CloseProcesses:
CreateRestorePoint:
EmptyTemp:
VirusTotal: C:\Users\Wolek\AppData\Local\Gihosa\Homed.exe
VirusTotal: C:\Program Files (x86)\Common Files\Horome\ProductUpdt.exe
ContextMenuHandlers1-x32-x32: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} =>  -> Brak pliku
ContextMenuHandlers4-x32-x32: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} =>  -> Brak pliku
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData\TEMP:24105FF3 [129]
AlternateDataStreams: C:\ProgramData\TEMP:E8956AB5 [271]
AlternateDataStreams: C:\ProgramData\TEMP:EFB09287 [123]
HKU\S-1-5-21-2640108276-356441645-933021493-1000\...\MountPoints2: {9daf4106-3a8d-11e8-aebe-1c1b0d4ce633} - E:\Startme.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-853d7325f6c5c48f
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-853d7325f6c5c48f
HKU\S-1-5-21-2640108276-356441645-933021493-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-853d7325f6c5c48f
HKU\S-1-5-21-2640108276-356441645-933021493-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2640108276-356441645-933021493-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2640108276-356441645-933021493-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-853d7325f6c5c48f&q={searchTerms}
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
CHR HKLM\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2640108276-356441645-933021493-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\Wolek\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
S3 netr7364; system32\DRIVERS\netr7364.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S1 UimBus; system32\DRIVERS\uimbus.sys [X]
S1 Uim_DEVIM; system32\DRIVERS\uimdevim.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Task: {DE097C0F-D237-481D-A704-8D15189DFFCA} - System32\Tasks\Homed\{075897DA-D3BE-B197-6F33-0275D9F8D0F2} => C:\Users\Wolek\AppData\Local\Gihosa\Homed.exe [2013-05-05] (Igor Pavlov)
Task: {AC01F641-5CB5-4D06-8882-B9D4B89A63D0} - System32\Tasks\ProductUpdt\{3114FF85-E2AA-E952-5604-6053F93AA804} => C:\Program Files (x86)\Common Files\Horome\ProductUpdt.exe [2013-04-14] ()