CloseProcesses:
CreateRestorePoint:
EmptyTemp:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk
IE trusted site: HKU\S-1-5-21-3743658432-1735654688-3238796439-1001\...\sharepoint.com -> hxxps://halln7zz-files.sharepoint.com
FirewallRules: [{BBD3D357-37C9-4DA2-97D7-E99095687E3A}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk
C:\Users\Default\Favorites\Links\Amazon.com – Online Shopping.url
C:\Users\Default\Favorites\HP\Amazon.com – Online Shopping.url
C:\Users\Dom\Favorites\Links\Amazon.com – Online Shopping.url
C:\Users\Dom\Favorites\HP\Amazon.com – Online Shopping.url
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3743658432-1735654688-3238796439-1001\...\MountPoints2: {4f6c2398-dd0d-11e7-b91e-98e7f4672acb} - "F:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {328AE6E3-C24B-41C7-8675-36B098A28E7F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4E9AB337-9F36-476C-8D7C-37D506DF6854} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-05-05] (Kaspersky Lab -> AO Kaspersky Lab)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Tcpip\..\Interfaces\{84e6c8c7-86dc-4928-a424-0530d820c1c7}: [DhcpNameServer] 192.168.1.1 192.168.1.1
SearchScopes: HKLM-x32 -> {073014C2-C73E-41BC-8181-3D81F4A386D6} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\ephnnsmq.default\Extensions\sp@avast.com.xpi [2019-02-08]
FF Extension: (Avast Online Security) - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\ephnnsmq.default\Extensions\wrc@avast.com.xpi [2019-04-27] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]