CloseProcesses:
CreateRestorePoint:
EmptyTemp:
VirusTotal: C:\Program Files (x86)\Youtube AdBlock\Whld7R6.exe
HKU\S-1-5-21-1787830424-1850175949-1835806928-1000\...\MountPoints2: G - "G:\setup.exe" 
ShortcutTarget: See Through Windows.lnk -> C:\Windows\Installer\{02229003-D5FD-4C1E-AEDC-F55A62EE4CCA}\_FE633C1C57D1451DC325A1.exe ()
Tcpip\..\Interfaces\{94cd098a-59b5-436c-84cb-c43e62151dcc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ab40b0a0-20c2-4cbb-8b65-5c8bf0b0cf0e}: [NameServer] 109.69.8.51
Tcpip\..\Interfaces\{ab40b0a0-20c2-4cbb-8b65-5c8bf0b0cf0e}: [DhcpNameServer] 217.172.224.160 89.231.1.206
SearchScopes: HKU\S-1-5-21-1787830424-1850175949-1835806928-1000 -> {F9D95C61-CAD7-46BF-9248-7F00A07B8F8F} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9.0.1\bin\ssv.dll => Brak pliku
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Brak pliku]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Brak pliku]
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M96DB42F2-DF51-4A23-96C2-88396525A8CA&SearchSource=55&CUI=&UM=8&UP=SPCB104B88-BE8C-4F75-9B87-294BA858A68F&D=012416&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M96DB42F2-DF51-4A23-96C2-88396525A8CA&SearchSource=55&CUI=&UM=8&UP=SPCB104B88-BE8C-4F75-9B87-294BA858A68F&D=012416&SSPV=","hxxp://www.omniboxes.com/?type=hp&ts=1456771130&z=ec55685bbf14dd958c5cfffgezdw9qfm7m9g4g2c0e&from=amt&uid=wdcxwd10ezex-00rkka0_wd-wmc1s029552395523"
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [epanfjkfahimkgomnigadpkobaefekcd] - hxxps://clients2.google.com/service/update2/crx
AVG 2016 (HKLM\...\{C3506E0A-35BE-4AAF-BA41-62E9D9FD3B92}) (Version: 16.0.4522 - AVG Technologies) Hidden
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> Brak pliku
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Brak pliku
Task: {05D1A400-3A5F-4FC5-A3E0-2CAB4C83AC73} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {08483073-7CD6-4163-B28C-8B40654BE4D2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1288EC7B-C1A9-4E9E-9350-2033A7F8A32D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {198D5A72-8525-4532-B3FA-152E43F44072} - System32\Tasks\Update Service for Youtube AdBlock => C:\Program Files (x86)\Youtube AdBlock\Whld7R6.exe <==== UWAGA
Task: {22462A17-63FB-449C-929E-4141443DBAD6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24194A38-1DC7-4DF6-9DA7-C0ADC0E5014B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2480E715-26CE-417E-91DD-95E6C0A9E7EF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {288307E8-6DD2-4C9E-9424-6FA5129B4909} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {298D88E0-5089-4E62-BE2B-F2EDE62AF5D3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {46E81382-FA3B-409B-AF3B-9A33475E517C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {569B1095-4C57-47A6-8221-ACB8B38AA18C} - System32\Tasks\{2204C03E-132B-43DC-88E7-A594BBE446D6} => C:\Windows\system32\pcalua.exe -a "E:\Program Files (x86)\Europa Universalis IV\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "E:\Program Files (x86)\Europa Universalis IV\_CommonRedist\vcredist\2010"
Task: {5988FC9A-DAF7-404F-A3BF-F676647550A6} - System32\Tasks\{C8C97A3C-12A8-4E45-8350-CE58A8654F49} => C:\Windows\system32\pcalua.exe -a C:\Users\Kuba\Desktop\drivery\AutoRun_Install.exe -d C:\Users\Kuba\Desktop\drivery
Task: {5DBE820A-5126-462E-9A2D-636940EF75DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {626C9E06-C881-43B1-A5C6-276D34FAFA5A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {68455DCC-621D-4F84-BCF5-B0A662B275A8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72F23A20-41C1-4098-A3F8-55A58341C6D9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7490D487-1E9D-4EF9-8C9A-423041CC43EA} - System32\Tasks\{AB7DDF77-B0F6-4C6C-A1CB-A6AFD51FB263} => C:\Windows\system32\pcalua.exe -a "E:\Program Files (x86)\Enlight\Restaurant Empire\VSetting.exe" -d "E:\Program Files (x86)\Enlight\Restaurant Empire"
Task: {7EB955C1-A218-4306-BDDE-77756D3C9650} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {817D36EC-4818-4082-8505-3306EA041F4C} - System32\Tasks\{A760981E-72C7-4180-916D-BA4D5AC09CD0} => C:\Windows\system32\pcalua.exe -a C:\Users\Kuba\Downloads\Win7-USB3.0-Creator-V3\Installer_Creator.exe -d C:\Users\Kuba\Downloads\Win7-USB3.0-Creator-V3
Task: {8267E6C9-D2C1-463C-9EAC-323E68A25D72} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {868EA947-E26A-4109-A0F2-988651F1E5B8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {913B6273-A044-474E-AAC4-F98653D70693} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9FA2BA31-E874-4F70-8B79-F4CA67125D0B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A461E8BD-3D19-4166-94B5-7D9E39D2A211} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE1D3BC4-42E5-4249-87EE-A640AF7C774C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5741661-C73E-4831-BEA2-9A47C337115E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C47EDAB7-A967-4F8E-8162-41243D837F1B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D22D7090-2C70-4E74-AF54-1DC2447C5F67} - System32\Tasks\Update Service for Youtube AdBlock2 => C:\Program Files (x86)\Youtube AdBlock\Whld7R6.exe <==== UWAGA
Task: {E2ACF6BC-7A42-4F26-A825-7D8A17EA8BF0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA
Task: {FC3020CC-0BB3-4E00-ACEF-670DD8ADF3EE} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: C:\WINDOWS\Tasks\Update Service for Youtube AdBlock.job => C:\Program Files (x86)\Youtube AdBlock\Whld7R6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\Update Service for Youtube AdBlock2.job => C:\Program Files (x86)\Youtube AdBlock\Whld7R6.exe <==== UWAGA
AlternateDataStreams: C:\WimMount:$WIMMOUNTDATA [610]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pqgdvfmc.sys:changelist [3490]
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Wealth of Nations\Europa Universalis IV Wealth of Nations.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Wealth of Nations\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV\Europa Universalis IV.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV\Uninstall Europa Universalis IV.lnk
C:\Users\Kuba\Desktop\Programy\CCleaner.lnk
C:\Users\Kuba\Desktop\Programy\Malwarebytes Anti-Malware.lnk
C:\Users\Kuba\Desktop\Programy\Origin.lnk
C:\Users\Kuba\Desktop\Programy\Raptr.lnk
C:\Users\Kuba\Desktop\GRY\Cities in Motion 2 Collection.lnk
C:\Users\Kuba\Desktop\GRY\Europa Universalis IV Res Publica.lnk
C:\Users\Kuba\Desktop\GRY\Europa Universalis IV Wealth of Nations.lnk
C:\Users\Kuba\Desktop\GRY\Europa Universalis IV.lnk
C:\Users\Kuba\Desktop\GRY\footbal tactics.lnk
C:\Users\Kuba\Desktop\GRY\Hacknet.lnk
C:\Users\Kuba\Desktop\GRY\Ibb and Obb.lnk
C:\Users\Kuba\Desktop\GRY\Ironcast.lnk
C:\Users\Kuba\Desktop\GRY\NameChanger.lnk
C:\Users\Kuba\Desktop\GRY\Pokémon Trading Card Game Online.lnk
C:\Users\Kuba\Desktop\GRY\RimWorld.lnk
C:\Users\Kuba\Desktop\GRY\Symulator Jazdy 2.lnk
C:\Users\Kuba\Desktop\GRY\The Sims 4.lnk
C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online\Pokémon Trading Card Game Online.lnk
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset