CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {1206737e-3f72-11e6-a2f8-002643acc7cc} - G:\autorun.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {55da482c-a499-11e5-aad6-002643acc7cc} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {6d0f3e5a-742a-11e5-bbca-002643acc7cc} - H:\Setup.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {b3d554b1-5fc5-11e6-9457-002643acc7cc} - H:\AutoRun.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {b3d554bc-5fc5-11e6-9457-002643acc7cc} - H:\AutoRun.exe
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\...\MountPoints2: {e14b1c20-7436-11e5-86ed-002643acc7cc} - H:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
HKU\S-1-5-21-2471110288-1250487732-3180809834-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {0522EB6D-2C4D-477C-ACD9-AB4C0B0B1B31} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {88E327F0-B3DC-4A6F-B20E-F11688D1186B} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {D957EC37-E97B-4039-9968-E14BB91535CC} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-2471110288-1250487732-3180809834-1001 -> {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO-x32: Brak nazwy -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Brak pliku
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mylucky123.com/?type=sc&ts=1474257476&z=02eadf23d2576ae38d8fc36g7zbm2z7o2w4m5z4m4z&from=wpm0616&uid=ST9500325AS_5VE559PVXXXX5VE559PV
FF ProfilePath: C:\Users\Asia\AppData\Roaming\Firefox\Firefox\Profiles\mqqplb9b.default [2016-09-19] <==== UWAGA
FF Homepage: Firefox\Firefox\Profiles\mqqplb9b.default -> hxxp://www.searchinme.com/?type=hp&ts=1474257789344&z=4d5d71134cfae1f4e748479g6z9m3z1o5bcm9b8tet&from=official&uid=ST9500325AS_5VE559PVXXXX5VE559PV
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Firefox\Firefox\Profiles\mqqplb9b.default\searchplugins\findit.xml [2016-02-09]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Firefox\Firefox\Profiles\mqqplb9b.default\searchplugins\mylucky123.xml [2016-09-19]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Firefox\Firefox\Profiles\mqqplb9b.default\searchplugins\searchinme.xml [2016-09-19]
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
Task: {45190887-6FE0-4D3A-A97D-C059A0FBDEE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {491139EA-380F-457F-BE31-0817CD7C4907} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {6FC9E738-43AB-43F2-BCA6-126D23CCAA46} - System32\Tasks\Driver Booster SkipUAC (Asia) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-10-15] (IObit)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners\VAIO Premium Partners.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk
C:\Users\Asia\Desktop\MinerGate.lnk
C:\Users\Asia\Desktop\Zdjęcia pulpit\Laptop\Desktop\World of Tanks.lnk
C:\Users\Asia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk
CMD: ipconfig /flushdns
RemoveProxy: