Witamy na forum PC Format Zapraszamy do REJESTRACJI


Użytkownicy przeglądający ten wątek: 1 gości

Laptop Asus, problem z wirusami w przeglądarkach

#1
Laptop Asus, problem z wirusami w przeglądarkach
Cześć wszystkim!

Przekopałam internety, poczytałam troszkę ale nie wiem co robić, stąd ten wątek.

Co jakiś czas, regularnie, pojawiają się w mojej przeglądarce Chrome wirusy. Tym razem jest to jollywallet (poprzednie wyglądały i zachowywały się tak samo, ale miały inne nazwy). Po wpisaniu problemu w wyszukiwarkę google doradza, aby usunąć program jollywallet z ,,programy i funkcje"... Gdyby to było tak proste nie byłoby tematu Wesoły

Mój komputer zdaje się nie widzieć tego programu, nie pomaga Avast, nie pomaga CCleaner ani SpyBot.

Czy ktoś mógłby mi pomóc i - jak kobiecie - wytłumaczyć krok po kroku co zrobić?

Dodam jeszcze, że nie ściągam żadnych programów ani aplikacji, więc nie wiem od czego to zależy że wirus się uruchamia.
 System operacyjny: windows_seven Przeglądarka: chrome
#2
RE: Laptop Asus, problem z wirusami w przeglądarkach
1) Użyj >Adw-cleaner
najpierw kliknij na SKANUJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego "C".

2) Zrób logi z FRST > http://forum.pcformat.pl/WAZNE-Jak-zaloz...ec-WAZNE-t
Przed skanem zaznacz "Addition.txt" oraz "Shortcut.txt".
.
 System operacyjny: windows_seven Przeglądarka: seamonkey
#3
RE: Laptop Asus, problem z wirusami w przeglądarkach
# AdwCleaner v5.200 - raport utworzono 21/06/2016 o 19:27:41
# Ostatnia aktualizacja 14/06/2016 przez ToolsLib
# Baza danych : 2016-06-21.1 [z serwera]
# System operacyjny : Windows 7 Home Premium Service Pack 1 (X64)
# Nazwa użytkownika : Kaja - DOM-KOMPUTER
# Lokalizacja programu : C:\Users\Kaja\Downloads\adwcleaner_5.200.exe
# Działanie : Usuń
# Pomoc techniczna : https://toolslib.net/forum

***** [ Usługi ] *****

[-] Usługa usunięto : winzipersvc
[-] Usługa usunięto : TDataSvr
[-] Usługa usunięto : DeskTop_F
[-] Usługa usunięto : jIxmRfR_protect

***** [ Foldery ] *****

[-] Folder usunięto : C:\ProgramData\desktopfind
[-] Folder usunięto : C:\ProgramData\jIxmRfR
[-] Folder usunięto : C:\ProgramData\Uncheckit
[#] Folder usunięto : C:\ProgramData\Application Data\desktopfind
[#] Folder usunięto : C:\ProgramData\Application Data\jIxmRfR
[#] Folder usunięto : C:\ProgramData\Application Data\Uncheckit
[-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com
[-] Folder usunięto : C:\Program Files (x86)\Assist Point
[-] Folder usunięto : C:\Program Files (x86)\Round World
[-] Folder usunięto : C:\Program Files (x86)\WinZipper
[-] Folder usunięto : C:\Program Files (x86)\SearchesToYesbnd
[-] Folder usunięto : C:\Program Files (x86)\TData
[-] Folder usunięto : C:\Program Files (x86)\Winsere
[-] Folder usunięto : C:\Program Files (x86)\WinTaske
[-] Folder usunięto : C:\Program Files (x86)\Booking.com
[-] Folder usunięto : C:\Program Files (x86)\QQBrowser
[-] Folder usunięto : C:\Program Files (x86)\jIxmRfR
[-] Folder usunięto : C:\Program Files (x86)\TXQQBrowser
[#] Folder usunięto : C:\Program Files (x86)\Assist Point
[#] Folder usunięto : C:\Program Files (x86)\Round World
[-] Folder usunięto : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[-] Folder usunięto : C:\Users\dom\AppData\LocalLow\pandasecuritytb
[-] Folder usunięto : C:\Users\dom\AppData\Roaming\eCyber
[-] Folder usunięto : C:\Users\dom\AppData\Roaming\Elex-tech
[-] Folder usunięto : C:\Users\Kaja\AppData\Local\jIxmRfR
[-] Folder usunięto : C:\Users\Kaja\AppData\Roaming\eCyber
[-] Folder usunięto : C:\Users\Kaja\AppData\Roaming\WinZiper
[-] Folder usunięto : C:\Users\Kaja\AppData\Roaming\Uncheckit
[-] Folder usunięto : C:\Users\Ola\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Folder usunięto : C:\Users\Ola\AppData\Local\jIxmRfR
[-] Folder usunięto : C:\Users\Ola\AppData\LocalLow\pandasecuritytb
[-] Folder usunięto : C:\Users\Ola\AppData\Roaming\Elex-tech
[-] Folder usunięto : C:\Users\Ola\AppData\Roaming\qksee
[-] Folder usunięto : C:\Users\Koty\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Folder usunięto : C:\Users\Koty\AppData\Roaming\Uncheckit
[-] Folder usunięto : C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\pandasecuritytb
[-] Folder usunięto : C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Folder usunięto : C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\pandasecuritytb
[-] Folder usunięto : C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Folder usunięto : C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\gzubkssg.default\pandasecuritytb
[-] Folder usunięto : C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\gzubkssg.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Folder usunięto : C:\extensions

***** [ Pliki ] *****

[-] Plik usunięto : C:\Windows\Reimage.ini
[-] Plik usunięto : C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\searchplugins\BrowserProtect.xml
[-] Plik usunięto : C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\searchplugins\Search_Results.xml
[-] Plik usunięto : C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\invalidprefs.js
[-] Plik usunięto : C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Plik usunięto : C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[#] Plik usunięto : C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] Plik usunięto : C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ad.turn.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ad.turn.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_appapi.inspsearchapi.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_appapi.inspsearchapi.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdn.turn.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdn.turn.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mystart.vi-view.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mystart.vi-view.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pl.reimageplus.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pl.reimageplus.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage-journal
[#] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translator.babylon.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translator.babylon.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_view.contextualyield.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_view.contextualyield.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage
[-] Plik usunięto : C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage-journal
[-] Plik usunięto : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Plik usunięto : C:\Windows\SysNative\roboot64.exe

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Skróty ] *****

[-] Skrót wyleczono : C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Skrót wyleczono : C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Skrót wyleczono : C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Zaplanowane zadania ] *****

[-] Zadanie usunięto : EPUpdater
[-] Zadanie usunięto : Price Fountain
[-] Zadanie usunięto : WinTaske
[-] Zadanie usunięto : Browser Updater Task(Core)
[-] Zadanie usunięto : Bidaily Synchronize Task[973b]
[-] Zadanie usunięto : Bidaily Synchronize Task[973b]

***** [ Rejestr ] *****

[-] Klucz usunięto : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klucz usunięto : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klucz usunięto : HKCU\Software\82dfd1e63ae814
[-] Klucz usunięto : HKLM\SOFTWARE\82dfd1e63ae814
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Wartość usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014Atetech.com]
[-] Wartość usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffntAtgmail.com]
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\AppID\{74ecbff3-d4fd-4052-b13c-0f72ce00ea09}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\AppID\{756be3a4-a2d6-4a96-a713-2fe99a39723a}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC727A8C-7582-483C-A1C2-2B885F099BB5}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Klucz usunięto : HKCU\Software\dobreprogramy
[-] Klucz usunięto : HKCU\Software\ICSW1.17
[-] Klucz usunięto : HKCU\Software\Mozilla\Extends
[-] Klucz usunięto : HKCU\Software\PRODUCTSETUP
[-] Klucz usunięto : HKCU\Software\Reg\Clean
[-] Klucz usunięto : HKCU\Software\Reimage
[-] Klucz usunięto : HKCU\Software\System Optimizer
[-] Klucz usunięto : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klucz usunięto : HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Klucz usunięto : HKCU\Software\systweak
[-] Klucz usunięto : HKCU\Software\jIxmRfR
[-] Klucz usunięto : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Extensions
[-] Klucz usunięto : HKLM\SOFTWARE\hdcode
[-] Klucz usunięto : HKLM\SOFTWARE\istartpageingSoftware
[-] Klucz usunięto : HKLM\SOFTWARE\mystartsearchSoftware
[-] Klucz usunięto : HKLM\SOFTWARE\Reg\Clean
[-] Klucz usunięto : HKLM\SOFTWARE\yessearchesSoftware
[-] Klucz usunięto : HKLM\SOFTWARE\systweak
[-] Klucz usunięto : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klucz usunięto : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klucz usunięto : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klucz usunięto : HKLM\SOFTWARE\jIxmRfR
[-] Klucz usunięto : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klucz usunięto : HKLM\SOFTWARE\Round World
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Reimage
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klucz usunięto : HKU\.DEFAULT\Software\ByteFence
[-] Klucz usunięto : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klucz usunięto : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Dane wartości został przywrócony : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
[-] Dane wartości został przywrócony : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Wartość usunięto : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B9F9B9EA-35BB-45A0-8CDB-46D37F242B3C}]
[-] Wartość usunięto : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EBB6DA4F-66ED-4FE7-AE0E-4FF5B323F394}]
[-] Klucz usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EF2FC76A-CE28-43EC-BE92-A0060A8C7FFF}
[-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
[-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService

***** [ Przeglądarki internetowe ] *****

[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=C41890E6BA672432");
[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("browser.search.hiddenOneOffs", "Allegro,do-search,DuckDuckGo,Encyklopedia PWN,Merlin,Search Results,Wikipedia (pl),Wolne Lektury,WP");
[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("browser.search.order.1", "Delta Search");
[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("extensions.bRua3qTZ27XSB7ph.scode", "(function(){try{if(window.location.href.indexOf(\"qdU5pdC5rHaEpdC6rdsHqTU8rE\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure.[...]
[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("extensions.mEIgWhpKTGXZXssR.scode", "(function(){try{if(window.location.href.indexOf(\"qdU5pdC5rHaEpdC6rdsHqTU8rE\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure.[...]
[-] [C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\cjyjrmvz.default\prefs.js] usunięto : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5053539012804458&o=APN10645&q=");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.iconURL", "hxxp://do-search.com/web/favicon.ico");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.name", "");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.ptid", "cor");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.uid", "HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.search.searchengine.url", "hxxp://do-search.com/web/?type=dspp&ts=1426090524&from=cor&uid=HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX&q={searchTerms}");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("browser.startup.homepage", "hxxp://do-search.com/?type=hppp&ts=1426090524&from=cor&uid=HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.admin", false);
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.ffxUnstlRst", true);
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.id", "c418b64e00000000000090e6ba672432");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.instlDay", "15806");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.newTab", false);
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.vrsn", "1.8.16.16");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:39:41");
[-] [C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\prefs.js] usunięto : user_pref("extensions.delta.vrsni", "1.8.16.16");
[-] [C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\gzubkssg.default\prefs.js] usunięto : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=C41890E6BA672432");
[-] [C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : r
[-] [C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] usunięto : hxxp://www.searchnu.com/406
[-] [C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : google
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : do-search
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : mystartsearch
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : google
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] usunięto : hxxp://www.mystartsearch.com/?type=hp&ts=1432660297&z=3f5e4b873c1ef9ff0e56f70g6zeceo2q5qeeao2tdc&from=wpc&uid=HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] usunięto : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] usunięto : hxxp://www.mystartsearch.com/web/?type=ds&ts=1432660297&z=3f5e4b873c1ef9ff0e56f70g6zeceo2q5qeeao2tdc&from=wpc&uid=HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX&q={searchTerms}
[-] [C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] usunięto : hxxp://www.mystartsearch.com/?type=hp&ts=1432660297&z=3f5e4b873c1ef9ff0e56f70g6zeceo2q5qeeao2tdc&from=wpc&uid=HitachiXHTS545032B9A300_090917PB5300Q6CN4BMGX
[-] [C:\Users\Koty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : google
[-] [C:\Users\Koty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] usunięto : hxxp://www.yessearches.com/?mode=nnnb&ptid=ior&uid=BBFC48DD260A0E0E17CEBDEDFD0426F7&v=20160202&ts=AHEpBH0kCHQmC0..
[-] [C:\Users\Koty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] usunięto : hxxp://www.yessearches.com/?mode=nnnb&ptid=ior&uid=BBFC48DD260A0E0E17CEBDEDFD0426F7&v=20160202&ts=AHEpBH0kCHQmC0..

*************************

:: Usunięto klucz "Tracing"
:: Zresetowano ustawienia Winsock

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [28054 bajty] - [21/06/2016 19:27:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [29679 bajty] - [21/06/2016 19:21:13]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [28202 bajty] ##########
 System operacyjny: windows_seven Przeglądarka: chrome
#4
RE: Laptop Asus, problem z wirusami w przeglądarkach
Dużo było tych szkodliwych śmieci!

Teraz jeszcze wykonaj drugie zalecenie z mojego poprzedniego postu.

.
 System operacyjny: windows_seven Przeglądarka: seamonkey
#5
RE: Laptop Asus, problem z wirusami w przeglądarkach
==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) D:\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) D:\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nobean\Application\chrome.exe
() C:\ProgramData\Nobean\Nobean.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8234986F-34DA-42AD-B85F-D23E726F864D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131094106373803304&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131094106373803304&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131094106373843307&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1349543647-3669720778-5398086-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1349543647-3669720778-5398086-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE64.dll [2016-04-10] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE.dll [2016-04-10] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-17] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1349543647-3669720778-5398086-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kaja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\user.js [2015-05-28]
FF Extension: Brak nazwy - C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [nie znaleziono]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Avast\WebRep\FF [2016-05-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - D:\Avast\SafePrice\FF
FF Extension: Avast SafePrice - D:\Avast\SafePrice\FF [2016-05-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - D:\Avast\SafePrice\FF

Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Brak pliku
CHR Plugin: (Shockwave Flash) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll => Brak pliku
CHR Profile: C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Dokumenty Google) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Dysk Google) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Google Search) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Arkusze Google) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Kaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-10]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <Brak Path/update_url>

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 avast! Antivirus; D:\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego]
R2 NobeanP; C:\ProgramData\Nobean\Nobean.exe [428416 2016-06-21] ()
S2 NobeanU; C:\Program Files (x86)\Nobean\Update\NobeanUpdate.exe [588672 2016-06-21] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 Tosrfcom; Brak ImagePath
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows ® Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Kaja\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
S1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-06-21 19:41 - 2016-06-21 19:42 - 00017492 _____ C:\Users\Kaja\Downloads\FRST.txt
2016-06-21 19:40 - 2016-06-21 19:41 - 00000000 ____D C:\FRST
2016-06-21 19:40 - 2016-06-21 19:40 - 02387456 _____ (Farbar) C:\Users\Kaja\Downloads\FRST64.exe
2016-06-21 19:20 - 2016-06-21 19:27 - 00000000 ____D C:\AdwCleaner
2016-06-21 19:18 - 2016-06-21 19:19 - 03703360 _____ C:\Users\Kaja\Downloads\adwcleaner_5.200.exe
2016-06-21 16:31 - 2016-06-21 16:31 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-21 16:30 - 2016-06-21 19:17 - 00000000 ____D C:\Users\Kaja\Desktop\Nowy folder
2016-06-21 15:33 - 2016-06-21 15:33 - 00000000 ____D C:\ProgramData\Nobean
2016-06-21 15:31 - 2016-06-21 15:31 - 00003540 _____ C:\Windows\System32\Tasks\NobeanUpdateTaskMachineCore
2016-06-21 15:31 - 2016-06-21 15:31 - 00003456 _____ C:\Windows\System32\Tasks\NobeanUpdateTaskMachineUA
2016-06-21 15:31 - 2016-06-21 15:31 - 00000000 ____D C:\Users\Kaja\AppData\Local\Nobean
2016-06-21 15:30 - 2016-06-21 15:31 - 00000000 ____D C:\Program Files (x86)\Nobean
2016-06-17 17:40 - 2016-06-17 17:40 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-06-17 11:19 - 2016-06-21 19:37 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-16 21:42 - 2016-06-17 17:13 - 00000000 ____D C:\Users\Kaja\Desktop\101D7100
2016-06-16 12:58 - 2016-06-16 12:59 - 00000000 ____D C:\Program Files (x86)\n2v4d0as
2016-06-15 17:30 - 2016-06-15 17:30 - 00000000 ____D C:\Users\Kaja\Documents\Adobe
2016-06-04 23:08 - 2016-06-04 23:10 - 00000000 ____D C:\Windows\rescache
2016-05-31 09:59 - 2016-06-21 15:24 - 00000000 ____D C:\ProgramData\uckt

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-06-21 19:35 - 2016-05-15 18:33 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-06-21 19:35 - 2015-09-21 18:44 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f48cd22dd498.job
2016-06-21 19:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 19:30 - 2014-10-10 05:29 - 00000000 ____D C:\Windows\system32\log
2016-06-21 19:30 - 2012-10-31 19:15 - 00000955 _____ C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-21 19:04 - 2015-09-21 18:44 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f48cd2e3d6f4.job
2016-06-21 18:15 - 2011-04-12 15:21 - 00740688 _____ C:\Windows\system32\perfh015.dat
2016-06-21 18:15 - 2011-04-12 15:21 - 00156230 _____ C:\Windows\system32\perfc015.dat
2016-06-21 18:15 - 2009-07-14 07:13 - 01670590 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-21 17:19 - 2012-10-28 19:13 - 00000000 ____D C:\Users\Kaja
2016-06-21 15:38 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-21 15:38 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-21 15:31 - 2016-04-21 13:47 - 00002207 _____ C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 15:31 - 2015-04-03 09:31 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 16:43 - 2015-03-13 22:33 - 00000266 __RSH C:\ProgramData\ntuser.pol
2016-06-19 23:53 - 2015-10-27 09:24 - 00000000 ___RD C:\Users\Kaja\Desktop\Moje
2016-06-19 22:20 - 2015-11-15 11:14 - 00000000 ____D C:\Users\Koty\AppData\Local\Google
2016-06-19 22:14 - 2016-04-10 16:30 - 00004124 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-17 17:25 - 2015-02-14 14:28 - 00001496 _____ C:\Users\Kaja\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2016-06-12 16:56 - 2015-12-04 09:06 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-07 12:27 - 2016-04-14 12:46 - 00000000 ____D C:\Users\Koty\Desktop\Nowy folder
2016-06-04 12:25 - 2015-11-15 11:24 - 00110960 _____ C:\Users\Koty\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-01 09:11 - 2009-07-14 06:45 - 04994128 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-31 19:54 - 2012-11-15 20:05 - 00110960 _____ C:\Users\Kaja\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-27 10:16 - 2015-04-07 02:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:16 - 2015-04-07 02:07 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-22 17:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Pliki w katalogu głównym wybranych folderów =======

2013-04-13 14:17 - 2013-05-05 16:31 - 0000000 _____ () C:\Users\Kaja\AppData\Roaming\Applause and Laugher
2013-04-13 14:27 - 2014-12-13 13:51 - 0000000 _____ () C:\Users\Kaja\AppData\Roaming\Application Support
2015-02-14 14:28 - 2016-06-17 17:25 - 0001496 _____ () C:\Users\Kaja\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2014-08-09 15:51 - 2014-08-09 15:51 - 0003584 _____ () C:\Users\Kaja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-13 16:24 - 2015-02-13 16:24 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-13 14:17 - 2013-05-05 16:31 - 0000000 ____H () C:\ProgramData\PKP_DLdu.DAT
2013-04-13 14:27 - 2014-12-13 13:51 - 0000000 ____H () C:\ProgramData\PKP_DLdw.DAT

Niektóre pliki w TEMP:
====================
C:\Users\Kaja\AppData\Local\Temp\libeay32.dll
C:\Users\Kaja\AppData\Local\Temp\msvcr120.dll
C:\Users\Kaja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2016-06-04 23:01

==================== Koniec  FRST.txt ============================

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)





Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk -> C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.5 64-bit.lnk -> D:\New Folder\lightroom.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\Uninstall.lnk -> C:\Program Files (x86)\WinZipper\wzUninstall.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RAR-a dla konsoli.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRAR-a.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims™ 3 + All Expansions\The Sims™ 3.lnk -> D:\The Sims 3\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims™ 3 + All Expansions\Uninstall The Sims 3 + All Expansions.lnk -> D:\The Sims 3\Sims3Uninstall\Sims3Uninstall.exe (Pantaray Research Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania Manual.lnk -> D:\Nowy folder (2)\StepMania\Manual\index.html (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania v5.0 Preview 4 (non-SSE2).lnk -> D:\Nowy folder (2)\StepMania\Program\StepMania.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania v5.0 Preview 4.lnk -> D:\Nowy folder (2)\StepMania\Program\StepMania-SSE2.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\Texture Font Generator.lnk -> D:\Nowy folder (2)\StepMania\Program\Texture Font Generator.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\Uninstall StepMania v5.0 Preview 4.lnk -> D:\Nowy folder (2)\StepMania\uninstall.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{627FFC10-CE0A-497F-BA2B-208CAC638010}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{627FFC10-CE0A-497F-BA2B-208CAC638010}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Pomoc.lnk -> C:\Program Files (x86)\Odkurzacz\odk_pomoc.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Usuń Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Centrum Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Preferencje językowe pakietu Microsoft Office 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Assistant.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\BtAssist1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Information Exchanger.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtProc1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Settings.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Remote Camera.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\BIP_Camera1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\User's Guide.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\UsrGuide.exe (TOSHIBA CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Wireless File Transfer.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\WirelessFTP1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> D:\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08\Tuner.lnk -> C:\Program Files (x86)\AP Tuner\AP Tuner 3.08\tuner.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08\Uninstall.lnk -> C:\Program Files (x86)\AP Tuner\AP Tuner 3.08\uninstall.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe DNG Converter.lnk -> C:\Program Files (x86)\Adobe\Adobe DNG Converter.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Photoshop 6.0 CE\Adobe ImageReady 3.0 CE.lnk -> C:\Program Files (x86)\Adobe\Photoshop 6.0.1 CE\ImageReady.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Photoshop 6.0 CE\Adobe Photoshop 6.0 CE.lnk -> C:\Program Files (x86)\Adobe\Photoshop 6.0.1 CE\Photoshp.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\Links\Desktop.lnk -> C:\Users\dom\Desktop ()
Shortcut: C:\Users\dom\Links\Downloads.lnk -> C:\Users\dom\Downloads ()
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRAR-a.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Brak pliku)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Brak pliku)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\Links\Desktop.lnk -> C:\Users\Gość\Desktop ()
Shortcut: C:\Users\Gość\Links\Downloads.lnk -> C:\Users\Gość\Downloads ()
Shortcut: C:\Users\Gość\Desktop\7 Sins.lnk -> C:\Program Files (x86)\7 Sins\The7sins_retail.exe (Brak pliku)
Shortcut: C:\Users\Gość\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Gość\Desktop\Tunatic.lnk -> C:\Program Files (x86)\Tunatic\tunatic.exe (Brak pliku)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gość\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\Links\Desktop.lnk -> C:\Users\Kaja\Desktop ()
Shortcut: C:\Users\Kaja\Links\Downloads.lnk -> C:\Users\Kaja\Downloads ()
Shortcut: C:\Users\Kaja\Desktop\Moje\Adobe Photoshop CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Kaja\Desktop\Moje\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Kaja\Desktop\Moje\Lightroom 5.5 64-bit.lnk -> D:\New Folder\lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Kaja\Desktop\Moje\The Sims™ 3 Without Launcher.lnk -> D:\The Sims 3\The Sims 3\Game\Bin\TS3W.exe (Electronic Arts Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Polska lokalizacja Lightroom 5\Odinstaluj Polska lokalizacja Lightroom 5.lnk -> D:\Deinstalator polskiego interfejsu.exe (Brak pliku)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Brak pliku)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\Links\Desktop.lnk -> C:\Users\Koty\Desktop ()
Shortcut: C:\Users\Koty\Links\Downloads.lnk -> C:\Users\Koty\Downloads ()
Shortcut: C:\Users\Koty\Desktop\Nowy folder\Adobe Photoshop CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Koty\Desktop\Nowy folder\Google Chrome.lnk -> C:\Program Files (x86)\SearchesToYesbnd\shortboost.exe (Brak pliku)
Shortcut: C:\Users\Koty\Desktop\Nowy folder\Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\SearchesToYesbnd\shortboost.exe (Brak pliku)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Koty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ola\Links\Desktop.lnk -> C:\Users\Ola\Desktop ()
Shortcut: C:\Users\Ola\Links\Downloads.lnk -> C:\Users\Ola\Downloads ()
Shortcut: C:\Users\Ola\Desktop\Nowy folder\Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\The Sims™ 3 Without Launcher.lnk -> D:\The Sims 3\The Sims 3\Game\Bin\TS3W.exe (Electronic Arts Inc.)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\ViewNX.lnk -> D:\Nikonowski\ViewNX.exe (Brak pliku)
Shortcut: C:\Users\Ola\Desktop\Nowy folder\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (Brak pliku)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk -> C:\Program Files (x86)\PhotoScape\PhotoScape.exe (Brak pliku)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\The Sims™ 3.lnk -> D:\The Sims 3\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts, Inc.)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\Open StepMania Program Folder.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> D:\Nowy folder (2)\StepMania\
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania\Open StepMania Settings Folder.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Kaja\AppData\Roaming\StepMania
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {627FFC10-CE0A-497F-BA2B-208CAC638010} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe (Hewlett-Packard Company) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> vsfilter.dll,DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> ffdshow.ax,configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> ffdshow.ax,configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> splitter.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /verysilent /components=*resetsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Add New Connection.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe (TOSHIBA CORPORATION.) -> W /AUTOMODE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWit
 System operacyjny: windows_seven Przeglądarka: chrome
#6
RE: Laptop Asus, problem z wirusami w przeglądarkach
Logi (tekst) wklejaj na http://wklejto.pl/, a w poście daj tylko linki.(czyli skopiuj adres z paska adresów)
 System operacyjny: windows_seven Przeglądarka: seamonkey
#7
RE: Laptop Asus, problem z wirusami w przeglądarkach
http://wklejto.pl/257648
http://www.wklejto.pl/257649
http://www.wklejto.pl/257650
 System operacyjny: windows_seven Przeglądarka: chrome
#8
RE: Laptop Asus, problem z wirusami w przeglądarkach
Otwórz Notatnik i wklej w nim:
Cytat:C:\Users\Ola\Desktop\Nowy folder\WinZip.lnk
C:\Users\Koty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Program Files (x86)\SearchesToYesbnd
C:\Users\Koty\Desktop\Nowy folder\Google Chrome.lnk
C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk
C:\Users\Gość\Desktop\Tunatic.lnk
C:\Users\Gość\Desktop\7 Sins.lnk
C:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08\Tuner.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RAR-a dla konsoli.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
C:\Program Files (x86)\WinZipper
C:\Program Files (x86)\Nobean\Application
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
C:\ProgramData\Ament.ini
C:\ProgramData\uckt
C:\Program Files (x86)\n2v4d0as
C:\Users\Kaja\AppData\Local\Nobean
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Kaja\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
S1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [X]
R2 NobeanP; C:\ProgramData\Nobean\Nobean.exe [428416 2016-06-21] ()
S2 NobeanU; C:\Program Files (x86)\Nobean\Update\NobeanUpdate.exe [588672 2016-06-21] ()
C:\ProgramData\Nobean
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <Brak Path/update_url>
FF user.js: detected! => C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\99x57mhq.default\user.js [2015-05-28]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-1349543647-3669720778-5398086-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip
FirewallRules: [{F8FC30A0-7541-4466-9F5B-9546AD081CB3}] => (Allow) C:\Program Files (x86)\Nobean\Update\NobeanUpdate.exe
FirewallRules: [{5395B313-198F-4B20-8040-CB894AAEDE9C}] => (Allow) C:\Program Files (x86)\Nobean\Application\chrome.exe
FirewallRules: [{F0DA1D8B-84D9-457F-BCF6-54B2CF50C7B8}] => (Allow) C:\ProgramData\Nobean\Nobean.exe
FirewallRules: [{E10046B0-7516-4D57-926B-719A3B4A7083}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe
C:\Program Files (x86)\jIxmRfR
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Nobean\Application\chrome.exe (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
Task: {F4593943-1F7E-47FC-ADB7-68F6521C9518} - \RealUpgradeScheduledTaskS-1-5-21-1349543647-3669720778-5398086-1003 -> Brak pliku <==== UWAGA
Task: {D686B8D4-C087-4358-B95D-5B22F1F5C0B3} - System32\Tasks\{9D27DDDA-6E3C-4A2A-86BA-DA32E25E85DE} => pcalua.exe -a "C:\Program Files (x86)\7 Sins\GameSetup.exe" -d "C:\Program Files (x86)\7 Sins"
Task: {E51B3C3D-E0DA-486B-9E33-9642F59E8315} - \{6F5E8A08-B1CE-4326-9D7A-B1E3D2163DC5} -> Brak pliku <==== UWAGA
Task: {C35EBF34-DB3B-48B0-A0AE-0308677F54EE} - System32\Tasks\NobeanUpdateTaskMachineCore => C:\Program Files (x86)\Nobean\Update\NobeanUpdate.exe [2016-06-21] () <==== UWAGA
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
Task: {C296CC2A-D1FC-4CDB-8687-059764229176} - \{51A65726-D25C-4D67-B337-1498EF2F6705} -> Brak pliku <==== UWAGA
Task: {B99F2601-3F2A-4E69-98BD-6578F61C9D57} - \RealUpgradeScheduledTaskS-1-5-21-1349543647-3669720778-5398086-1004 -> Brak pliku <==== UWAGA
Task: {BE9006AE-8FDB-4B94-AABB-EA9A62C6C174} - System32\Tasks\CoffsBushmenV2 => Rundll32.exe RockabyesCreche.dll,main 7 1 <==== UWAGA
Task: {B3FDB84E-F23E-4974-A4D4-0C99535050BE} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Brak pliku <==== UWAGA
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
Task: {99AFD3AC-2206-49CB-8F71-2226E02C202A} - \{2EB81BDF-D635-45FE-95C4-BA89E3C8CEB3} -> Brak pliku <==== UWAGA
Task: {9A8CE4E6-4169-4D26-AC4D-96211F8DCBED} - System32\Tasks\NobeanUpdateTaskMachineUA => C:\Program Files (x86)\Nobean\Update\NobeanUpdate.exe [2016-06-21] () <==== UWAGA
Task: {9E97B059-E850-42CC-B1A2-343F24B5F9D6} - \RealUpgradeLogonTaskS-1-5-21-1349543647-3669720778-5398086-1004 -> Brak pliku <==== UWAGA
Task: {81A12515-4B17-4476-9CE1-AD72DB65F90A} - \RealUpgradeScheduledTaskS-1-5-21-1349543647-3669720778-5398086-1000 -> Brak pliku <==== UWAGA
Task: {726D98DD-0516-49F7-A3F8-BDA33B9AA9D1} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Brak pliku <==== UWAGA
Task: {75DBB082-A51D-4008-894D-737232E52885} - System32\Tasks\{37D268F3-B5B9-4E8D-BE40-779F9655CD7B} => pcalua.exe -a "C:\Program Files (x86)\PriceMinus\t9Age7jivp8wqq.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {471052D4-A196-40EA-83DA-E2284F0377C0} - System32\Tasks\{184695CA-E33A-4E42-9B46-05F72543D71B} => pcalua.exe -a C:\PROGRA~2\7SINS~1\unwise.exe
Task: {3F210B20-C983-4C3D-B6BE-0FA422C3CF24} - \RealUpgradeLogonTaskS-1-5-21-1349543647-3669720778-5398086-1000 -> Brak pliku <==== UWAGA
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
Task: {05D90CAD-84F7-4128-A74F-5A5CBD484E82} - \RealUpgradeLogonTaskS-1-5-21-1349543647-3669720778-5398086-1003 -> Brak pliku <==== UWAGA
Task: {00258A6F-6F1D-4DED-9967-2D9B798E6E06} - System32\Tasks\KotyMarjorieIncarcerationsV2 => Rundll32.exe DemilitarizationScrupulously.dll,main 7 1 <==== UWAGA
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:
Cytat:DeleteQuarantine:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW).
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).


Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie.
.
 System operacyjny: windows_seven Przeglądarka: seamonkey
#9
RE: Laptop Asus, problem z wirusami w przeglądarkach
Wszystko jest już okej, wielkie dzięki! Wesoły
 System operacyjny: windows_seven Przeglądarka: chrome
#10
RE: Laptop Asus, problem z wirusami w przeglądarkach
Morderco, czy mogłabym prosić Cię o jeszcze jedną przysługę? Wesoły
Odwirusowuję też drugi komputer, z takim samym problemem ale nie wiem co wkleić w notatnik po wykonaniu logów FRST

AdwCleaner: http://wklejto.pl/257768

(zaraz doślę resztę)
 System operacyjny: windows_seven Przeglądarka: chrome
Programy: Polecane / Nowe / Inne




Podobne wątki (Laptop Asus, problem z wirusami w przeglądarkach)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Samoistne, niechciane otwieranie się stron w przeglądarkach. MIRZET 2 4815 15.01.2017, 19:46
Ostatni post: MIRZET
  problem z wirusami przed i po instalacji systemu egon89 3 4753 01.12.2016, 18:26
Ostatni post: morderca
  problem z wirusami egon89 0 4152 01.12.2016, 14:54
Ostatni post: egon89

Skocz do:


Wybrane wątki (Laptop Asus, problem z wirusami w przeglądarkach)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Trojan/adware Unstopacces.com/wpad.dat aqu32 4 3484 07.11.2017 10:27
Ostatni post: aqu32
  Ubezepieczenie serwisu? krantos 3 4479 07.11.2017 02:15
Ostatni post: krantos
  Losowe przekierowywanie na strony różnego typu. [wydzielone] pit1 0 3235 05.11.2017 17:40
Ostatni post: pit1
  Automatyczne przekierowywanie na różne stronki www pit1 4 3351 04.11.2017 20:17
Ostatni post: pit1
  Problem z plikiem Hex 3 3239 03.11.2017 16:33
Ostatni post: broda99
  Plik HRM Ewcik1977 1 4180 31.10.2017 23:17
Ostatni post: ~Anonim
  Infekcja komputera rlls.dll Krzychowest 6 3698 31.10.2017 15:48
Ostatni post: Krzychowest
Question Wirus na pendrive bilit 30 12252 31.10.2017 11:01
Ostatni post: bilit
  Skróty zamiast folderów na dysku wymiennym Macielug12 9 4091 21.10.2017 19:00
Ostatni post: Macielug12
  Internet śmiga - battlenet i steam nie dziala music12 7 4287 16.10.2017 07:08
Ostatni post: vanvel
  Coś/Wirus blokuje mi dostęp. PilarUS 5 3744 10.10.2017 17:32
Ostatni post: broda99
  Zamulanie komputera, wysokie użycie Ramu, brak internetu grromit 26 3381 05.10.2017 11:18
Ostatni post: grromit
  Antywirus dla firm wallas465 12 7992 27.09.2017 13:23
Ostatni post: kamel16
  Błąd 1075 Kompozycje PaniYuuki 2 4246 21.09.2017 10:05
Ostatni post: Michu_PL
  Samoczynne uruchamianie się edytora rejestru przy starcie systemu Pawelqqer 5 766 13.09.2017 21:18
Ostatni post: broda99