CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\MountPoints2: {45380e93-e970-11e7-81c9-f89ba3fd8c92} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\MountPoints2: {69c992a3-fc5f-11e7-b559-8f368c5ba59a} - J:\MicroLauncher.exe
Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk [2017-11-08]
ShortcutTarget: svchost.lnk -> C:\ProgramData\Config\svchost.vbs ()
SearchScopes: HKU\S-1-5-21-1243637060-2214973017-837352300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_151\bin\new_plugin\npjp2.dll [Brak pliku]
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
S2 0226111513519648mcinstcleanup; C:\Users\MICHA~1\AppData\Local\Temp\022611~1.EXE -cleanup -nolog [X] <==== UWAGA
S3 ALSysIO; \??\C:\Users\MICHA~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [432]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [432]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [432]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Michał\Dane aplikacji:NT [40]
AlternateDataStreams: C:\Users\Michał\Dane aplikacji:NT2 [432]
AlternateDataStreams: C:\Users\Michał\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Michał\AppData\Roaming:NT2 [432]
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
HOSTS:
EmptyTemp: