Odinstaluj Akamai NetSession Interface,ASUS WebStorage Sync Agent,Booking.com version 1.3.0.5019,Java 8 Update 66.Otwórz notatnik systemowy i wklej: ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku Task: {1A2B6603-E474-4BC7-9A1E-3ABA9F88DE23} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {4BD19B1A-31B9-4396-BC08-AC2D444EC223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {54790B09-724D-4ED9-9A33-14C58C9128C2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3899287248-2286820569-2341076842-1002UA => C:\Users\Bartłomiej\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-07-14] (Facebook Inc.) Task: {66BBFCDD-024B-4E11-9C3F-36137E26522B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {76028E6C-46F8-42A3-93AE-93FE4A209C4F} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA Task: {7673C17D-6892-494E-B2E4-E71A65016263} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {9495B900-BFD9-42D6-8BD1-2CF3CE66479F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {B9C1A8C0-DBA7-4A07-A00A-ED3BFDB8461F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {D041BC09-BB94-42E7-8933-D268D5EE97BB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3899287248-2286820569-2341076842-1002Core => C:\Users\Bartłomiej\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-07-14] (Facebook Inc.) Task: {D0EC578E-F51E-4DA3-9781-3FC62D74984E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {D1B283E9-2E62-446C-BB71-C5E9525DCD84} - System32\Tasks\{1840D95E-29BF-4CB2-AFC1-EDB4969D6334} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/pl/abandoninstall?page=tsProgressBar Task: {D61655A6-80D1-4358-ABD2-CD2006CE6457} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {EE304BBC-A9DC-4E6E-9E9B-C9AFDF80D2C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {F4684090-8FB5-41DB-A010-96021FE6B73D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {F60A39A5-DC54-4C78-8BA6-3943CCDA0039} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3899287248-2286820569-2341076842-1002Core.job => C:\Users\Bartłomiej\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3899287248-2286820569-2341076842-1002UA.job => C:\Users\Bartłomiej\AppData\Local\Facebook\Update\FacebookUpdate.exe AlternateDataStreams: C:\WINDOWS\system32\Drivers\ouxiybpg.sys:changelist [3966] AlternateDataStreams: C:\ProgramData\Temp:DBC416F8 [266] HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Bartłomiej\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\...\MountPoints2: {4d87b95e-3335-11e7-bf65-d850e60b4464} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\...\MountPoints2: {560f21c4-012c-11e4-be94-681729c74e48} - "H:\LaunchU3.exe" -a HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\...\MountPoints2: {aa1f5f95-cf57-11e6-bf4e-d850e60b4464} - "K:\HiSuiteDownLoader.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Brak pliku AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => Brak pliku Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-07-17] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Brak pliku) GroupPolicy: Ograniczenia - Chrome <==== UWAGA GroupPolicyUsers\S-1-5-21-3899287248-2286820569-2341076842-1002\User: Ograniczenia <==== UWAGA GroupPolicyUsers\S-1-5-21-3899287248-2286820569-2341076842-1001\User: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1436895419&z=eb21b83ab8b875727299956g3zbc9q3b0t8wbzbg3o&from=cornl&uid=TOSHIBAXMQ01ABD075_73D3S0MJSXX73D3S0MJS&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1436895419&z=eb21b83ab8b875727299956g3zbc9q3b0t8wbzbg3o&from=cornl&uid=TOSHIBAXMQ01ABD075_73D3S0MJSXX73D3S0MJS&q={searchTerms} SearchScopes: HKU\S-1-5-21-3899287248-2286820569-2341076842-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3899287248-2286820569-2341076842-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Sale Clipper -> {b18906df-1dfa-4d50-8a1f-7d076a8c87b7} -> C:\Program Files (x86)\Sale Clipper\Extensions\b18906df-1dfa-4d50-8a1f-7d076a8c87b7.dll => Brak pliku BHO-x32: Assist Point -> {dc727a8c-7582-483c-a1c2-2b885f099bb5} -> C:\Program Files (x86)\Assist Point\Extensions\dc727a8c-7582-483c-a1c2-2b885f099bb5.dll => Brak pliku CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1436895419&z=eb21b83ab8b875727299956g3zbc9q3b0t8wbzbg3o&from=cornl&uid=TOSHIBAXMQ01ABD075_73D3S0MJSXX73D3S0MJS" CHR HKU\S-1-5-21-3899287248-2286820569-2341076842-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx S2 0034901500288505mcinstcleanup; C:\Users\Bartłomiej\AppData\Local\Temp\0034901500288505mcinst.exe [961888 2016-05-16] (McAfee, Inc.) <==== UWAGA S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X] S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X] R2 mfevtp; "C:\windows\system32\mfevtps.exe" [X] S3 cpuz138; C:\Users\Bartłomiej\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2017-04-17] (CPUID) <==== UWAGA S1 ouxiybpg; C:\WINDOWS\system32\drivers\ouxiybpg.sys [55168 2017-07-17] (Microsoft Corporation) 2017-07-17 12:17 - 2017-07-17 12:17 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ouxiybpg.sys EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. Uruchom jako administrator FRST i kliknij w Fix/Napraw. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan(Skanuj) i później Cleaning(Oczyść). Pokaż nowy raport z FRST bez Addition i Shortcut.