Some help

[lagus02]

Please, I am so poor at this, can someone tell me if and what exactly there is to be removed? I just removed everything that refers to "pricemeter" in the "tasks" section, but i can see there is a red entry in "rootkit" - is it a threat or false positive? ...thanks in advanced!

¤¤¤ Procesy : 6 ¤¤¤
[Suspicious.Path] pricemeterw.exe -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeterw.exe[7] -> Zatrzymano [TermProc]
[Suspicious.Path] pricemeter.exe -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeter.exe[7] -> Zatrzymano [TermProc]
[Suspicious.Path] pricemeter.exe -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeter.exe[7] -> Zatrzymano [TermThr]
[Suspicious.Path] pricemeter.exe -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeter.exe[7] -> Zatrzymano [TermThr]
[Suspicious.Path] pricemeter.exe -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeter.exe[7] -> Zatrzymano [TermThr]
[PUP] (SVC) IePluginService -- C:\ProgramData\IePluginService\PluginService.exe -service[7] -> Zatrzymano

¤¤¤ Rejestr : 17 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-1393821782-3177693963-3791703307-1000\Software\Microsoft\Windows\CurrentVersion\Run | PriceMeterW : "C:\Users\Lagus\AppData\Local\PriceMeter\pricemeterw.exe"  -> Nie wybrano
[PUP] (X86) HKEY_USERS\S-1-5-21-1393821782-3177693963-3791703307-1000\Software\Microsoft\Windows\CurrentVersion\Run | PriceMeterW : "C:\Users\Lagus\AppData\Local\PriceMeter\pricemeterw.exe"  -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IePluginService (C:\ProgramData\IePluginService\PluginService.exe -service) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pricemeterliveUpdate (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /svc) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pricemeterliveUpdatem (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /medsvc) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IePluginService (C:\ProgramData\IePluginService\PluginService.exe -service) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pricemeterliveUpdate (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /svc) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pricemeterliveUpdatem (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /medsvc) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IePluginService (C:\ProgramData\IePluginService\PluginService.exe -service) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\pricemeterliveUpdate (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /svc) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\pricemeterliveUpdatem (C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe /medsvc) -> Nie wybrano
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.sweet-page.com/web/?type=ds&ts=1395086048&from=cor&uid=TOSHIBAXMQ01ABF050_Z36FCI3GTXXZ36FCI3GT&q={searchTerms}  -> Nie wybrano
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.sweet-page.com/web/?type=ds&ts=1395086048&from=cor&uid=TOSHIBAXMQ01ABF050_Z36FCI3GTXXZ36FCI3GT&q={searchTerms}  -> Nie wybrano
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Nie wybrano
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Nie wybrano
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Nie wybrano
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Nie wybrano

¤¤¤ Zaplanowane zadania : 7 ¤¤¤
[Suspicious.Path] AppCloudUpdater.job -- C:\Users\Lagus\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Nie wybrano
[Suspicious.Path] PriceMeterUpdater.job -- C:\Users\Lagus\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Usunięto
[Suspicious.Path] \\AppCloudUpdater -- C:\Users\Lagus\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Nie wybrano
[Suspicious.Path] \\pricemeterdownloader -- C:\Users\Lagus\AppData\Local\PriceMeter\pricemeterd.exe (1.0.5. -> Usunięto
[Suspicious.Path] \\pricemetertask -- C:\Users\Lagus\AppData\Local\PriceMeter\TEMP\pricemeter.exe -> Usunięto
[Suspicious.Path] \\PriceMeterUpdater -- C:\Users\Lagus\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Usunięto
[Suspicious.Path] \\pricemeterwatcher -- "C:\Users\Lagus\AppData\Local\PriceMeter\pricemeterw.exe" -> Usunięto

¤¤¤ Pliki : 0 ¤¤¤

¤¤¤ Plik Hosts : 0 ¤¤¤

¤¤¤ Anty-Rootkit : 1 (Driver: Załadowany) ¤¤¤
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass0 : \Driver\ETD @ Unknown (\SystemRoot\system32\DRIVERS\ETD.sys)

¤¤¤ Przeglądarki internetowe : 0 ¤¤¤

¤¤¤ Sprawdzenie MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABF050 ATA Device +++++
--- User ---
[MBR] ef717cd2467e0a74f31c6a51b83650c2
[BSP] b1450f39dd1c0daec648f73b32223ed0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 102480 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 209881088 | Size: 374458 MB
User = LL1 ... OK
User = LL2 ... OK

[Tigzy]

Hello
remove everything.

[lagus02]

have done. thanks:)