Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Adware.elex - Od jakiegoś czasu próbuję uporać się z Adwarem Elex.

Ala-91 07 Lut 2018 16:16 288 9
  • #1 07 Lut 2018 16:16
    Ala-91
    Poziom 11  

    Witam, mam podobny problem. To znaczy, że mam zrobić dokładnie to samo co kolega napisał wyżej? Nie mam takiego programu jak Popcorn Time.
    Mam win 7 i Malwarebytes Antimalware wykrył mi 2 Adware.Elex
    Wkeljam co mi FRST przeskanował:


    Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27.01.2018
    Uruchomiony przez user (07-02-2018 16:09:15)
    Uruchomiony z C:\Users\user\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2011-12-09 10:20:06)
    Tryb startu: Normal
    ==========================================================


    ==================== Konta użytkowników: =============================

    Administrator (S-1-5-21-3872785076-2550753500-846849981-500 - Administrator - Disabled)
    Gość (S-1-5-21-3872785076-2550753500-846849981-501 - Limited - Disabled) => C:\Users\Gość
    HomeGroupUser$ (S-1-5-21-3872785076-2550753500-846849981-1002 - Limited - Enabled)
    user (S-1-5-21-3872785076-2550753500-846849981-1001 - Administrator - Enabled) => C:\Users\user

    ==================== Centrum zabezpieczeń ========================

    (Załączenie wejścia w fixlist spowoduje jego usunięcie.)

    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Zainstalowane programy ======================

    (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
    Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
    AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.00.950 RC 1 - AIMP DevTeam)
    Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
    Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
    Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)




    ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.)
    AMCap - Bierley USB Electronic Magnifier (HKLM-x32\...\{2CC5E5D5-C535-4B04-84B4-A49A4AE9EA86}) (Version: 2.00.0000 - Bierley USB Electronic Magnifier)
    Aplikacja Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
    Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
    Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
    Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation)
    f.lux (HKU\S-1-5-21-3872785076-2550753500-846849981-1001\...\Flux) (Version: - )
    FileBox eXtender (HKLM\...\{23236FC2-648D-4ACF-AD16-68492D0F0AC9}) (Version: 2.1.0 - Hyperionics Technology LLC) Hidden
    FileBox eXtender (HKLM-x32\...\FileBox eXtender) (Version: - Hyperionics Technology LLC)
    Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    GG (HKU\S-1-5-21-3872785076-2550753500-846849981-1001\...\GG) (Version: 12 - GG Network S.A.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.22.5 - Google Inc.) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.63 - IVONA Software Sp. z o.o.)
    IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVONA Software Sp. z o.o.)
    Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Komputerowy Słownik Niemiecko-Polski 0.8.1 (HKLM-x32\...\Komputerowy Słownik Niemiecko-Polski_is1) (Version: - Maciej Pańków)
    Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
    MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
    MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NVIDIA Graphics Driver 266.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.69 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
    Odkurzacz (HKLM-x32\...\Odkurzacz 14.0_is1) (Version: 14.0.0.4000 - FranmoSoftware - Maciej Opaliński)
    Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
    Pakiet sterowników systemu Windows - libusb-win32 Xbox One GamePad (01/17/2012 1.2.6.0) (HKLM\...\FB8290B90CDEC6361473612A6C091CC81802576B) (Version: 01/17/2012 1.2.6.0 - libusb-win32)
    Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
    Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Panda Global Protection 2013 (HKLM-x32\...\{3C8238E6-4F7F-42DF-A933-B3B8768E9DE3}) (Version: 6.00.01 - Panda Security) Hidden
    Panda Global Protection 2013 (HKLM-x32\...\{B785234E-EE65-4BAD-A3FE-D525BB2C651B}) (Version: 6.00.01 - Panda Security) Hidden
    PC Connectivity Solution (HKLM-x32\...\{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}) (Version: 9.45.0.0 - Nokia)
    Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.2.0-545 - myphotobook GmbH)
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.7.2 - PowerUp Software)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Przegląd podręcznika użytkownika (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
    QRead 2.32 (HKLM-x32\...\{c690182d-be14-5aac-89e4-ef31c2925ccb}_is1) (Version: 2.32 - Continuum Software)
    Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
    RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6289 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
    RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
    RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
    Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.06 (2012-08-07) - Samsung Electronics Co., Ltd.)
    Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.74.00(2012-11-06) - Samsung Electronics Co., Ltd.)
    Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.05 (2012-07-10) - Samsung Electronics Co., Ltd.)
    Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
    Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.)
    Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.00.20.02 - Samsung Electronics Co., Ltd.) Hidden
    Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.16 (2013-02-25) - Samsung Electronics Co., Ltd.)
    Samsung Universal Print Driver 2 XPS (HKLM-x32\...\Samsung Universal Print Driver 2 XPS) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
    Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
    SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
    Sp5 (HKLM-x32\...\{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 - Microsoft) Hidden
    Sp5Intl (HKLM-x32\...\{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 - Microsoft) Hidden
    Sp5TTInt (HKLM-x32\...\{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 - Microsoft) Hidden
    SpCommon (HKLM-x32\...\{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 - Microsoft) Hidden
    Spotify (HKU\S-1-5-21-3872785076-2550753500-846849981-1001\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
    SpPhones (HKLM-x32\...\{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 - Microsoft) Hidden
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.126 - PandoraTV)
    TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
    TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
    TOSHIBA ConfigFree (HKLM-x32\...\{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}) (Version: 8.0.37 - TOSHIBA CORPORATION)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
    TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0010 - TOSHIBA)
    TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
    Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
    TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
    TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
    TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.10010 - TOSHIBA CORPORATION)
    TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
    TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0006 - TOSHIBA)
    TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.13 - TOSHIBA Corporation)
    TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CA5CF466-CAE3-4D99-8BB4-C80F4AC55028}) (Version: 1.0.2 - TOSHIBA CORPORATION)
    TRORMCLauncher (HKLM\...\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.10 - TOSHIBA) Hidden
    TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
    Unity Web Player (HKU\S-1-5-21-3872785076-2550753500-846849981-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
    USB Video Device Driver (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - eMPIA)
    USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Nazwa firmy)
    VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-3872785076-2550753500-846849981-1001\...\optimizer_ie) (Version: 6.0.0.12441 - Widevine Technologies)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

    ==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

    (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

    CustomCLSID: HKU\S-1-5-21-3872785076-2550753500-846849981-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2011-12-09] (AIMP DevTeam)
    ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> Brak pliku
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2011-12-09] (AIMP DevTeam)
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-01-16] (NVIDIA Corporation)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku
    ContextMenuHandlers1_S-1-5-21-3872785076-2550753500-846849981-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.)
    ContextMenuHandlers4_S-1-5-21-3872785076-2550753500-846849981-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.)
    ContextMenuHandlers5_S-1-5-21-3872785076-2550753500-846849981-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.)

    ==================== Zaplanowane zadania (filtrowane) =============

    (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

    Task: {00E92271-26A1-418D-9CED-0D9957CD0667} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-23] (Google Inc.)
    Task: {032D86D9-BFD3-43DC-B6F7-EA2435F9C14E} - System32\Tasks\{27F17EBC-76F0-4893-8207-FEEEA01D6AC8} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2017-10-26] (Microsoft Corporation)
    Task: {05BB6229-4FCB-4E8B-B708-2CD02A811B83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-23] (Google Inc.)
    Task: {08F66121-CDA8-4944-94B6-2C1AB0EFB737} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
    Task: {13C7FD9D-45FC-45E3-9CB6-B4A123ED0CC1} - System32\Tasks\{91692DBD-BCC0-42BC-A4E7-21A054AEFA73} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0O9YPFU8\blazingcolorsviz.exe" -d C:\Users\user\Desktop
    Task: {19113C89-67D8-42C1-837E-4761181BDAFC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3872785076-2550753500-846849981-1001UA => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-16] (Facebook Inc.)
    Task: {1CEC230E-64E0-4116-92B0-E049D8D518B0} - System32\Tasks\Opera scheduled Autoupdate 1496688940 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
    Task: {37DEEBBE-3AA9-48DE-80F6-B2D1D6FD358C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3872785076-2550753500-846849981-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
    Task: {41936F12-16D9-477A-A554-8FE19223E603} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3872785076-2550753500-846849981-1001Core => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-16] (Facebook Inc.)
    Task: {5357AD35-3A83-40CA-A436-C6DA4E43F143} - System32\Tasks\{C7499B76-B91A-49F2-8AD9-E427D0E0A136} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\JavaSetup8u101.exe -d C:\Users\user\Desktop
    Task: {5577FDEB-D0E6-4743-A751-A5810A50777D} - System32\Tasks\{883A30A2-8FC3-40CD-B66C-0BA1B91D2A5D} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1B7CJK5\chromeinstall-8u111.exe" -d C:\Users\user\Desktop
    Task: {5982DF4C-2F40-4FD2-BFDA-6F4A0E66BCA2} - System32\Tasks\Ermick Center => C:\Program Files (x86)\Qervishqeersh\pulck.exe [2017-05-06] (Google Inc.)
    Task: {637F078E-5122-4FE8-B249-B6C044BB23D1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3872785076-2550753500-846849981-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
    Task: {659322FD-628D-47B1-90DC-19E44DBC7593} - System32\Tasks\{A25178CE-F2D0-4565-B57F-CDE2194B4F71} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=404
    Task: {81A62532-CE28-44AD-96A5-D50D5A8A067B} - System32\Tasks\{EF0691C6-0D8F-4155-958C-75FAEAAEA5A2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.100/pl/abandoninstall?source=lightinstaller&page=tsBing
    Task: {9658D5F9-909E-4785-AC73-5D1FD9EA7767} - System32\Tasks\{069653B3-C4EA-41BE-9805-78904D5499E5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.5.73.102.456/pl/abandoninstall?page=tsProgressBar
    Task: {9BEE12B1-B725-45CC-83C9-6C93B63C32EF} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
    Task: {A4FBEAAC-7E09-4C06-8FAD-EA7D3D11AB39} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
    Task: {C9986881-F3FE-4443-948A-31FB8696D932} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
    Task: {DBA2DB7D-476C-43D5-9D2B-810E5DD1DE0A} - System32\Tasks\{2931BB79-4DE0-4C0A-AD7B-84613C5939A3} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.73.109.456/pl/abandoninstall?page=tsProgressBar
    Task: {DBCBA52B-EEAF-400C-8B35-2205254C2A8B} - System32\Tasks\{AEA89CDD-7ABC-4E02-B274-93081633480B} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=404
    Task: {EE2133AD-4FD7-447D-8BBF-3381943FCC2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-13] (Adobe Systems Incorporated)

    (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3872785076-2550753500-846849981-1001Core.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3872785076-2550753500-846849981-1001UA.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe

    ==================== Skróty & WMI ========================

    (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


    Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

    ==================== Załadowane moduły (filtrowane) ==============

    2014-02-25 21:28 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spexsl.dll
    2011-12-28 18:09 - 2011-04-14 03:41 - 000034304 _____ () C:\Windows\System32\ssb3ml6.dll
    2013-06-28 10:12 - 2013-06-28 10:12 - 000034304 _____ () C:\Windows\System32\ssm1mlm.dll
    2010-11-18 16:18 - 2010-11-18 16:18 - 011190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
    2012-02-20 21:23 - 2012-02-20 21:23 - 000456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    2012-02-20 21:23 - 2012-02-20 21:23 - 000051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
    2018-01-31 13:35 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-01-31 13:35 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2015-12-08 20:25 - 2015-12-08 20:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
    2011-02-23 16:04 - 2011-02-23 16:04 - 000080896 _____ () C:\Program Files\FileBX\FbxRes.dll
    2011-02-23 16:09 - 2011-02-23 16:09 - 000007680 _____ () C:\Program Files\FileBX\Fbx32helper.exe
    2010-12-08 14:42 - 2010-12-08 14:42 - 000079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
    2018-01-23 17:27 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
    2018-01-23 17:27 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
    2018-01-23 18:00 - 2018-01-23 17:59 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll
    2018-01-23 18:00 - 2018-01-23 17:59 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll
    2018-01-23 18:00 - 2018-01-23 17:59 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll
    2018-01-29 19:41 - 2018-01-31 13:49 - 068214160 _____ () C:\Users\user\AppData\Roaming\Spotify\libcef.dll
    2018-01-29 19:41 - 2018-01-31 13:49 - 003112848 _____ () C:\Users\user\AppData\Roaming\Spotify\libglesv2.dll
    2018-01-29 19:41 - 2018-01-31 13:49 - 000089488 _____ () C:\Users\user\AppData\Roaming\Spotify\libegl.dll
    2014-04-18 12:46 - 2016-04-23 07:32 - 003716144 _____ () C:\Users\user\AppData\Local\GG\Application\xulrunner\mozjs.dll

    ==================== Alternate Data Streams (filtrowane) =========

    (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
    AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
    AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
    AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [105]
    AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [127]

    ==================== Tryb awaryjny (filtrowane) ===================

    (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Powiązania plików (filtrowane) ===============

    (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


    ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

    (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


    ==================== Hosts - zawartość: ===============================

    (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

    2009-07-14 03:34 - 2017-11-16 16:01 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Inne obszary ============================

    (Obecnie brak automatycznej naprawy dla tej sekcji.)

    HKU\S-1-5-21-3872785076-2550753500-846849981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Zapora systemu Windows [funkcja włączona]

    ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk => C:\Windows\pss\Toshiba Places Icon Utility.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnkStartup
    MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
    MSCONFIG\startupreg: Advanced SystemCare 5 => "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
    MSCONFIG\startupreg: Dolphin USB Autostart =>
    MSCONFIG\startupreg: Google Update => "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: OODefragTray => c:\program files\oo software\defrag\oodtray.exe
    MSCONFIG\startupreg: Samsung PanelMgr =>
    MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
    MSCONFIG\startupreg: TOPI.EXE => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
    MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
    MSCONFIG\startupreg: TosNC =>

    ==================== Reguły Zapory systemu Windows (filtrowane) ===============

    (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

    FirewallRules: [{623D94C3-B7E7-4276-9295-297D832A33BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{3107720B-0933-4822-BC4D-BF7BD17296D8}] => (Allow) LPort=2869
    FirewallRules: [{C692A4EF-499B-4399-9BD6-5688E7A321CC}] => (Allow) LPort=1900
    FirewallRules: [{DEBC0FDF-AE40-49AE-981E-389EA6D8E659}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{7A56A8B8-5119-444A-817F-F9AAEBF9A3A0}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
    FirewallRules: [{373DE308-CD3B-457E-AD8E-DAED99693BBF}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
    FirewallRules: [TCP Query User{59307F0D-27CF-41D9-97FD-278B7B35640A}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [UDP Query User{926F47B2-7A91-4E2F-B50B-A18CA7560120}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [TCP Query User{3E18CC40-FD21-4F05-9B52-B9E5ED1589DB}C:\program files (x86)\super mario bros\virtuanes.exe] => (Block) C:\program files (x86)\super mario bros\virtuanes.exe
    FirewallRules: [UDP Query User{95EDC13E-5EE0-48CD-936D-155A64FFD0C8}C:\program files (x86)\super mario bros\virtuanes.exe] => (Block) C:\program files (x86)\super mario bros\virtuanes.exe
    FirewallRules: [{335FB67C-B1FC-4860-9B10-3A0233A6BBA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\race 07\Config.exe
    FirewallRules: [{7103A4E4-C0A2-4764-9006-33C12EB216CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\race 07\Config.exe
    FirewallRules: [{CE852D17-F241-4E36-972E-90E1D25DB94E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\race 07\SteamProxy.exe
    FirewallRules: [{46C8B831-B55D-48E3-9EB5-CED4E1A47B6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\race 07\SteamProxy.exe
    FirewallRules: [{C7D5C225-FCB8-4AB7-85F8-5C4321962FF3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\USDAgent.exe
    FirewallRules: [{30FA49DA-BE30-448E-8447-C555EC3D0F3C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\USDAgent.exe
    FirewallRules: [{31B62E21-ACEE-40CA-BF51-15936D70ED4E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2 XPS\PrinterSelector\SUPDApp.exe
    FirewallRules: [{DE4AC8F8-731A-4633-90FA-CDC0445A611A}] => (Allow) C:\Program Files (x86)\Mafia II\Steam.exe
    FirewallRules: [{A2E24295-71FA-4820-A02C-365796E13DDF}] => (Allow) C:\Program Files (x86)\Mafia II\Steam.exe
    FirewallRules: [{0DC02740-E8A6-4EA2-8FD7-B4228D08CAB0}] => (Allow) C:\Program Files (x86)\Mafia II\Steam.exe
    FirewallRules: [{64E0F486-869B-4E15-80D5-846E681047CB}] => (Allow) C:\Program Files (x86)\Mafia II\Steam.exe
    FirewallRules: [{C84B064D-A694-422E-862D-7C8C43DD7B8B}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
    FirewallRules: [{2EC65F99-1A79-4A93-88E0-18FC1BB2E538}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
    FirewallRules: [{05C2F1A0-65EB-4648-AA7A-8AEE541200E0}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{142BED3C-E262-40CA-BC32-792D4C19E46E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{39B44B13-6C06-4BEE-875F-E4761693092C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
    FirewallRules: [{627F3DEE-EE73-4907-BA68-D084A0374984}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
    FirewallRules: [{DD126B26-3694-4679-8D14-7CC824832872}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
    FirewallRules: [{5928811E-6236-4203-BEFA-9678915CB820}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
    FirewallRules: [{DE23130B-97D2-447C-8420-6E8F88178495}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
    FirewallRules: [{18E06772-5EB9-46AF-A007-E4F98CA3AC70}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
    FirewallRules: [{BD63A1B9-D1C7-4C7E-B7EE-223C41F8D455}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
    FirewallRules: [{95CABE44-F09B-43B8-8828-2E9D0291F6FB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
    FirewallRules: [{DDA2F983-763F-4226-BB64-306EAA59BE1A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{ADD4D5A8-699F-4D30-9420-43E42916D6D9}] => (Allow) C:\Program Files (x86)\Mafia II\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{5608272D-DA3F-490E-8E0B-65F47573DB39}] => (Allow) C:\Program Files (x86)\Mafia II\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [TCP Query User{3D16045B-2A30-40EB-89E8-FE7CB777779B}C:\users\user\desktop\world revival\nfsw.exe] => (Allow) C:\users\user\desktop\world revival\nfsw.exe
    FirewallRules: [UDP Query User{1ED73C9F-1974-4DA8-BF25-3AAA7884C6D2}C:\users\user\desktop\world revival\nfsw.exe] => (Allow) C:\users\user\desktop\world revival\nfsw.exe
    FirewallRules: [TCP Query User{6BC9CEAC-41F7-4425-9F11-D3732D2CA770}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
    FirewallRules: [UDP Query User{8D698C53-DA02-41FF-9656-4DA933A7A212}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
    FirewallRules: [{392493AC-2926-4059-A905-E38135DD40E0}] => (Allow) C:\Program Files\Opera\50.0.2762.58\opera.exe
    FirewallRules: [{0B28016D-3CA8-4183-A246-FEBB69323036}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{26F24273-DF9F-4D39-8271-CF0C7D0E2DCB}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
    FirewallRules: [TCP Query User{3D4994E0-5589-43AD-B636-32BCC70C836D}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{791FFDAF-A3ED-4E0E-876D-3E1E80D10BF0}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe

    ==================== Punkty Przywracania systemu =========================

    06-01-2018 20:19:41 ComboFix created restore point

    ==================== Wadliwe urządzenia w Menedżerze urządzeń =============


    ==================== Błędy w Dzienniku zdarzeń: =========================

    Dziennik Aplikacja:
    ==================
    Error: (02/07/2018 04:08:55 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\user\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu .
    Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
    Składniki powodujące konflikt:
    Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/07/2018 12:14:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/06/2018 11:55:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/05/2018 12:21:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/04/2018 01:15:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/03/2018 10:01:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/02/2018 01:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/01/2018 02:45:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/31/2018 01:49:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/31/2018 01:15:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


    Dziennik System:
    =============
    Error: (02/07/2018 12:14:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

    Error: (02/07/2018 12:14:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Usługa Intel(R) Biometric and Context Agent Service zawiesiła się podczas uruchamiania.

    Error: (02/07/2018 12:12:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi DgiVecp z powodu następującego błędu:
    Nie można odnaleźć określonego pliku.

    Error: (02/06/2018 11:55:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

    Error: (02/06/2018 11:55:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Usługa Intel(R) Biometric and Context Agent Service zawiesiła się podczas uruchamiania.

    Error: (02/06/2018 11:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi DgiVecp z powodu następującego błędu:
    Nie można odnaleźć określonego pliku.

    Error: (02/05/2018 12:21:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

    Error: (02/05/2018 12:21:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Usługa Intel(R) Biometric and Context Agent Service zawiesiła się podczas uruchamiania.

    Error: (02/05/2018 12:20:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Nie można uruchomić usługi DgiVecp z powodu następującego błędu:
    Nie można odnaleźć określonego pliku.

    Error: (02/05/2018 01:53:33 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie.


    CodeIntegrity:
    ===================================
    Date: 2017-07-12 13:59:03.822
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2017-07-12 13:59:03.690
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-11 16:26:54.720
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-11 16:26:54.716
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-11 16:26:54.712
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-11 15:06:19.534
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-11 15:06:19.529
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-11 15:06:19.525
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-09 23:31:27.194
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2013-12-09 23:31:27.187
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


    ==================== Statystyki pamięci ===========================

    Procesor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
    Procent pamięci w użyciu: 82%
    Całkowita pamięć fizyczna: 4077.98 MB
    Dostępna pamięć fizyczna: 720.69 MB
    Całkowita pamięć wirtualna: 8154.14 MB
    Dostępna pamięć wirtualna: 2366.16 MB

    ==================== Dyski ================================

    Drive c: (WINDOWS) (Fixed) (Total:149.42 GB) (Free:65 GB) NTFS
    Drive d: (Data) (Fixed) (Total:148.28 GB) (Free:129.55 GB) NTFS
    Drive f: (SONY_32X) (Removable) (Total:28.95 GB) (Free:28.57 GB) FAT32

    ==================== MBR & Tablica partycji ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 17714EC8)
    Partition 1: (Active) - (Size=400 MB) - (Type=27)
    Partition 2: (Not Active) - (Size=149.4 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=148.3 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 29 GB) (Disk ID: 414AFC9C)
    Partition 1: (Not Active) - (Size=29 GB) - (Type=0C)

    ==================== Koniec Addition.txt ============================

    Adware.elex - Od jakiegoś czasu próbuję uporać się z Adwarem Elex.

    Wydzieliłem jako nowy temat. Nie podpinaj się pod cudze wątki.
    RADU23

    0 9
  • CControls
  • #2 07 Lut 2018 16:23
    Acorus 20
    Spec od komputerów

    Brak loga FRST.txt
    Logi daj jako załączniki.

    0
  • CControls
  • #4 07 Lut 2018 22:59
    Kolobos
    Spec od komputerów

    Nie podczepiaj sie pod inne watki, logi zamieszczaj tylko w zalaczniku.

    Usun to co wykryl mbam.

    Zgraj zakladki z Firefox o ile sa Ci potrzebne, profil zostanie usuniety.

    Odinstaluj: Intel Security True Key

    Wykonaj Fixlist.txt dla FRST z zawartoscia:
    Task: {032D86D9-BFD3-43DC-B6F7-EA2435F9C14E} - System32\Tasks\{27F17EBC-76F0-4893-8207-FEEEA01D6AC8} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2017-10-26] (Microsoft Corporation)
    Task: {13C7FD9D-45FC-45E3-9CB6-B4A123ED0CC1} - System32\Tasks\{91692DBD-BCC0-42BC-A4E7-21A054AEFA73} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0O9YPFU8\blazingcolorsviz.exe" -d C:\Users\user\Desktop
    Task: {1CEC230E-64E0-4116-92B0-E049D8D518B0} - System32\Tasks\Opera scheduled Autoupdate 1496688940 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
    Task: {5357AD35-3A83-40CA-A436-C6DA4E43F143} - System32\Tasks\{C7499B76-B91A-49F2-8AD9-E427D0E0A136} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\JavaSetup8u101.exe -d C:\Users\user\Desktop
    Task: {5577FDEB-D0E6-4743-A751-A5810A50777D} - System32\Tasks\{883A30A2-8FC3-40CD-B66C-0BA1B91D2A5D} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1B7CJK5\chromeinstall-8u111.exe" -d C:\Users\user\Desktop
    Task: {5982DF4C-2F40-4FD2-BFDA-6F4A0E66BCA2} - System32\Tasks\Ermick Center => C:\Program Files (x86)\Qervishqeersh\pulck.exe [2017-05-06] (Google Inc.)
    Task: {659322FD-628D-47B1-90DC-19E44DBC7593} - System32\Tasks\{A25178CE-F2D0-4565-B57F-CDE2194B4F71} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=404
    Task: {81A62532-CE28-44AD-96A5-D50D5A8A067B} - System32\Tasks\{EF0691C6-0D8F-4155-958C-75FAEAAEA5A2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.100/pl/abandoninstall?source=lightinstaller&page=tsBing
    Task: {9658D5F9-909E-4785-AC73-5D1FD9EA7767} - System32\Tasks\{069653B3-C4EA-41BE-9805-78904D5499E5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.5.73.102.456/pl/abandoninstall?page=tsProgressBar
    Task: {DBA2DB7D-476C-43D5-9D2B-810E5DD1DE0A} - System32\Tasks\{2931BB79-4DE0-4C0A-AD7B-84613C5939A3} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.73.109.456/pl/abandoninstall?page=tsProgressBar
    Task: {DBCBA52B-EEAF-400C-8B35-2205254C2A8B} - System32\Tasks\{AEA89CDD-7ABC-4E02-B274-93081633480B} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=404
    GroupPolicy: Ograniczenia <==== UWAGA
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF DefaultProfile: 41A66E7E5EE1
    FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Profiles\41A66E7E5EE1\Profiles\go7xbjnn.default [nie znaleziono] <==== UWAGA
    FF ProfilePath: C:\Users\user\AppData\Roaming\Profiles\41A66E7E5EE1 [nie znaleziono] <==== UWAGA
    FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Profiles\41A66E7E5EE1 [2016-09-11]
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
    2018-01-30 19:41 - 2017-06-15 23:58 - 000000000 ____D C:\AdwCleaner

    Po wykonaniu zamiesc nowy log z FRST, wystarczy sam FRST.txt (w zalaczniku)

    1
  • #5 08 Lut 2018 00:55
    Ala-91
    Poziom 11  

    Prosze Fixlog

    EDIT
    Przepraszam, nie to wkleiłam. Przeskanowałam mbam i adwcleanerem i nic nie znalazły, a adwcleaner oprócz elexa coś wykrył wcześniej. Zupełnie o tym zapomniałam. Chciałam jeszcze zapytać, czy mogłam jakoś zarazić swój drugi laptop poprzez np. pendrive? Tam Adwcleaner nic nie znajduje, a na mbam skończyła mi się próbna licencja, ale chyba też nic nie znalazł.

    Scaliłem. RADU23

    0
  • #6 08 Lut 2018 02:35
    safbot1st
    Poziom 43  

    Infekcji w Toshibie nie widzę. Tylko drobne korekcje:

    Code:

    CHR StartupUrls: Default -> "hxxp://google.pl/","hxxp://www.umk.pl/","hxxp://arslege.pl/"
    2015-11-02 12:50 - 2015-11-02 15:38 - 000000563 _____ () C:\Users\user\AppData\Roaming\burnaware.ini
    2016-05-25 13:20 - 2016-05-25 13:20 - 000000017 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
    AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
    AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
    AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [105]
    AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [127]

    Watro też pozbyć się zalegającego "crapware" od Toshiby.

    0
  • Pomocny post
    #7 08 Lut 2018 07:51
    Kolobos
    Spec od komputerów

    @safbot1st nie ma potrzeby usuwania tego co podales. To poprawne strony, plik ini od burnaware, strumienie tez moga zostac i tak sie utworza ponownie.

    0
  • #8 08 Lut 2018 13:20
    safbot1st
    Poziom 43  

    Rozumiem, że te strony startowe Chrome też poprawne?
    Summa summarum, jak pisałem infekcja nie przeszła na drugi komputer.

    0
  • #9 08 Lut 2018 14:49
    Kolobos
    Spec od komputerów

    > Rozumiem, że te strony startowe Chrome też poprawne?

    Tak, wystarczy otworzyc i zobaczyc lub w google.

    1
  • #10 08 Lut 2018 15:02
    safbot1st
    Poziom 43  

    safbot1st napisał:
    hxxp://google.pl/","hxxp://www.umk.pl/","hxxp://arslege.pl/

    To jakieś forum prawnicze... ? :( @Ala-91 Można zamykać, koleżanko?

    0