CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: F - F:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {3168420c-9e89-11e2-94fe-d710a21dcda3} - G:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300500-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300511-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {695d2417-22a7-11de-b8e6-001377988fb5} - F:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {708d157c-aecf-11e3-8d26-d8e90d368216} - F:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {754f9d29-f955-11e2-bb68-906108090fac} - F:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2079-f9fd-11e2-908f-a4a989e715d3} - F:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2089-f9fd-11e2-908f-9df2729782e7} - F:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0962-22c4-11de-9eb4-001377988fb5} - G:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0964-22c4-11de-9eb4-001377988fb5} - F:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d3-58c6-11e6-9adf-001377988fb5} - F:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d7-58c6-11e6-9adf-00a0c6000000} - F:\AutoRun.exe
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {e470a6c5-e855-11e5-8caa-001377988fb5} - F:\AutoRun.exe /s
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {f05c6ab7-22a8-11de-8ca6-001377988fb5} - F:\AutoRun.exe
Task: {056F2320-8DE4-486F-B0CF-FCD7EC708DD9} - System32\Tasks\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\igfxcpl.cpl -c Intel(R) GMA Driver for Mobile
Task: {5EE56422-3F69-4CBB-AA32-A2AD788073F3} - System32\Tasks\{4B0605B9-C818-444E-8274-07BD3DEA882F} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\DPInst.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN"
Task: {75E9A7A4-45E1-40EA-BE23-CC53F9E439F3} - System32\Tasks\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\OPCOMUSBUninstall.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN"
Task: {C29F7C19-2589-45F7-A31E-921530A20AF8} - System32\Tasks\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} => C:\Windows\system32\pcalua.exe -a "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver\OPCOMUSBUninstall.exe" -d "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver"
Tcpip\..\Interfaces\{43553BD0-DE8F-4FB3-B364-7EA653E6E149}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{68B883E5-2578-4F16-BAFC-DFDFE8FDD021}: [DhcpNameServer] 192.168.0.1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3182861355-789584673-1566108675-1003\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Brak pliku
FF Plugin HKU\S-1-5-21-3182861355-789584673-1566108675-1003: @tools.google.com/Google Update;version=3 -> C:\Users\szymon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [Brak pliku]
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> Brak pliku
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll -> Brak pliku
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> Brak pliku
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [276]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [98]
CMD: dir /a "C:\Users\szymon\AppData\Roaming\CFBEDSDX"
CMD: dir /a "C:\Users\szymon\AppData\Roaming\MXPUWBDF"
CMD: dir /a "C:\Users\szymon\AppData\Roaming\WGPYQE"