Frst pomocy :d

**Posty:** 1 · przez **RozZy** 29 Sty 2016, 23:20

Dodaje skrypty prosze o dalsza pomoc

**Posty:** 4765 · przez **ordynat** 30 Sty 2016, 00:44

1) Odinstaluj ten program:

Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION

2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego "C"

3) Otwórz Notatnik i wklej w nim:

Task: {01EF8394-39D3-4DA8-83A3-35B7D2A1243B} - System32\Tasks\{3B810657-6339-45DB-BE27-D5369EE75D80} => pcalua.exe -a C:\Users\Mateusz\Downloads\ACPI64_Win7\AsusSetup.exe -d C:\Users\Mateusz\Downloads\ACPI64_Win7
Task: {03B96F07-B172-4AAC-BA68-F5CE3B2F59E7} - System32\Tasks\{05C7BC89-306B-4BF7-9019-340968DE2258} => pcalua.exe -a C:\Users\Mateusz\AppData\Roaming\yoursearching\UninstallManager.exe -c -ptid=face
Task: {0CEA9DF8-FFB2-468E-A0D0-145276930861} - System32\Tasks\Builder Kingdom => Rundll32.exe "C:\Users\Mateusz\AppData\Local\Builder Kingdom\{483671CE-9E58-2F57-2BC3-0E5359FB4E88}\BuilderKingdom.dll",#1 <==== ATTENTION
Task: {121C1019-3A5A-4B89-9DAE-ACE8349ACCB6} - System32\Tasks\{6757E012-49B5-43CF-9705-ACCEC992C6B7} => pcalua.exe -a C:\Users\Mateusz\AppData\Local\Temp\Uninstall.exe -d C:\Users\Mateusz\AppData\Local\Temp
Task: {3F475426-DD5A-4030-9579-736BB9D13747} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe <==== ATTENTION
Task: {57F6E488-46E3-439E-A4CE-FB20D158861C} - System32\Tasks\Lebetap => C:\PROGRA~1\GROOVE~1\Ghjun.bat
C:\Users\Mateusz\AppData\Local\Builder Kingdom
C:\Program Files (x86)\LuckyBrowse
C:\PROGRA~1\GROOVE~1
Task: {5A4D968E-7E9E-4022-92EB-0CCA3217620D} - System32\Tasks\Builder Kingdom2 => Rundll32.exe "C:\Users\Mateusz\AppData\Local\Builder Kingdom\{483671CE-9E58-2F57-2BC3-0E5359FB4E88}\gcp.dll",#1 <==== ATTENTION
Task: {611F660E-AA1B-44E5-88C8-3E047C8FA590} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION
Task: {6E8DCBD6-A642-4344-8B0B-F68A8F2192B2} - System32\Tasks\NQODFJXGGHCSGKWW => C:\ProgramData\Service1104\Service1104.exe [2016-01-29] () <==== ATTENTION
Task: {7FDEC17F-7CD6-49A8-B2CD-C129AD8AE533} - System32\Tasks\Regkup => C:\PROGRA~1\SHOPPE~1\Jatqead.bat
Task: {9D1289A6-E5C8-47D7-8031-6DAEC210713A} - System32\Tasks\{8743D8FE-462C-4A57-8288-23BE562F7DC2} => pcalua.exe -a "C:\Program Files (x86)\SpaceSondPro_v53.12485\SpaceSondPro_Service.exe" -d "C:\Program Files (x86)\SpaceSondPro_v53.12485\"
Task: {AEFEF19E-3D38-415E-9A8B-3303A5E6AADC} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION
Task: {BBAF1243-BAB6-48D6-9830-E4B370E3D87D} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION
C:\Program Files (x86)\RCP
C:\Program Files (x86)\SpaceSondPro_v53.12485
C:\PROGRA~1\SHOPPE~1
C:\ProgramData\Service1104
Task: {DDFB7744-F6EB-4C65-BD4B-5B4B91EA5E23} - System32\Tasks\{443428B0-4943-40BF-87B2-AEAF0438C0C7} => pcalua.exe -a "C:\Users\Mateusz\AppData\Local\Temp\Temp1_pbsetup (1).zip\pbsetup.exe"
ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
C:\Program Files (x86)\SFK
C:\Program Files (x86)\F5D69160-1453814086-11DD-B8FE-00235414C3CE
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da41-c675-11e5-83b7-00235414c3ce}
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da42-c675-11e5-83b7-00235414c3ce}
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da78-c675-11e5-83b7-00235414c3ce}
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da79-c675-11e5-83b7-00235414c3ce}
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da7a-c675-11e5-83b7-00235414c3ce}
AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{6c53da7b-c675-11e5-83b7-00235414c3ce}
FirewallRules: [{967BDB0C-5B30-4D69-BA34-51843154820A}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{94121C20-DC8B-4512-AA32-2939D42C61FF}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes
C:\ProgramData\ApplicationHosting
C:\Program Files (x86)\TData
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM-x32\...\Run: [gmsd_pl_005010218] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [gmsd_pl_005010221] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1797107554-670502137-552658141-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1797107554-670502137-552658141-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrHMQZ30zznh4S7wm4bYBMt-NHv89E9nzhJpIlW5_FTZPzZX_dj58hoiJWbs8Pos8zgnP4cBEIDsI0h22bYZCI-GwvhRUs4EGnndbyYjKoHETqcOrc923CzLpDczuTYD8aksBcPHXNF3xxlAvGj1U-MQIRWtew,,&q={searchTerms}
HKU\S-1-5-21-1797107554-670502137-552658141-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325161&octid=EB_ORIGINAL_CTID&ISID=M6F3A8066-226D-4354-8D50-0C85A1374683&SearchSource=55&CUI=&UM=8&UP=SP39C44B27-8ED5-4CF9-B560-37F3511689B1&D=012916&SSPV=
HKU\S-1-5-21-1797107554-670502137-552658141-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrHMQZ30zznh4S7wm4bYBMt-NHv89E9nzhJpIlW5_FTZPzZX_dj58hoiJWbs8Pos8zgnP4cBEIDsI0h22bYZCI-GwvhRUs4EGnndbyYjKoHETqcOrc923CzLpDczuTYD8aksBcPHXNF3xxlAvGj1U-MQIRWtew,,&q={searchTerms}
HKU\S-1-5-21-1797107554-670502137-552658141-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrHMQZ30zznh4S7wm4bYBMt-NHv89E9nzhJpIlW5_FTZPzZX_dj58hoiJWbs8Pos8zgnP4cBEIDsI0h22bYZCI-GwvhRUs4EGnndbyYjKoHETqcOrc923CzLpDczuTYD8aksBcPHXNF3xxlAvGj1U-MQIRWtew,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrHMQZ30zznh4S7wm4bYBMt-NHv89E9nzhJpIlW5_FTZPzZX_dj58hoiJWbs8Pos8zgnP4cBEIDsI0h22bYZCI-GwvhRUs4EGnndbyYjKoHETqcOrc923CzLpDczuTYD8aksBcPHXNF3xxlAvGj1U-MQIRWtew,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1797107554-670502137-552658141-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M4A92C116-3D4B-4FF3-99EF-6E6E18C760B2&SearchSource=58&CUI=&UM=8&UP=SPDE842C88-C542-4A05-9B48-19FD65BA59D9&D=012916&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1797107554-670502137-552658141-1000 -> {546AC9CC-60B3-451E-A777-3A4A7AD4D130} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G1Tzftpbl2,953debf9-0029-416a-89c5-bfdb85d9601d,
SearchScopes: HKU\S-1-5-21-1797107554-670502137-552658141-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrHMQZ30zznh4S7wm4bYBMt-NHv89E9nzhJpIlW5_FTZPzZX_dj58hoiJWbs8Pos8zgnP4cBEIDsI0h22bYZCI-GwvhRUs4EGnndbyYjKoHETqcOrc923CzLpDczuTYD8aksBcPHXNF3xxlAvGj1U-MQIRWtew,,&q={searchTerms}
BHO-x32: Discover Treasure -> {bfa55139-82af-4663-a19b-e135dac8d043} -> C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll => No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=1453996436&z=f7eb81f86dacb05a129f0cegcz8w1cetetaq0z8c6o&from=face&uid=ST3500320AS_6QM0BEHLXXXX6QM0BEHL
FF HKLM\...\Firefox\Extensions: [{9DFBAB87-988A-4D72-87CA-16FADB2D2BE5}] - C:\Program Files\groover260120161531\Firefox\{9DFBAB87-988A-4D72-87CA-16FADB2D2BE5}.xpi => not found
FF HKLM\...\Firefox\Extensions: [{C68A1C16-E9C1-4D72-a774-5DBD11C5C01C}] - C:\Program Files\shopperz290120161415\Firefox\{C68A1C16-E9C1-4D72-a774-5DBD11C5C01C}.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{9DFBAB87-988A-4D72-87CA-16FADB2D2BE5}] - C:\Program Files\groover260120161531\Firefox\{9DFBAB87-988A-4D72-87CA-16FADB2D2BE5}.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{C68A1C16-E9C1-4D72-a774-5DBD11C5C01C}] - C:\Program Files\shopperz290120161415\Firefox\{C68A1C16-E9C1-4D72-a774-5DBD11C5C01C}.xpi => not found
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325161&octid=EB_ORIGINAL_CTID&ISID=M6F3A8066-226D-4354-8D50-0C85A1374683&SearchSource=55&CUI=&UM=8&UP=SP39C44B27-8ED5-4CF9-B560-37F3511689B1&D=012916&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325161&octid=EB_ORIGINAL_CTID&ISID=M6F3A8066-226D-4354-8D50-0C85A1374683&SearchSource=55&CUI=&UM=8&UP=SP39C44B27-8ED5-4CF9-B560-37F3511689B1&D=012916&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M4A92C116-3D4B-4FF3-99EF-6E6E18C760B2&SearchSource=58&CUI=&UM=8&UP=SPDE842C88-C542-4A05-9B48-19FD65BA59D9&D=012916&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> hxxps://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M4A92C116-3D4B-4FF3-99EF-6E6E18C760B2&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=8&UP=SPDE842C88-C542-4A05-9B48-19FD65BA59D9&SAT=CNTS&D=012916
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}&SSPV=
CHR Extension: (Search Module Plus v2) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa [2016-01-29]
CHR Extension: (Extutil) - C:\Users\Mateusz\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B [2016-01-29]
CHR Extension: (Managera) - C:\Users\Mateusz\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42 [2016-01-29]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [540160 2016-01-26] () [File not signed]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [182976 2016-01-28] ()
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [205032 2016-01-26] (TData.com)
R2 tulifyzozbt; C:\Program Files (x86)\F5D69160-1453814086-11DD-B8FE-00235414C3CE\knse64AA.tmp [243200 2016-01-29] () [File not signed]
R2 WdMan; C:\ProgramData\3WdM3\WdMan.exe [794376 2016-01-28] (TU-Funs LIMITED)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [61336 2016-01-29] (Cherimoya Ltd)
S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [23208 2016-01-29] (Corporation) [File not signed]
R3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
2016-01-29 21:37 - 2016-01-29 21:37 - 00000000 ____D C:\ProgramData\Service1104
2016-01-29 21:37 - 2016-01-29 21:37 - 00000000 ____D C:\Program Files (x86)\DataHelper
2016-01-29 21:36 - 2016-01-29 21:43 - 00000000 ____D C:\ProgramData\TomorrowGames
2016-01-29 21:36 - 2016-01-29 21:36 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2016-01-29 17:28 - 2016-01-29 17:28 - 00003178 _____ C:\Windows\System32\Tasks\Builder Kingdom
2016-01-29 17:28 - 2016-01-29 17:28 - 00003156 _____ C:\Windows\System32\Tasks\Builder Kingdom2
2016-01-29 17:28 - 2016-01-29 17:28 - 00000000 ____D C:\Users\Mateusz\AppData\Local\Builder Kingdom
2016-01-29 17:06 - 2016-01-29 21:41 - 00000000 ____D C:\Program Files\Sound+
2016-01-29 17:06 - 2016-01-29 17:06 - 00003344 _____ C:\Windows\System32\Tasks\Regkup
2016-01-29 17:06 - 2016-01-29 17:06 - 00000000 ____D C:\Windows\system32\nod
2016-01-29 17:06 - 2016-01-29 17:06 - 00000000 ____D C:\Users\Mateusz\AppData\Roaming\AmibgiMaeando
2016-01-29 17:06 - 2016-01-29 17:06 - 00000000 ____D C:\uninst
2016-01-29 13:18 - 2016-01-29 17:06 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2016-01-29 12:26 - 2016-01-29 12:26 - 00003178 _____ C:\Windows\System32\Tasks\{6757E012-49B5-43CF-9705-ACCEC992C6B7}
2016-01-29 12:18 - 2016-01-29 12:18 - 00000000 ___HD C:\Users\Mateusz\AppData\Local\SatakMalwareBusterSetup
2016-01-29 12:18 - 2016-01-29 12:18 - 00000000 ___HD C:\Users\Mateusz\AppData\Local\One10_PC_CleanerUn
2016-01-29 12:18 - 2016-01-29 12:18 - 00000000 ____D C:\Users\Mateusz\AppData\Local\One10_PC_Cleaner
2016-01-29 12:18 - 2016-01-29 12:18 - 00000000 ____D C:\ProgramData\NavRight
2016-01-29 12:18 - 2016-01-29 12:18 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
2016-01-29 12:17 - 2016-01-29 12:22 - 00000000 ____D C:\ProgramData\TVTime
2016-01-29 12:17 - 2016-01-29 12:20 - 00000000 ____D C:\Users\Mateusz\AppData\Local\BrowserAir
2016-01-29 12:17 - 2016-01-29 12:19 - 00023208 _____ (Corporation) C:\Windows\system32\Drivers\sdfhgdf.sys
2016-01-29 12:17 - 2016-01-29 12:18 - 00000000 __SHD C:\Users\Mateusz\AppData\Local\winone
2016-01-29 12:17 - 2016-01-29 12:17 - 00000000 ____D C:\ProgramData\SearchModule
2016-01-29 12:16 - 2016-01-29 12:16 - 00000000 ____D C:\ProgramData\FlashBeat
2016-01-29 12:16 - 2016-01-29 12:16 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-01-28 20:54 - 2016-01-28 20:54 - 00003166 _____ C:\Windows\System32\Tasks\{05C7BC89-306B-4BF7-9019-340968DE2258}
2016-01-28 20:51 - 2016-01-28 20:51 - 00003250 _____ C:\Windows\System32\Tasks\{8743D8FE-462C-4A57-8288-23BE562F7DC2}
2016-01-28 16:54 - 2016-01-29 21:07 - 00000000 ____D C:\Program Files (x86)\SFK
2016-01-28 16:54 - 2016-01-29 12:21 - 00000000 ____D C:\Users\Mateusz\AppData\Local\Car Component
2016-01-28 16:54 - 2016-01-28 16:55 - 00000000 ____D C:\ProgramData\3WdM3
2016-01-28 16:54 - 2016-01-28 16:54 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-28 16:53 - 2016-01-28 20:55 - 00000000 ____D C:\Users\Mateusz\AppData\Roaming\yoursearching
2016-01-28 16:53 - 2016-01-28 16:53 - 00000008 _____ C:\END
2016-01-26 14:54 - 2016-01-26 14:54 - 00002401 _____ C:\Windows\SysWOW64\findit.xml
2016-01-26 14:54 - 2016-01-26 14:54 - 00000000 ____D C:\Users\Mateusz\AppData\Roaming\systweak
2016-01-26 14:54 - 2016-01-26 14:54 - 00000000 ____D C:\ProgramData\Solotoughs
2016-01-26 14:54 - 2016-01-26 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2016-01-26 14:54 - 2016-01-26 14:54 - 00000000 ____D C:\ProgramData\ApplicationHosting
2016-01-26 14:54 - 2015-11-20 19:27 - 00019888 _____ () C:\Windows\system32\roboot64.exe
2016-01-26 14:52 - 2016-01-27 00:05 - 00000000 ____D C:\Users\Mateusz\AppData\Local\Bus Style
2016-01-26 14:50 - 2016-01-29 17:06 - 00000000 ____D C:\Users\Mateusz\AppData\Local\Tempfolder
2016-01-26 14:50 - 2016-01-26 14:50 - 00000000 ____D C:\Windows\system32\nhur
2016-01-26 14:50 - 2016-01-26 14:50 - 00000000 ____D C:\Users\Mateusz\AppData\Roaming\HitseDego
2016-01-26 14:49 - 2016-01-26 14:49 - 00003340 _____ C:\Windows\System32\Tasks\Lebetap
2016-01-26 14:49 - 2016-01-26 14:49 - 00000000 ____D C:\Users\Mateusz\AppData\LocalLow\Company
2016-01-26 14:49 - 2016-01-26 14:49 - 00000000 ____D C:\Users\Mateusz\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-01-26 14:49 - 2016-01-26 14:49 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2016-01-26 14:13 - 2016-01-26 14:13 - 00003070 _____ C:\Windows\System32\Tasks\LuckyBrowse
2016-01-26 14:13 - 2016-01-26 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
2016-01-26 14:13 - 2016-01-26 14:13 - 00000000 ____D C:\ProgramData\LuckyBrowse
2016-01-26 14:13 - 2016-01-26 14:13 - 00000000 ____D C:\Program Files (x86)\TData
HOSTS:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
Powstanie plik fixlog.txt.
Daj ten log.

4) Zrób nowe logi FRST - już bez Shortcut.

5) Napisz, jak oceniasz sytuację?
.

Frst pomocy :d

Frst pomocy :d

Frst pomocy :d

Kto jest na forum