CloseProcesses:
CreateRestorePoint:
EmptyTemp:
Tcpip\..\Interfaces\{05D64D2C-B3E9-4A6E-9DA8-52F72E8E92D3}: [NameServer] 192.168.10.10 194.204.152.34 192.168.10.11 8.8.8.8 194.204.159.1
Tcpip\..\Interfaces\{05D64D2C-B3E9-4A6E-9DA8-52F72E8E92D3}: [DhcpNameServer] 192.168.10.10 192.168.10.1 194.204.152.34 192.168.10.11
Tcpip\..\Interfaces\{27db0411-cb37-4d63-9b17-04b5a5f3351e}: [DhcpNameServer] 192.168.13.1 8.8.8.8
Tcpip\..\Interfaces\{38d7830c-7799-47bf-b6c6-b1be31a4bb08}: [DhcpNameServer] 192.168.13.1
Tcpip\..\Interfaces\{7ACDE8AA-FC7C-48D8-AB08-6440E7D35272}: [NameServer] 192.168.13.1 8.8.8.8
Tcpip\..\Interfaces\{7ACDE8AA-FC7C-48D8-AB08-6440E7D35272}: [DhcpNameServer] 192.168.13.1 8.8.8.8
FF Plugin-x32: @application/npNetVideo 5.0_LiteS2 -> C:\Program Files (x86)\NetVideo 5.0_LiteS2\npNetVideo.dll [Brak pliku]
CHR HKU\S-1-5-21-412925349-997731174-4083176946-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; Brak ImagePath
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Brak pliku
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Brak pliku
Task: {1009D64D-AC15-48C6-925E-AB958734DC4B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {114D960D-BE65-4732-8F1F-02D1755E94A9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {135A74EE-7CD4-4117-BB30-A3887D8455AC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19B31AE2-C1A9-4622-A8FA-7C2D22B5019E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F4E14D2-A933-4A94-A581-9A93D1198A4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28A76726-3929-44EA-A3A2-A6BF23CBDA33} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {427773FC-2C8C-4F28-A7B2-80528AF6CB07} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {42E67B36-CB3B-4735-9A86-16BB08C26891} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45CEB7C8-3783-4AC9-B8A6-58069B03B737} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {49002BA7-0C53-43D9-90ED-DD8A9E9B064D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {539ED8BC-D3E6-4688-BDA5-AFAB9488C1E4} - System32\Tasks\{57DC7C1C-5443-4986-8160-DC69D1FDB0FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Kasy\Desktop\NOVA TWRP\SAMSUNG_USB_Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\Kasy\Desktop\NOVA TWRP\SAMSUNG_USB_Driver"
Task: {65BE1FA8-8066-4E52-A6B1-9C719677EB44} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6A0C0B86-89AF-48A6-9440-1429BB799744} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7BB95C56-6959-4DE0-B567-1BACA7AFDDBB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
Task: {7CDF4D21-E366-4BD9-8CCE-A8CB9F46F684} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81B711CE-178C-498D-8CB2-7EE27DF44851} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {83786B22-15D0-4006-BAA0-08B89889A8DB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {8DA716A5-4EA5-47ED-9263-DE8E4F695300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {91AC6D89-F923-4BE9-A02E-0464ECE423DE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {9D2DEA79-07D2-41C4-84C1-5B22E3228D42} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA1C373F-74D2-4541-9C91-99A3978DFED5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {AC880E86-CCCD-4ED2-B6D4-745D0CD0AB26} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0936C40-8B43-49E3-8F50-05FF560246F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0E57B58-79C1-4F19-A11B-4972DEA6CD1F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BA90F5C7-1950-4B25-AC4E-475CB3FF902B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3B2D6DD-169D-45D9-AE3F-9755D983A6E6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {CF494D74-46E8-4096-B672-C0A8B64044F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {D24D373B-909C-4D70-BB66-1E9EDE63B390} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7A0F9A5-928C-4D98-88DF-8A544ED23913} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EA623AE1-ABD7-4540-B4B0-612D6D252C32} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC93B15B-EAA9-4780-A1B4-5364155075CE} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA
Task: {FBBC3FED-145F-424F-BAD0-9FFE7FFC33BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {FEEE6682-45A4-4706-B3B8-AFE4AB1053DB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
C:\Users\Kasy\Desktop\SERWIS KAS\SB4_DEMO\FIRMA.lnk
C:\Users\Kasy\Desktop\SERWIS KAS\Bazy Fujitsu\bazy\SB4_DEMO\FIRMA.lnk
AlternateDataStreams: C:\WINDOWS\RtCamU64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtsCM64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\unins000.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BcmBtRSupport.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\btwdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BtwRSupportService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNAS0MOK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCC8300.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCE8300.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNCI8300.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCL8300.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCLSC36b.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNCLSD36b.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCLSI36b.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCLSO36b.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCLST36b.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNCLSU36b.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLs Windows_System32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vcredist_x86_SP1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bcbtums.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btwampfl.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [122]
AlternateDataStreams: C:\Users\Kasy\Downloads\airlive_3klimaty.dat:$CmdTcID [64]
AlternateDataStreams: C:\Users\Kasy\Downloads\airlive_3klimaty.dat:$CmdZnID [26]
AlternateDataStreams: C:\Users\Kasy\AppData\Roaming\Ionic.Zip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Kasy\AppData\Roaming\update.exe:$CmdTcID [64]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Brak pliku)
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CE21C9EF5E6DECC6C7F165918D6A4662 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
FirewallRules: [{0AC8CF9F-5995-41EC-827D-43A935395186}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe
FirewallRules: [{85623A40-50FA-424E-A977-EA6DF11D29AC}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe
FirewallRules: [UDP Query User{088002DC-995B-4C49-972E-6A45A29489DA}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{9EBC54A6-C246-4C43-9422-D854CCE76147}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{54D35C52-B8A5-4B04-B44E-D78CCA15041F}] => (Allow) LPort=1434
FirewallRules: [{FF3AB5F6-17B2-4DA9-93F0-EB00DE36083D}] => (Allow) LPort=1434
FirewallRules: [{8B88659B-F55C-465A-8122-A624456E4A8B}] => (Allow) LPort=1000
FirewallRules: [{773B6964-0039-4CBD-B17D-D57E2A6948FF}] => (Allow) LPort=3001
FirewallRules: [{42A14180-0D50-461F-A812-ED5AEEE0C237}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_144\bin\java.exe
FirewallRules: [{5A6EE94D-456C-41DC-AC45-B6D14AEC8C41}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_144\bin\java.exe
FirewallRules: [TCP Query User{6FC389DF-09EA-4FEA-8199-50EB5F884D1D}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{1650536C-B6B6-478E-ADE1-EE550AA98E06}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{B6590362-B598-4C55-804B-59EB401A256A}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{315D9CF7-D3CD-4C71-BA92-8D542BB43B55}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{843FEFEC-899B-40DD-8A6A-43CF79E0861B}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [UDP Query User{A420294D-B73D-475B-8921-37D37DEC776B}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [TCP Query User{EBF2330B-DB71-4F45-86E6-7AC31B5CF216}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{F2EAE340-94C6-4445-96C7-59DE2DA508B8}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [{8DF29524-590D-4064-B504-0755811C52D4}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_151\bin\java.exe
FirewallRules: [{D89DADA5-B477-4298-8E37-A280A5A9080F}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_151\bin\java.exe
FirewallRules: [TCP Query User{566ECC53-74FE-44D9-AB8E-1ED1CC5621B3}C:\program files (x86)\searchupgradetool\searchupgradetool.exe] => (Allow) C:\program files (x86)\searchupgradetool\searchupgradetool.exe
FirewallRules: [UDP Query User{32C9CBBA-6A0D-4CDB-B37D-994F686D1576}C:\program files (x86)\searchupgradetool\searchupgradetool.exe] => (Allow) C:\program files (x86)\searchupgradetool\searchupgradetool.exe
FirewallRules: [{1CDEA071-F6F1-4C73-A815-CE4C7D3956A3}] => (Allow) LPort=3000
CMD: ipconfig /flushdns
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}