Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] virus kemgadeojglibflomicgnfeopkdfflnk

norbiax225 19 Wrz 2017 13:56 561 2
  • CControls
  • Pomocny post
    #2 19 Wrz 2017 16:01
    Kolobos
    Spec od komputerów

    Jak mozna doprowadzic system do takiego stanu? Osoba odpowiedzialna za to nie powinna w ogole korzystac z internetu bez nadzoru.

    Odinstaluj:
    amuleC
    WarThunder
    WorldofTanks

    Uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Zgraj zakladki z Firefox oraz Chrome, katalogi profili zostana usuniete.

    Wykonaj Fixlist.txt dla FRST:
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\ChromeHTML: -> C:\Program Files (x86)\Hippig\Application\chrome.exe (Google Inc.) <==== UWAGA
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku
    ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers2: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku
    ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers4: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku
    ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Brak pliku
    Task: {00B9ED68-93B3-4462-997E-C4884AE7C84F} - \snf -> Brak pliku <==== UWAGA




    Task: {02BFEFED-6A76-46A3-AFA0-848DE0813472} - \{B2549881-CBD0-4ACE-BB62-4FB400D3E4BB} -> Brak pliku <==== UWAGA
    Task: {02C902E2-6982-4C81-AFFF-8A35E42A7082} - \{BCD07157-E9F2-46A8-B7E7-457EE93F6C89} -> Brak pliku <==== UWAGA
    Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> Brak pliku <==== UWAGA
    Task: {05DA9C65-70F6-49B2-B09F-E7963A7DAEAB} - \{55AD3A3D-07D8-4002-AD4D-C4F2695FE106} -> Brak pliku <==== UWAGA
    Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> Brak pliku <==== UWAGA
    Task: {08F1644F-F381-4D06-9B3A-7082E258441D} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> Brak pliku <==== UWAGA
    Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> Brak pliku <==== UWAGA
    Task: {0B32450D-5C8D-4B82-A6D2-5F3111C030FD} - \CreateChoiceProcessTask -> Brak pliku <==== UWAGA
    Task: {108C0038-0865-43DE-99D5-9167AE375BD7} - \ChelfNotify Task -> Brak pliku <==== UWAGA
    Task: {12915298-3D34-471B-99A0-6667BC4041D6} - \Driver Booster SkipUAC (User) -> Brak pliku <==== UWAGA
    Task: {154CAFC7-3906-4975-BCED-B3A5CBAAA9B4} - \{3C028BDC-D0CD-4EE0-95DC-ECBDC27C05F1} -> Brak pliku <==== UWAGA
    Task: {18264315-E585-4F7F-AB42-561ED55F4FCA} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> Brak pliku <==== UWAGA
    Task: {1B5E0BC5-3C7B-4B41-AC59-F33C5EA2C7CD} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Brak pliku <==== UWAGA
    Task: {1BD3274E-0134-480F-97F4-37E652F0AF95} - \Price Fountain -> Brak pliku <==== UWAGA
    Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive -> Brak pliku <==== UWAGA
    Task: {23789495-452B-4955-BE57-7C28283C1E43} - \{6D14A8D3-2C24-4CD7-BD48-66158D756356} -> Brak pliku <==== UWAGA
    Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService -> Brak pliku <==== UWAGA
    Task: {24C6F112-F279-47F1-9CD8-37F9E2BD9767} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> Brak pliku <==== UWAGA
    Task: {26487B0E-0000-4C24-9799-93165B7635BA} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> Brak pliku <==== UWAGA
    Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> Brak pliku <==== UWAGA
    Task: {2911BA1E-D806-4794-AA36-E8A0CC80A7E0} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> Brak pliku <==== UWAGA
    Task: {2C317E2E-F078-4419-BAC4-539956C57B15} - \{E2A0DB91-1BA1-45CB-B6E2-A275A416AB3B} -> Brak pliku <==== UWAGA
    Task: {2DB7CCE7-90D6-4EB4-97D7-50B8689FD122} - \Microsoft\Windows\Media Center\RegisterSearch -> Brak pliku <==== UWAGA
    Task: {2E507978-CD6F-4DF8-9934-F4057D2C2172} - \GunshipUpdateTaskMachineCore -> Brak pliku <==== UWAGA
    Task: {2EB0DCC1-6CC1-401C-AC84-89B85B63D192} - \{6E80C93A-78FC-48DD-952D-A86722C762CB} -> Brak pliku <==== UWAGA
    Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
    Task: {30E18582-EA26-4589-B7D2-3AAAC98828F9} - \{94C259C5-2938-49BD-9741-B64626EB95A9} -> Brak pliku <==== UWAGA
    Task: {322F23EA-5C5A-4F6C-9EF2-5A0BFE52A2D1} - \{C9FFC7FD-2AB1-4DF8-B052-DD14B3F1FC1B} -> Brak pliku <==== UWAGA
    Task: {33D4ED82-A563-4D3C-9EC0-AFB6DC188D0A} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> Brak pliku <==== UWAGA
    Task: {35408D33-0EC4-403E-95F5-03CE297EC673} - \{BE9C290D-7474-4999-A782-4554B8298D9E} -> Brak pliku <==== UWAGA
    Task: {356D1E92-758B-47A5-B1BA-CCCB18DA529F} - \Opera scheduled Autoupdate 1495393411 -> Brak pliku <==== UWAGA
    Task: {37A7DAC1-7ADC-4264-A90D-CB17EAA91205} - \{4AABF6CA-5867-4743-B05E-37D1B9B027FE} -> Brak pliku <==== UWAGA
    Task: {388644E1-0964-4E50-9CAF-CB3656B5F768} - \Microsoft\Windows\Media Center\OCURDiscovery -> Brak pliku <==== UWAGA
    Task: {3ADB07D6-5508-45A2-AC22-AC85E1A68B12} - \{8DD7BF67-598B-4F16-9677-49FEE8C8ED2D} -> Brak pliku <==== UWAGA
    Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Brak pliku <==== UWAGA
    Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> Brak pliku <==== UWAGA
    Task: {49F20EA1-7DE6-4B23-94A3-5925A6547C02} - \Microsoft\Windows\Media Center\InstallPlayReady -> Brak pliku <==== UWAGA
    Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> Brak pliku <==== UWAGA
    Task: {50DB59A3-200B-4B78-8EA3-AC6654D6E8EB} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> Brak pliku <==== UWAGA
    Task: {54A4B12F-C861-49C0-A905-62775B65E42C} - \avastBCLRestartS-1-5-21-3648273893-1553991681-1094276733-1000 -> Brak pliku <==== UWAGA
    Task: {596247B1-A08B-475D-9809-D5F0D12238BF} - \APSnotifierPP3 -> Brak pliku <==== UWAGA
    Task: {596F915D-85E0-4308-90EB-43C267181F72} - \{A7E1449C-BDC0-4188-86E3-DF9A309A5E0B} -> Brak pliku <==== UWAGA
    Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig -> Brak pliku <==== UWAGA
    Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> Brak pliku <==== UWAGA
    Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag -> Brak pliku <==== UWAGA
    Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> Brak pliku <==== UWAGA
    Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> Brak pliku <==== UWAGA
    Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> Brak pliku <==== UWAGA
    Task: {6846A17E-41E9-49A8-9E26-A2A9A1740207} - \{1C0F3A63-80C4-4FFB-BB00-060AA8FA3229} -> Brak pliku <==== UWAGA
    Task: {7001BF17-03A9-4A18-9A58-9C1A140F0E23} - \Microsoft\Windows\SideShow\AutoWake -> Brak pliku <==== UWAGA
    Task: {7038CEC4-D9E3-43EF-92EF-4256BF5E357E} - \Microsoft\Windows\Wininet\CacheTask -> Brak pliku <==== UWAGA
    Task: {727A0952-5A04-435E-817F-7DBCC9767CB7} - \{9544BC65-8088-4E8D-BA08-CA500DAB4370} -> Brak pliku <==== UWAGA
    Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> Brak pliku <==== UWAGA
    Task: {74BD96DA-6D7D-4308-935E-5DAE6EAEBDB9} - \Microsoft\Windows\Offline Files\Logon Synchronization -> Brak pliku <==== UWAGA
    Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Brak pliku <==== UWAGA
    Task: {75B00324-FFB4-464C-B57F-5D1012FD39FD} - \AVAST Software\Avast settings backup -> Brak pliku <==== UWAGA
    Task: {75FEC0C5-759A-4228-ADE2-B97509B029EF} - \APSnotifierPP1 -> Brak pliku <==== UWAGA
    Task: {77298272-4F7C-4EF8-8AD6-ED094B744BC7} - \UserRebroadensSuchV2 -> Brak pliku <==== UWAGA
    Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask -> Brak pliku <==== UWAGA
    Task: {7B02E938-8A15-481A-8851-66BA2010CF59} - System32\Tasks\Norton Product InstallerIdle => C:\Users\User\AppData\Local\Temp\sp4FC6.tmp\SymInstallStub.exe <==== UWAGA
    Task: {7BE89967-D3CE-4F73-8B46-389FA0BE92A1} - \Microsoft\Windows\Media Center\PBDADiscovery -> Brak pliku <==== UWAGA
    Task: {7EAA6DBC-CBF3-45AB-B9FF-4F851FBFAD99} - \{216A54D4-4AD2-43EC-972F-C0BDE54F846D} -> Brak pliku <==== UWAGA
    Task: {7F105CDB-4558-42F0-A09C-B8A3361B32A8} - \Windows-PG -> Brak pliku <==== UWAGA
    Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> Brak pliku <==== UWAGA
    Task: {83A93D87-6758-440B-9FC5-AB9CF7EAA006} - \{9E50C9EE-4548-4D76-876F-B3C9E2046F22} -> Brak pliku <==== UWAGA
    Task: {84FB30FB-E276-43B6-A604-C3546B7911E6} - \Microsoft\Windows\WindowsBackup\AutomaticBackup -> Brak pliku <==== UWAGA
    Task: {86C57AA5-7245-4310-A0CD-AC36AF035D8F} - \Microsoft\Windows\Media Center\PvrScheduleTask -> Brak pliku <==== UWAGA
    Task: {8AA890A8-5CC2-4548-927E-25E81DDBB9BD} - \{BCCFA7BB-73C2-498D-9B98-654B73550A09} -> Brak pliku <==== UWAGA
    Task: {9337B757-4322-4639-BC38-12C339407D53} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> Brak pliku <==== UWAGA
    Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost -> Brak pliku <==== UWAGA
    Task: {948BB179-278E-45C3-828C-F545C7FE21AB} - System32\Tasks\347593872d85t5462036 => C:\Windows\system32\rundll32.exe "C:\ProgramData\347593872d85t5462036\347593872d85t5462036.dll",DMT <==== UWAGA
    Task: {9624AED6-F20D-4F89-9D4F-02E6AE5BC542} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor -> Brak pliku <==== UWAGA
    Task: {9715E4F8-AD48-40A5-A3A0-82F79F9A0AE1} - \Pfulymaping Mapper -> Brak pliku <==== UWAGA
    Task: {975D2CA6-822B-46F9-A8D8-3309C093CEC6} - \APSnotifierPP2 -> Brak pliku <==== UWAGA
    Task: {98DB17AC-E26E-4802-958B-423BD594B268} - \{0160F395-20C1-4023-BC7B-3C1AF2CE14B5} -> Brak pliku <==== UWAGA
    Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR -> Brak pliku <==== UWAGA
    Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> Brak pliku <==== UWAGA
    Task: {A1A8E91E-DF6A-4A5A-BB9C-BB97BC0B00F3} - \Milimili -> Brak pliku <==== UWAGA
    Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> Brak pliku <==== UWAGA
    Task: {A3791375-48A0-47D7-93EF-9544D69AE8C2} - \Microsoft\Windows\SideShow\GadgetManager -> Brak pliku <==== UWAGA
    Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter -> Brak pliku <==== UWAGA
    Task: {A566067E-3906-4247-AD02-A98159B38B75} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> Brak pliku <==== UWAGA
    Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications -> Brak pliku <==== UWAGA
    Task: {A7566723-698F-43C6-9BAF-F1C6A833930F} - System32\Tasks\Chip Settingz-com (driver => C:\Windows\system32\rundll32.exe "C:\Program Files\Chip Settingz.com (driver\Chip Settingz.com (driver.dll",dKaLrEN
    Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager -> Brak pliku <==== UWAGA
    Task: {B0445E31-A77D-4906-B405-E6E8AE3330DD} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> Brak pliku <==== UWAGA
    Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> Brak pliku <==== UWAGA
    Task: {B2E50F88-9DED-426C-B7BA-8C5049DDDE31} - \Microsoft\Windows\Media Center\UpdateRecordPath -> Brak pliku <==== UWAGA
    Task: {B5C8A1FB-16EB-4EE5-A6AB-8190F74B1FC2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Brak pliku <==== UWAGA
    Task: {BB7C89A9-6B6D-4462-98D5-B9E7CE08D282} - \Microsoft\Windows\Media Center\RecordingRestart -> Brak pliku <==== UWAGA
    Task: {BC088E3C-9F04-46D2-B24C-E8DDE6F84BFA} - \{11C225B4-D0A2-4071-B488-5DF65D6944EC} -> Brak pliku <==== UWAGA
    Task: {BC2D91D9-08BE-433F-8091-DD2A403996CF} - \{175A77D5-76F4-4B01-92CA-4E75F8549BB6} -> Brak pliku <==== UWAGA
    Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled -> Brak pliku <==== UWAGA
    Task: {BF2E8311-B466-41C7-A853-70BBDA94A397} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Brak pliku <==== UWAGA
    Task: {BFE78D7D-CD0E-4DCF-B340-0CDE1187D610} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> Brak pliku <==== UWAGA
    Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> Brak pliku <==== UWAGA
    Task: {C13CA301-788D-43C4-AC6D-42CA8AC8CFB6} - \{F4B56650-0396-4E69-87F2-DF729D3AA2E2} -> Brak pliku <==== UWAGA
    Task: {C6991125-B731-4C7B-A730-9C7089C0150E} - \Microsoft\Windows\SideShow\SessionAgent -> Brak pliku <==== UWAGA
    Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup -> Brak pliku <==== UWAGA
    Task: {CA982144-4D90-4735-9782-085AC26D66FA} - \Microsoft\Windows\SideShow\SystemDataProviders -> Brak pliku <==== UWAGA
    Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> Brak pliku <==== UWAGA
    Task: {CED71361-33A5-4166-AF01-31060F2CAA89} - \snp -> Brak pliku <==== UWAGA
    Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
    Task: {CF6F739F-2A1E-4628-B7AE-62DF20C56663} - \SmartGameBooster SkipUAC (User) -> Brak pliku <==== UWAGA
    Task: {CF804E1A-42E1-47F2-BFFE-6F5F47E9A5FC} - \Microsoft\Windows\Offline Files\Background Synchronization -> Brak pliku <==== UWAGA
    Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> Brak pliku <==== UWAGA
    Task: {D0354778-6D39-40F0-AAF3-D2B4A988D8E6} - \Microsoft\Windows\Media Center\ehDRMInit -> Brak pliku <==== UWAGA
    Task: {D1C8B96D-B050-4D8D-A88F-2958C33F0071} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> Brak pliku <==== UWAGA
    Task: {D2D1B4E6-3BD7-4F7C-BF3A-03F13495E5FA} - \Microsoft\Windows\Media Center\StartRecording -> Brak pliku <==== UWAGA
    Task: {D52265BB-CF1C-4E05-921C-7DC287910D77} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> Brak pliku <==== UWAGA
    Task: {D6455DE5-D3BC-46CB-ADB1-E743DABD7AA3} - \{B3472C9A-F95D-46F4-A725-E970100740A0} -> Brak pliku <==== UWAGA
    Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy -> Brak pliku <==== UWAGA
    Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA
    Task: {DB13E3ED-5B15-4082-B610-812AC5C39B6E} - \WinTOOL -> Brak pliku <==== UWAGA
    Task: {DB8A572B-FB09-4582-8CAA-4C4E9790F7DD} - \Microsoft\Windows\Media Center\mcupdate -> Brak pliku <==== UWAGA
    Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA
    Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> Brak pliku <==== UWAGA
    Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> Brak pliku <==== UWAGA
    Task: {E985D551-FC3A-4164-AD4D-522188956D33} - \GunshipUpdateTaskMachineUA -> Brak pliku <==== UWAGA
    Task: {E9F034A3-8638-4B25-964E-F55AC558C877} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> Brak pliku <==== UWAGA
    Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> Brak pliku <==== UWAGA
    Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA
    Task: {EE9C1485-D1FB-418C-95EA-37C007E1AE11} - \GoogleUpdateTaskMachineUA -> Brak pliku <==== UWAGA
    Task: {F3C614BC-3939-452E-AE16-9CBFF884CB05} - \GoogleUpdateTaskMachineCore -> Brak pliku <==== UWAGA
    Task: {F45BA717-28D4-4313-A5E1-67BB467FC047} - \Microsoft\Windows\Media Center\OCURActivate -> Brak pliku <==== UWAGA
    Task: {F5E70425-D2FF-44D2-8E58-F96677E17FA2} - \{2E5770DF-2B25-441A-AD2F-EDE05BEFFF6D} -> Brak pliku <==== UWAGA
    Task: {F979FCA2-F5E9-4891-8DE6-33478255CA40} - \Microsoft\Windows\MobilePC\HotStart -> Brak pliku <==== UWAGA
    Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
    Task: {FB1AFE81-B6FD-4836-B9A7-74B8AE635680} - \{2CCB7E71-A198-4516-A3E7-CB9D74EB3441} -> Brak pliku <==== UWAGA
    Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> Brak pliku <==== UWAGA
    Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> Brak pliku <==== UWAGA
    Task: {FF55B99D-14DF-41F2-84A2-4C016CC1C020} - \SmartGameBooster Update -> Brak pliku <==== UWAGA
    Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== UWAGA
    Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== UWAGA
    Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== UWAGA
    Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Users\User\AppData\Local\Temp\sp4FC6.tmp\SymInstallStub.exe/partnerid=oraclejava /productlist=ns /staging=false /dirpath c:\users\user\appdata\local\temp\sp4fc6.tmp\ /delay=0 /launchedby=4-C:\Users\User\AppData\Local\Temp\sp4FC6.tmp <==== UWAGA
    Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\User\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Hippig\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Hippig\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation)
    Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Hippig\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) <==== Cyrillic
    2016-12-22 21:44 - 2016-11-09 16:55 - 000778752 _____ () C:\Windows\system32\chtbrkg.dll
    2016-12-22 21:43 - 2014-03-22 23:46 - 003117056 _____ () C:\ProgramData\347593872d85t5462036\347593872d85t5462036.dll
    2017-09-19 13:13 - 2017-09-19 13:13 - 000501248 _____ () C:\Windows\TEMP\gF23B.tmp.exe
    2017-05-25 15:55 - 2017-05-25 04:52 - 000098456 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
    2017-05-05 14:33 - 2017-05-31 15:15 - 000348160 _____ () C:\Users\User\AppData\Local\background_fault\bf.dll
    Hosts:
    () C:\Windows\Temp\gF23B.tmp.exe
    () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
    HKLM\...\RunOnce: [USER-KOMPUTER] => C:\Windows\TEMP\gE751.tmp.exe [212992 2017-09-19] () <==== UWAGA
    HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== UWAGA
    HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== UWAGA
    HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== UWAGA
    HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== UWAGA
    HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== UWAGA
    HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== UWAGA
    HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== UWAGA
    HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== UWAGA
    HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== UWAGA
    HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== UWAGA
    HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== UWAGA
    HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== UWAGA
    HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\Run: [msiql] => C:\Users\User\AppData\Local\Temp\00031221\msiql.exe /RUNNING <==== UWAGA
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\Run: [ComputerZ-Tray] => "C:\Program Files (x86)\LuDaShi\ComputerZTray.exe" /autorun
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] ()
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\Run: [background_fault] => C:\Users\User\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-03] (AVAST Software) <==== UWAGA
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88MTNQRWM1MjJYMYZQOURWFTRSMWQSRTU4MWH5MkVQOH== /q <==== UWAGA
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: E - E:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {1c4a64c8-103f-11e6-8a69-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {37f8a6e3-d583-11e6-8f7f-902b349a9466} - E:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {4d2df6ee-301d-11e4-960b-344b50b7ef5a} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {52ebda69-3ae4-11e7-8217-e06d1f10eebd} - E:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {695e2d7c-17fa-11e4-bae7-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {695e2d98-17fa-11e4-bae7-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {695e2e55-17fa-11e4-bae7-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {7c42203a-2d1c-11e4-b699-344b50b7ef5a} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {a52e9625-3510-11e4-8f17-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {a8994579-4017-11e4-8e26-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {b85c3a58-68a2-11e4-b14d-344b50b7ef5a} - E:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {bfc500cd-a348-11e5-9051-806e6f6e6963} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {c93cf405-9b02-11e7-99c9-9cfe7c6f5abd} - E:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {ca43ac80-9d1a-11e7-9666-0c5b8f279a64} - E:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {d49c1642-3822-11e4-bbf5-344b50b7ef5a} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {d9fcd115-1d49-11e4-bfbc-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {d9fcd129-1d49-11e4-bfbc-902b349a9466} - F:\AutoRun.exe
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\...\MountPoints2: {f8b7b335-9268-11e4-aa88-344b50b7ef5a} - F:\AutoRun.exe
    HKLM\...\Providers\3vv4kfrz: C:\Program Files (x86)\Grofly Log\local64spl.dll <==== UWAGA
    IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
    IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
    ShellExecuteHooks: Brak nazwy - {73AA37BE-B04F-11E6-8746-64006A5CFC23} - C:\Users\User\AppData\Roaming\Therok\Pernerle.dll -> Brak pliku <==== UWAGA
    Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PlutoTV.lnk [2017-06-09]
    ShortcutTarget: PlutoTV.lnk -> C:\Users\User\AppData\Roaming\Pluto TV\PlutoTV.exe (Brak pliku)
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    Winsock: Catalog9 01 C:\Windows\SysWOW64\netload.dll [145880 2017-04-20] (成都奇鲁科技有限公司)
    Winsock: Catalog9 02 C:\Windows\SysWOW64\netload.dll [145880 2017-04-20] (成都奇鲁科技有限公司)
    Winsock: Catalog9 03 C:\Windows\SysWOW64\netload.dll [145880 2017-04-20] (成都奇鲁科技有限公司)
    Winsock: Catalog9 04 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 05 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 06 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 07 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 08 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 09 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 10 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 11 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 12 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 13 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 24 chtbrkg.dll => Brak pliku
    Winsock: Catalog9 25 C:\Windows\SysWOW64\netload.dll [145880 2017-04-20] (成都奇鲁科技有限公司)
    Winsock: Catalog9-x64 01 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 02 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 03 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 04 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 05 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 06 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 07 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 08 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 09 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 10 chtbrkg.dll => Brak pliku
    Winsock: Catalog9-x64 21 chtbrkg.dll => Brak pliku
    CMD: netsh winsock reset
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=ir...s_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=ir...s_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&t...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...d=WDCXWD5000AAKX-60U6AA0_WD-WCC2EWP2202922029
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...d=WDCXWD5000AAKX-60U6AA0_WD-WCC2EWP2202922029
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&t...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&t...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...d=WDCXWD5000AAKX-60U6AA0_WD-WCC2EWP2202922029
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=85023&...;tguid=85023-29472-1422553329088-946715-b5678
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&t...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    HKU\S-1-5-21-3648273893-1553991681-1094276733-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
    URLSearchHook: [S-1-5-21-3648273893-1553991681-1094276733-1000] UWAGA => Brak domyślnego URLSearchHook
    SearchScopes: HKLM -> DefaultScope - brak wartości
    SearchScopes: HKLM -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://us.search.yahoo.com/yhs/search?hspart...D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://us.search.yahoo.com/yhs/search?hspart...D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3648273893-1553991681-1094276733-1000 -> {9f7967c1-7f73-4306-a03c-e96772657105} URL = hxxp://globallysearch.com?q={searchTerms}&srcid=100_IE&src=pt_1_y17w26
    SearchScopes: HKU\S-1-5-21-3648273893-1553991681-1094276733-1000 -> {ielnksrch} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0...QTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
    BHO: Brak nazwy -> {0073A737-16ED-D93E-E422-9D3835E6A7F1} -> Brak pliku
    BHO-x32: Brak nazwy -> {0073A737-16ED-D93E-E422-9D3835E6A7F1} -> Brak pliku
    BHO-x32: Discovery App -> {ba32987d-db80-4ccb-a8bb-f812b5421c0f} -> C:\Program Files (x86)\Discovery App\Extensions\ba32987d-db80-4ccb-a8bb-f812b5421c0f.dll => Brak pliku
    FF DefaultProfile: 95wsoznn.default
    FF ProfilePath: C:\Users\User\AppData\Roaming\Firefox\Firefox\Profiles\95wsoznn.default [2017-09-19] <==== UWAGA
    FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox\Firefox.exe
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\!vitruvian-csp.js [2014-11-29]
    CHR res: Zainfekowany resources.pak (search_engine). Przeinstaluj Chrome. <==== UWAGA
    CHR DefaultProfile: ChromeDefaultData
    CHR HomePage: ChromeDefaultData -> hxxp://www.ourluckysites.com/?type=hp&ts=...d=WDCXWD5000AAKX-60U6AA0_WD-WCC2EWP2202922029
    CHR StartupUrls: ChromeDefaultData -> "hxxp://www.ourluckysites.com/?type=hp&ts=1491371975&z=06ed7eba7479ae2c6c12a8dg8zctfgbc1m1g5t0maq&from=che0812&uid=WDCXWD5000AAKX-60U6AA0_WD-WCC2EWP2202922029"
    CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.ourluckysites.com/search/?type=ds&...D5000AAKX-60U6AA0_WD-WCC2EWP2202922029&q={searchTerms}
    CHR DefaultSearchKeyword: ChromeDefaultData -> ourluckysites
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-09-19] <==== UWAGA
    CHR Extension: (Free Smileys & Emoticons) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl [2016-10-31]
    CHR Extension: (Slither.io Mod Play with friends Without LAGS) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\foocpcikeakahdlplgpgfoilanoajijf [2016-12-16]
    CHR Extension: (Google Pics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\khjgklaeknnibmeeanmbfjcnjablcpil [2016-12-23]
    CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-30]
    CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-30]
    CHR Extension: (Fast search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-22]
    CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
    CHR HKLM-x32\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\User\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
    R2 BIT; C:\ProgramData\BIT\BIT.dll [1812992 2017-05-17] (TODO: <公司名>) [Brak podpisu cyfrowego] <==== UWAGA
    R2 CSHMDR; C:\Users\User\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    S2 DsSvc; C:\ProgramData\Package Cache\{00C5024D-925C-4E9E-A8E6-F9B84ABE0DA0}\packages\Win81_SDK\9bcb3fab78e80d68be28892ea7ad46c3.msp:dp [212994 ] () [Brak podpisu cyfrowego] <==== UWAGA
    R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [98456 2017-05-25] () <==== UWAGA
    R2 glory; C:\Users\User\AppData\Local\glory\glory.dll [809984 2017-06-02] (glory) [Brak podpisu cyfrowego] <==== UWAGA
    S2 GmSvc; C:\Program Files (x86)\LDSGameCenter\GmSvc.dll [463272 2016-11-04] ()
    S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== UWAGA
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 cktSvc; "C:\Program Files (x86)\Uncheckit\cktSvc.exe" {92E162D7-70FD-48F7-A779-91154F8FD518} [X]
    S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X] <==== UWAGA
    S2 Gubed_WMI; C:\Program Files (x86)\Gubed_WMI\Gubed_WMI.exe -s [X]
    S2 GunshipU; "C:\Program Files (x86)\Gunship\Update\GunshipUpdate.exe" [X]
    S2 HpSvc; c:\program files (x86)\ludashi\lpi\HpSvc.dll [X] <==== UWAGA
    S2 MaohaWifiSvr; C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe [X] <==== UWAGA
    S2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [X]
    S2 Service Mgr DiscoveryApp; "C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugincontainer.exe" [X] <==== UWAGA
    S2 Update Mgr DiscoveryApp; "C:\Program Files (x86)\Common Files\653ac11b-b606-42c5-b357-bca0fd28d1cd\updater.exe" [X] <==== UWAGA
    S2 Utatity; C:\ProgramData\\Utatity\\Utatity.exe shuz -f "C:\ProgramData\\Utatity\\Utatity.dat" -l -a <==== UWAGA
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-22] (REALiX(tm))
    S2 ComputerZLock; \??\c:\program files (x86)\ludashi\ComputerZLock_x64.sys [X] <==== UWAGA
    S3 ComputerZ_x64; \??\C:\program files (x86)\ludashi\ComputerZ_x64.sys [X] <==== UWAGA
    S3 cpuz138; \??\C:\Users\User\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== UWAGA
    S3 cpuz141; \??\C:\Users\User\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [X] <==== UWAGA
    U2 CWASRE; Brak ImagePath
    S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X] <==== UWAGA
    S1 MaohaWifiNetPro; \??\C:\Program Files (x86)\Maoha\MaohaAP\MaoHaWiFiNet64.sys [X] <==== UWAGA
    S1 p1482487634am; \??\C:\Users\User\AppData\Local\Temp\bk343A.tmp\p1482487634am.sys [X] <==== UWAGA
    S1 p1483970117am; \??\C:\Users\User\AppData\Local\Temp\bk9B1.tmp\p1483970117am.sys [X] <==== UWAGA
    S1 p1484397263am; \??\C:\Users\User\AppData\Local\Temp\bk589B.tmp\p1484397263am.sys [X] <==== UWAGA
    S1 p1484764930am; \??\C:\Users\User\AppData\Local\Temp\bkE63A.tmp\p1484764930am.sys [X] <==== UWAGA
    U2 snare; Brak ImagePath
    U2 terana; Brak ImagePath
    S2 webinstrH; \??\C:\Windows\system32\Drivers\webinstrH.sys [X]
    U2 WinSnare; Brak ImagePath
    NETSVCx32: HpSvc -> C:\program files (x86)\ludashi\lpi\HpSvc.dll ==> Brak pliku
    NETSVCx32: GmSvc -> C:\Program Files (x86)\LDSGameCenter\GmSvc.dll ()
    2017-09-19 13:23 - 2017-06-23 12:18 - 000016722 _____ C:\Windows\System32\Tasks\347593872d85t5462036
    2017-09-19 13:13 - 2016-09-14 12:30 - 000000000 _____ C:\Users\Public\Documents\temp.dat
    2017-09-19 13:12 - 2016-11-24 19:55 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
    2017-09-19 13:10 - 2017-07-22 22:32 - 000016754 _____ C:\Windows\System32\Tasks\Chip Settingz-com (driver
    2017-09-19 13:08 - 2016-02-19 22:26 - 000000288 _____ C:\Windows\Tasks\Price Fountain.job
    2017-09-19 11:44 - 2016-12-22 21:46 - 000000000 ____D C:\Program Files (x86)\LuDaShi
    2017-08-23 14:28 - 2017-07-08 22:11 - 000000674 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
    2016-12-22 20:25 - 2017-03-06 20:24 - 000000702 _____ () C:\Program Files (x86)\metadata
    2016-12-22 20:25 - 2017-05-21 20:59 - 000000040 _____ () C:\Program Files (x86)\settings.dat
    2016-05-20 12:04 - 2016-08-01 12:15 - 002983895 _____ (Update) C:\Program Files (x86)\SSFK.exe
    2016-11-25 20:27 - 2016-11-25 20:27 - 000000000 ____H () C:\Users\User\AppData\Local\BIT6F56.tmp
    2016-11-25 20:26 - 2016-11-25 20:26 - 000000000 _____ () C:\Users\User\AppData\Local\{01078953-A1DA-41BE-B136-4111205EBA72}
    2015-11-06 19:09 - 2015-11-06 19:15 - 000000000 _____ () C:\Users\User\AppData\Local\{EFFCB068-B8E0-4675-B506-654E4E9B313C}
    2016-01-08 09:52 - 2016-03-17 16:18 - 000000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:

    W FRST wybierz Napraw.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    1
  • CControls