CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {4414dcdb-c01a-11e7-bede-d850e6a4d606} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {5914ab12-7126-11e6-be9e-d850e6a4d606} - "G:\setup.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {5c9ea281-e5c0-11e8-bf15-d850e6a4d606} - "H:\autorun.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {89b6268a-368e-11e9-bf59-240a6485f048} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {93ede171-2a2f-11e9-bf4e-d850e6a4d606} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {9d8f2448-3354-11e9-bf52-d850e6a4d606} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\...\MountPoints2: {ba7404ce-c2d4-11e7-bedf-d850e6a4d606} - "G:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02E8C47F-6A40-4027-99F1-D0C1CC0DD5E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A21EDB7-7DC4-4549-9D8B-2607B4A430C6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0BAC5E10-BA27-4215-B8E4-2F032208CF86} - System32\Tasks\{E323BFD7-25B0-4DE2-B972-90E5C58CA48B} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Czyzyk\Desktop\Sterowniki Windows XP_Vista_7_8_10.exe" -d C:\Users\Czyzyk\Desktop
Task: {0F54C66F-BF14-4FA3-80DA-303519B82337} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10D81D6D-E933-4F5F-BF47-2AD4A22DDC73} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {244F050D-2A5D-4AF6-8680-1BC712F33227} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {249E29EC-D118-4C99-AC95-4BAC7FC214C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {2DF7E88A-00A3-4D44-9963-80D7FF82B06F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {3054368D-9E07-4015-AC31-1956F93CBEFC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {41351C8F-74F3-4FB6-B853-9C0E594AA2E6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4906E8E8-88DA-4623-ACEF-D11D708ADD2D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6676C457-06CE-4CC9-93C6-7F8C1A35EA41} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6AB2E183-4A4C-454A-9227-0265E7E54C4A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8324DFC4-BA92-4008-B1CA-DBF7A5CA718C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85393F68-D0D4-49A7-9B59-B8BEB9229BBA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {85FA9D59-7CB7-4714-B515-C80FCD2201D2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {863BD172-C643-460F-9846-2177ED763857} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8CC81F76-7E85-4B69-BFFA-1070B117DFE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DE5339B-AC78-4115-B418-B2D7DD21DF2A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {915841D6-6888-4467-863A-A211C37E7268} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {96CC7840-C57D-4C40-A17C-C7A00FD009A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {99700CE4-0971-4872-B488-6B9BF7F24C03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B3D9FF93-17AD-4F10-83EE-CCC466DBB279} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BA1A2917-157E-41C6-ACE4-174F1CCACD12} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD0CAC45-62A6-49D2-801E-EC19EB87B29D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA0EC3C7-63EF-41CD-82CF-87EF5A2B0033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CDD1A29A-75DC-46C8-AF2D-5D1FD04DDEF3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D531CF35-85D1-4185-BE82-B1074A1705B7} - System32\Tasks\{F32A888E-28E9-41B7-9016-7E826CD1FC2D} => C:\Windows\system32\pcalua.exe -a C:\Users\Czyzyk\Desktop\jre-8u65-windows-i586.exe -d C:\Users\Czyzyk\Desktop
Task: {D95752F9-8D61-44BB-9189-B376B047F766} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E108FFF6-0B9B-4E82-B437-A79FFE229783} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E3088CB7-1197-4715-806F-E24EBCBA2149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E579BE8E-4142-49C7-B52F-78EC421F7AEB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E6B795AF-30E9-45BF-93C0-0AE88D38F802} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB8C6176-9266-4055-92B1-EAE9BD4D39A1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDB026DE-FFF8-4054-AF79-CE81242C015B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F3D34DD2-CA2A-4060-B7D7-3DC170B8BCF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F74E660B-963D-4A68-927F-10551E225618} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC148FF5-62C4-4A00-A746-B4930AA414EA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FE5849D2-B807-4B50-89A8-83CD27108778} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Tcpip\..\Interfaces\{202a376f-8140-4184-be52-b2160b42e010}: [DhcpNameServer] 89.206.32.32 193.110.228.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{557ffa05-220a-4fe0-8969-7b5249bc9987}: [DhcpNameServer] 8.8.8.8 192.168.1.1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140824
HKU\S-1-5-21-1549945030-4076964378-2421718716-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wp.pl/?src01=dp220140824
DPF: HKLM-x32 {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: HKLM-x32 {2c8ffa64-e3f7-49ae-87c2-49018fde3aea} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\OesisInspector.cab
DPF: HKLM-x32 {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\f5tunsrv.cab
DPF: HKLM-x32 {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\InstallerControl.cab
DPF: HKLM-x32 {57C76689-F052-487B-A19F-855AFDDF28EE} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\f5InspectionHost.cab
DPF: HKLM-x32 {A83FB16F-F96A-4724-A5B1-AC999860A218} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\OesisInspector.cab
DPF: HKLM-x32 {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\urxshost.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\Czyzyk\AppData\Local\Temp\f5tmp\urxhost.cab
FF NetworkProxy: Mozilla\Firefox\Profiles\xvuzcg0k.default -> type", 4
FF Session Restore: Mozilla\Firefox\Profiles\xvuzcg0k.default -> is enabled.
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\Users\Czyzyk\akt urodzenia Zuzi.jpg:3or4kl4x13tuuug3Byamue2s4b [75]
AlternateDataStreams: C:\Users\Czyzyk\akt urodzenia Zuzi.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Czyzyk\fota 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [75]
AlternateDataStreams: C:\Users\Czyzyk\fota 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Czyzyk\foto.jpeg:3or4kl4x13tuuug3Byamue2s4b [75]
AlternateDataStreams: C:\Users\Czyzyk\foto.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Czyzyk\umwa.jpeg:3or4kl4x13tuuug3Byamue2s4b [75]
AlternateDataStreams: C:\Users\Czyzyk\umwa.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [{E04F1EC6-DE78-4707-B9BC-43340A557CB2}] => (Allow) D:\Gry\GOT\NotifiClient\Updater.exe No File
FirewallRules: [{EECCF2C3-8F33-4F68-A9B2-D3D558BCEB78}] => (Allow) D:\Gry\GOT\NotifiClient\NotifiClient.exe No File
FirewallRules: [{D1251921-66C9-4E4D-887C-5D2F06C491B1}] => (Allow) D:\Gry\GOT\Agot2Client.exe No File
FirewallRules: [{B6210239-3666-47C7-B55E-65B73E8CCEED}] => (Allow) D:\Gry\GOT\Updater.exe No File
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Było Sobie Życie\Było Sobie Życie.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Było Sobie Życie\Deinstalacja programu Było Sobie Życie.lnk
C:\Users\Czyzyk\Desktop\Asystent aktualizacji do systemu Windows 10.lnk
C:\Users\Czyzyk\AppData\Roaming\Microsoft\Word\Ola%20-%20mianowanie307443142046110849\Ola%20-%20mianowanie.doc.lnk
C:\Users\Czyzyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Agot2Online\Agot2 Online.lnk
C:\Users\Czyzyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7111c0ce965b7246\Battle.net.lnk
C:\Users\Public\Desktop\StarCraft II.lnk
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
RemoveProxy: