}\PlayTasks\0\Zagraj.lnk
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
FF Homepage: Mozilla\Firefox\Profiles\i14zrz5v.default -> hxxp://9gag.com/
FF NetworkProxy: Mozilla\Firefox\Profiles\i14zrz5v.default -> http", "138.68.128.126 "
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [X]
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [X]
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]
S2 WinService; C:\Users\KOciamber\AppData\Local\XService\XService.dll [X]
S2 wuauserv; C:\Windows\System32\wuauserv.dll [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
Folder: C:\Users\KOciamber\AppData\Local\Ummedia
CMD: ipconfig /flushdns
RemoveProxy: