CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [VIAxHCUtl] => "C:\Program Files (x86)\VIA XHCI UASP Utility\usb3Monitor.exe"**†RŤ*`ŠŹ*`ŠŹ*\€Ź*č‘Ź***Ť**ww*****C:\P
HKLM-x32\...\Run: [VIAxHCUtl] => "C:\Program Files (x86)\VIA XHCI UASP Utility\usb3Monitor.exe
HKU\S-1-5-21-1661647137-3095674718-2707407462-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1661647137-3095674718-2707407462-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Brak pliku]
CustomCLSID: HKU\S-1-5-21-1661647137-3095674718-2707407462-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1661647137-3095674718-2707407462-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1661647137-3095674718-2707407462-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\amd64\FileSyncShell64.dll => Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
Task: {256BDF24-909E-4D99-A54A-577A29D13D25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {A4F65A56-6753-404D-AF69-7461FBC1C096} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: {C6748A94-2811-46F7-B6ED-E8A95534E6DD} - System32\Tasks\Driver Booster SkipUAC (Admin) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
FirewallRules: [{0D0DAFC6-A72E-416A-8E08-D3DC27AE91D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{85FA9386-9EB2-49CD-A982-131A8E534E6F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Google Ad Blocker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin® 3 - Dziki Gon [GOG.com]\Usuń Wiedźmin® 3 - Dziki Gon.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Ad Blocker\Google Ad Blocker.lnk
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
Hosts: