Otwórz notatnik systemowy i wklej: ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> Brak pliku ContextMenuHandlers1: [VirtualCloneDrive] -> [CC]{B7056B8E-4F99-44f8-8CBD-282390FE5428} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers2: [VirtualCloneDrive] -> [CC]{B7056B8E-4F99-44f8-8CBD-282390FE5428} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> Brak pliku ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku HKLM-x32\...\Run: [] => [X] BootExecute: autocheck autochk * GroupPolicy: Ograniczenia ? <==== UWAGA CHR HKU\S-1-5-21-211379173-1308523029-2236797906-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S0 edevmon; system32\DRIVERS\edevmon.sys [X] S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X] U3 TBS; Brak ImagePath S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] 2018-11-07 20:50 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe 2018-11-07 20:50 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe 2018-11-07 20:50 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2018-11-07 20:50 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2018-11-07 20:50 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2018-11-07 20:50 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe 2018-11-07 20:50 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe 2018-11-07 20:50 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe 2018-11-07 16:29 - 2018-11-07 16:31 - 000000000 ____D C:\AdwCleaner EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. Uruchom jako administrator FRST i kliknij w Fix/Napraw.