Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

otwierająca się strona gameorplay.info

Eldiras 15 Sty 2018 22:31 327 2
  • #1 15 Sty 2018 22:31
    Eldiras
    Poziom 2  

    Witam serdecznie!

    Przy starcie systemu uruchamia mi się Google Chrome ze stroną gameorplay.info. Nie mogę się tego pozbyć w żaden sposób a z formatem wolałbym jeszcze trochę poczekać.
    Bardzo proszę o pomoc!

    W załączniku przesyłam FRST i Addition.

    Pozdrawiam

    0 2
  • Pomocny post
    #2 15 Sty 2018 23:03
    safbot1st
    Poziom 43  

    Zapisz jako fixlist.txt obok FRST.exe:

    Code:


    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-1378174749-1933962382-1444036204-1000\...\Run: [PC] => explorer.exe hxxp://ozirizsoos.info <==== UWAGA
    HKU\S-1-5-21-1378174749-1933962382-1444036204-1000\...\MountPoints2: {7153341d-ecdc-11e7-9c99-902b3419f3e1} - "G:\autorun.exe"
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-1378174749-1933962382-1444036204-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKU\S-1-5-21-1378174749-1933962382-1444036204-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
    URLSearchHook: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 - (Brak nazwy) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Brak pliku
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.v9.com/web/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&tt=010812_hplgoff_3112_4&babsrc=SP_ss&mntrId=8e7712a8000000000000902b3419f3e1
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {55EEFBEF-B185-4368-A98D-4677167DBE1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {91C5C1F8-D39A-47D3-BDB2-6B14071F1180} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=1CB9C46E-4FFF-4E34-9B96-A3A193DCF9C4&apn_sauid=6339F249-B261-4D80-8019-2B32682E7945




    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {C80EEB90-5023-40be-9C66-8EF39E1AE422} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {C842FCED-8507-42b4-9BDF-BD3B4BA0700C} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
    SearchScopes: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    FF Extension: (Babylon) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\x715luzn.default\Extensions\ffxtlbr@babylon.com [2012-08-02] [Przestarzałe] [Brak podpisu cyfrowego]
    FF Extension: (PrivDog) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\x715luzn.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-05-16] [Przestarzałe] [Brak podpisu cyfrowego]
    FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\x715luzn.default\searchplugins\askcom.xml [2013-05-01]
    FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\x715luzn.default\searchplugins\WebSearch.xml [2012-12-29]
    FF Plugin HKU\S-1-5-21-1378174749-1933962382-1444036204-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-11-08] (Pando Networks)
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    U3 idsvc; Brak ImagePath

    2017-12-27 12:15 - 2017-12-10 16:49 - 000002498 _____ C:\WINDOWS\System32\Tasks\{FCF4D562-A7A9-4B44-994B-B5657641EBD7}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002498 _____ C:\WINDOWS\System32\Tasks\{85AA153B-743F-414D-B26D-DDABC82DED5E}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002498 _____ C:\WINDOWS\System32\Tasks\{6FBE2AE6-9C43-4C7B-A7AB-DCBE91044FF1}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002498 _____ C:\WINDOWS\System32\Tasks\{4AA77E90-3D7D-47DA-A7B7-6BFE78285215}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002372 _____ C:\WINDOWS\System32\Tasks\{C2EB4437-3F52-4501-8B5E-78C7490C0E75}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002360 _____ C:\WINDOWS\System32\Tasks\{F92F74A1-5FB7-470F-85D8-4D383C21BF5F}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002320 _____ C:\WINDOWS\System32\Tasks\{538775F2-A90B-4003-9D66-B3CA9707121B}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002288 _____ C:\WINDOWS\System32\Tasks\{4FB3B9E7-5EE9-48D2-8CEE-A582CC6D112F}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002280 _____ C:\WINDOWS\System32\Tasks\{E3399C35-3263-449E-9C82-B5F41FBC40B5}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002280 _____ C:\WINDOWS\System32\Tasks\{97C30E15-E032-49A3-8D7F-0600D94F2FC5}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002226 _____ C:\WINDOWS\System32\Tasks\{7F4717B9-A223-4961-A72D-2F4712DB6BF9}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002224 _____ C:\WINDOWS\System32\Tasks\{20FF4C25-9BD2-494E-97E2-02F1CB865311}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002182 _____ C:\WINDOWS\System32\Tasks\{732655F4-A402-4358-9CF6-CA65F84E462D}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002182 _____ C:\WINDOWS\System32\Tasks\{47D88163-36FE-4F94-BAAB-037D1D524121}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002182 _____ C:\WINDOWS\System32\Tasks\{3D6182A5-0AF3-4283-98B6-A2747D4874E7}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002172 _____ C:\WINDOWS\System32\Tasks\{140A6ADD-8BF6-4960-9DC0-7FE80E64B82A}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{F6239F84-1711-406C-9CB6-135DA9885FC8}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{CDA2C776-A62B-41F0-BC39-C203A8DA6260}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{ADC9872A-43EB-4ABE-B799-CDF426A0204C}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{19CC0EDE-A63A-4788-8EC9-8B2BAD0D4A75}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{0CFA1A2E-89EF-4339-BE7D-8BA397457BA1}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002154 _____ C:\WINDOWS\System32\Tasks\{0257CCA1-6148-45DF-809D-3EF7159F7D21}
    2017-12-27 12:15 - 2017-12-10 16:49 - 000002132 _____ C:\WINDOWS\System32\Tasks\{DF923F96-689B-44CF-8842-CD6573D0002B}
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1378174749-1933962382-1444036204-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Brak pliku
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Brak pliku
    Task: {32F84A5B-B088-4F50-A2BE-503627A45287} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {454A94BF-632E-4AE9-9CD2-F19B95497824} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {5514F68C-88F9-437A-A519-E532B0E20D24} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {8F29D38A-476A-47C4-99D5-8C75BB102BA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {90E05D2D-01B3-49AC-A4DC-9ABA49CD439A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {990E1A1F-5258-4CF0-BBBA-F37F85B973C6} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    Task: {A6A83D49-CFA8-4724-879F-5C7FF5ED1530} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {AE27C4DB-AA99-46E4-96DD-0208AC3BC2C1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {C1769B5E-1318-411D-B3A7-75FB01D0B748} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {D642C4F5-909B-40AE-81B3-F1F5F809083E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {E8E23EC7-DB7F-46C3-A6C4-4591326FD373} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {FCD25276-3011-4D8F-8808-404AD56F131D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [130]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [130]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\java.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\javaw.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\javaws.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434709.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434725.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434752.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434788.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435012.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435286.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435306.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434709.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434725.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434752.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434788.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435012.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435286.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435306.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\WinUSBCoInstaller2.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [130]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\javaws.exe:$CmdTcID [130]
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\KbFilter_FlexDef3x.sys:$CmdTcID [130]
    AlternateDataStreams: C:\Users\PC\Downloads\1.000 Times Better 2.3- Optional Package- No Bloo-58-2-3.rar:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\1.000 Times Better v2.3- Full Package-58-2-3.rar:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\12.doc:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\20150302094736.jpg:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\440828795.jpg:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\9.3.doc:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\ap-100to110-eur.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\ap-100to110-eur.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\ccsetup508.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\ccsetup508.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\cispremium_installer.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\cispremium_installer.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\CV_Michał_Jelak.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\cz_2014_12_29591.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\cz_2015_03_13998.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\cz_2015_04_00320.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\druk_abonamentowy30-06-2015_17.33.27.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\Dungeon Siege III - poradnik bohatera - poradnik do gry.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\ENBoost 5_0-38649-5-0.zip:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\enbseries_skyrim_v0266.zip:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\enbseries_skyrim_v0269.zip:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\eppCzJd.jpg:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\fryzury-meskie-krotkie-albo-fryzura-meska-41.jpg:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\Harmonogram_obchodów_600-lecia.pdf:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\i68Controller.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\J.doc:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\KL2015110112081.zip:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\L.A._Noire_PL.zip:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\list_pracownik_biurowy.doc:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\MediaCreationToolx64.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\MediaCreationToolx64.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\pity2014ngsetup.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\pity2014ngsetup.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\Rise of the White Wolf - Powrot Bialego Wilka_3-669-2-0.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\Rise of the White Wolf - Powrot Bialego Wilka_3-669-2-0.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\rj3rtcmdcn.jpg:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\Setup_Downloader_3.6.0_stable.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\Setup_Downloader_3.6.0_stable.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\setup_galaxy_1.0.0.871.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Users\PC\Downloads\setup_galaxy_1.0.0.871.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\TWeditorv2 (Edycja Rozszerzona).rar:$CmdZnID [26]
    AlternateDataStreams: C:\Users\PC\Downloads\witcher3_pl_wallpaper_the_witcher_3_wild_hunt_prima_pl_1920x1080_1426504358.png:$CmdZnID [26]
    EmptyTemp:

    w FRST wybierz "Napraw".
    Po naprawie usuń C:\FRST

    0