CloseProcesses: CreateRestorePoint: Task: {E2A066EF-37ED-4C18-9A6E-35070E8B97E3} - System32\Tasks\{AEB33F27-F6EC-468E-B672-7832AE64917A} => C:\Users\komar\AppData\Local\Temp\is-B22B3.tmp\XRD Manager.exe <==== UWAGA Task: C:\Windows\Tasks\{AEB33F27-F6EC-468E-B672-7832AE64917A}.job => C:\Users\komar\AppData\Local\Temp\is-B22B3.tmp\XRD Manager.exeȒ/exenoupdates /exelang 1045 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE S:\ TRANSFORMS=:1045 AI_PREREQFILES=C:\Users\komar\AppData\Local\Temp\{AEB33F27-F6EC-468E-B672-7832AE64917A}\drivers64.msi AI_PREREQDIRS=C:\Users\komar\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\komar\AppData\Local\Temp\is-B22B3.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\komar\AppData\Local\Temp\is-B22B3.tmp <==== UWAGA AlternateDataStreams: C:\ProgramData\TEMP:9E00596C [118] HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1046871905-790981739-2866185415-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1046871905-790981739-2866185415-1001\...\MountPoints2: {b0c81385-1a5d-11e8-ae97-448a5b9df0af} - "G:\LaunchU3.exe" -a HKU\S-1-5-21-1046871905-790981739-2866185415-1001\...\MountPoints2: {b0c81904-1a5d-11e8-ae97-448a5b9df0af} - "G:\setup.exe" CHR HomePage: Default -> hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=1238002618FCA1A5&affID=119776&tsp=5033 C:\Users\komar\AppData\Roaming\VOS\HD Tune Pro\%Desktop%\HD Tune Pro.lnk C:\Users\komar\AppData\Roaming\VOS\HD Tune Pro\%Common Programs%\HD Tune Pro\HD Tune Pro Manual.lnk C:\Users\komar\AppData\Roaming\VOS\HD Tune Pro\%Common Programs%\HD Tune Pro\HD Tune Pro on the Web.lnk C:\Users\komar\AppData\Roaming\VOS\HD Tune Pro\%Common Programs%\HD Tune Pro\HD Tune Pro.lnk C:\Users\komar\AppData\Roaming\VOS\HD Tune Pro\%Common Programs%\HD Tune Pro\Uninstall HD Tune Pro.lnk Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: