CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-932981997-549052597-2076312178-1001\...\MountPoints2: {fe936930-da7a-11e7-8270-f8a96372abd7} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\Współczesne_uzbrojenie_WO_PL_ANG.avi
CHR HKU\S-1-5-21-932981997-549052597-2076312178-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
C:\Windows\Tasks\{5A96EB66-5317-3A58-6EA5-0D0D92C4FE31}.job
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
Task: {83BDA801-F4EE-477A-992F-81317D7B1E92} - System32\Tasks\{5A96EB66-5317-3A58-6EA5-0D0D92C4FE31} => C:\Users\Acer\AppData\Roaming\{5A96E~1\SYNCVE~1.EXE <==== UWAGA
Task: {A087E4CB-C183-4C8F-BC96-A64FB6CE63A0} - System32\Tasks\AcerScrodsGravitationV2 => rundll32.exe RhapsodicalYarding.dll,main 7 1 <==== UWAGA
Task: C:\Windows\Tasks\{5A96EB66-5317-3A58-6EA5-0D0D92C4FE31}.job => C:\Users\Acer\AppData\Roaming\{5A96E~1\SYNCVE~1.EXE <==== UWAGA
EmptyTemp:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}