CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Eaogok] => C:\Users\Pati\AppData\Roaming\Eaogok.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Windows Login access] => C:\Users\Pati\AppData\Roaming\web2net.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [BingSvc] => C:\Users\Pati\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c892-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c897-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {3cf513e8-bdfc-11e1-89f2-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {9ef5003e-bdff-11e1-93b0-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb41-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb48-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {ce7ff863-d323-11e0-9411-000b6b651b3d} - G:\LGAutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {e49ac23b-6453-11e4-aa9c-000b6b651b3d} - G:\Startme.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b07c-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b082-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {f8a3958b-a2fe-11e9-a874-000b6b651b3d} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {fcfd0a29-5aad-11e7-a334-000b6b651b3d} - G:\HiSuiteDownLoader.exe
Task: {1AD177E9-A356-4DCE-BBA7-B70C6411AD5A} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA
Task: {4FEA1C6F-1563-411B-ABDC-7E0834E6D84E} - \{5083AD46-2029-4429-9FAF-23124CF0C906} -> Brak pliku <==== UWAGA
Task: {7F2DA135-47E4-431E-BA02-8313A83401E8} - \Mozilla\Firefox Default Browser Agent E7CF176E110C211B -> Brak pliku <==== UWAGA
Task: {8DB39D44-643E-4DDA-9EF5-3A3E667C95F7} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA
Task: {D690AF97-5FA1-4109-9362-55FB7698CBC4} - System32\Tasks\NodEnabler => c:\nodNodEnabler.exe <==== UWAGA
Tcpip\..\Interfaces\{8C7EC1FB-1023-4C7F-B871-484617D467BA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKU\S-1-5-21-425697130-2423384976-1920107721-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {759BAE1A-1D16-4449-85D5-FD4C58ED355A} URL = hxxp://www.bing.com/search?FORM=MSNTLB&PC=MSNTDF&q={searchTerms}&src=IE-SearchBox
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll => Brak pliku
Toolbar: HKLM - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Brak pliku
Toolbar: HKLM-x32 - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Brak pliku
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-06-30] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension => nie znaleziono
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nie znaleziono
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-02-26] () [Brak podpisu cyfrowego]
S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [X]
U3 ah3o375o; C:\Windows\System32\Drivers\ah3o375o.sys [0 0000-00-00] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
2011-09-01 15:08 - 2012-07-29 15:37 - 000001892 _____ () C:\Program Files (x86)\INSTALL.LOG
2011-09-01 15:07 - 1998-04-30 14:56 - 000129024 _____ () C:\Program Files (x86)\UNWISE.EXE
2011-10-16 13:07 - 2011-10-16 13:07 - 000000000 ____H () C:\Users\Pati\AppData\Roaming\Hej8FIL77Eh7
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_SBXNV9VVGV1BFM6JKH2XVMV9WHSFYTP90T1B4WXFSPF7VB4VP4GF [971]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [266]
FirewallRules: [{4BD4C31D-A7B0-4B7F-A1B8-6C15A8425673}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe => Brak pliku
FirewallRules: [{0251EF26-5855-4B4B-8C6E-7C80207C9F23}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB86BF37-3D6A-4BEB-A1BB-E0E96B832228}] => (Allow) LPort=2869
FirewallRules: [{E91C232B-1E26-4117-85F7-EB7E13A52832}] => (Allow) LPort=1900
FirewallRules: [{473A2608-00FD-4C62-9A5F-9130A1658F7D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE9E63B4-F8E7-425A-AF31-0B74122AD325}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A487D5C-DC1E-4D27-9513-288C038265DD}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1104656E-D335-462B-84A2-D1179619B08B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1E735ABD-361C-4952-80A8-1DCF5825C0AD}] => (Allow) C:\Windows\SysWOW64\dfrg\btc-miner.exe => Brak pliku
FirewallRules: [{75F4A938-0AAE-49D4-A5C7-D5908F3B3128}] => (Allow) C:\Windows\SysWOW64\dfrg\btc-miner.exe => Brak pliku
FirewallRules: [{79F58804-32D0-44D5-99C8-BF63826A20FA}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe => Brak pliku
FirewallRules: [{5F99346C-1B73-4C54-830F-8B8FAD94CA7B}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe => Brak pliku