co to jest brought by WA? czy to jest jakiś wirus, proszę o odpowiedż, dziękuje 
czy to jest wirus?
Odinstaluj GoodGameEmpire,sweet-page uninstall.Otwórz notatnik systemowy i wklej:
Task: {B3F1ED92-C396-49A8-8755-C15C73AA9C56} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1340157458-309153391-1348820675-1002Core = C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-26] (Facebook Inc.)
Task: {B87ABAAF-50BC-44AE-9871-38E0BC1D1EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1340157458-309153391-1348820675-1002UA = C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-26] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1340157458-309153391-1348820675-1002Core.job = C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1340157458-309153391-1348820675-1002UA.job = C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
HKU\S-1-5-21-1340157458-309153391-1348820675-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/yhs/web?hspart=iryhsimp=yhs-fullyhosted_003type=wncy_ir_15_28param1=1param2=f%3D1%26b%3DIE%26cc%3Dpl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByE0F0DyDtB0FtCyB0F0DyDtB0CzzzztN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0F0Czy0A0BtAyBtGtDtD0F0DtGzz0CyEyCtGyEyCyB0EtGyC0CtD0ByDtDzz0EyE0CtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyEyC0FyBzzyEtCtG0AtB0DtBtGyEyBtDzytG0ByDyB0DtG0E0FyDtDyEyC0FyCtAzy0AtA2QtN0A0LzuyE%26cr%3D2026917718%26a%3Dwncy_ir_15_28%26os%3DWindows 8.1
HKU\S-1-5-21-1340157458-309153391-1348820675-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=iryhsimp=yhs-fullyhosted_003type=wncy_ir_15_28param1=1param2=f%3D4%26b%3DIE%26cc%3Dpl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByE0F0DyDtB0FtCyB0F0DyDtB0CzzzztN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0F0Czy0A0BtAyBtGtDtD0F0DtGzz0CyEyCtGyEyCyB0EtGyC0CtD0ByDtDzz0EyE0CtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyEyC0FyBzzyEtCtG0AtB0DtBtGyEyBtDzytG0ByDyB0DtG0E0FyDtDyEyC0FyCtAzy0AtA2QtN0A0LzuyE%26cr%3D2026917718%26a%3Dwncy_ir_15_28%26os%3DWindows 8.1p={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
SearchScopes: HKU\S-1-5-21-1340157458-309153391-1348820675-1002 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=iryhsimp=yhs-fullyhosted_003type=wncy_ir_15_28param1=1param2=f%3D4%26b%3DIE%26cc%3Dpl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByE0F0DyDtB0FtCyB0F0DyDtB0CzzzztN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0F0Czy0A0BtAyBtGtDtD0F0DtGzz0CyEyCtGyEyCyB0EtGyC0CtD0ByDtDzz0EyE0CtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyEyC0FyBzzyEtCtG0AtB0DtBtGyEyBtDzytG0ByDyB0DtG0E0FyDtDyEyC0FyCtAzy0AtA2QtN0A0LzuyE%26cr%3D2026917718%26a%3Dwncy_ir_15_28%26os%3DWindows 8.1p={searchTerms}
SearchScopes: HKU\S-1-5-21-1340157458-309153391-1348820675-1002 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=iryhsimp=yhs-fullyhosted_003type=wncy_ir_15_28param1=1param2=f%3D4%26b%3DIE%26cc%3Dpl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByE0F0DyDtB0FtCyB0F0DyDtB0CzzzztN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0F0Czy0A0BtAyBtGtDtD0F0DtGzz0CyEyCtGyEyCyB0EtGyC0CtD0ByDtDzz0EyE0CtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyEyC0FyBzzyEtCtG0AtB0DtBtGyEyBtDzytG0ByDyB0DtG0E0FyDtDyEyC0FyCtAzy0AtA2QtN0A0LzuyE%26cr%3D2026917718%26a%3Dwncy_ir_15_28%26os%3DWindows 8.1p={searchTerms}
SearchScopes: HKU\S-1-5-21-1340157458-309153391-1348820675-1002 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=dsts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJq={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF DefaultSearchEngine: sweet-page
FF SelectedSearchEngine: sweet-page
FF SearchPlugin: C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\searchplugins\sweet-page.xml
FF Extension: QuickSearch - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\Extensions\searchffv2@gmail.com [2015-07-04]
FF Extension: Search Enginer - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\Extensions\sweetsearch@gmail.com [2015-07-04]
FF Extension: foxydeal - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2015-02-04]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\extensions\searchffv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\r3yh1izm.default\extensions\sweetsearch@gmail.com
OPR StartupUrls: "hxxp://www.sweet-page.com/?type=hpts=1436004720z=45cbc147fdb6eea49cc94beg4z0c4qfebe1z8ccc5wfrom=coruid=ST500LT012-9WS142_W0VCEAKJXXXXW0VCEAKJ"
2015-07-04 12:12 - 2015-07-04 12:12 - 00000000 ____ D () C:\Users\Me\AppData\Roaming\sweet-page
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
nie moge odinstalować sweet page. Jak biore odinstaluj to pokazuje coś po chińsku a jak klikam dwa razy to pisze zaczekaj az zakończy sie odinstalowywanie programu i nic
Pomiń to i wykonaj resztę.
zrobiłam tak jak kazałeś 1 dzień było dobrze a teraz znów jest to samo proszę o pomoc 
Pokaż nowe logi z FRST.
To jest log z usuwania.Masz wykonać nowe logi z FRST.
Otwórz notatnik systemowy i wklej:
Task: {4B666413-A3A2-4733-BCD1-86E1D35F32D5} - System32\Tasks\{0046AEC0-EE51-418D-AAC7-EF159DD09E05} = pcalua.exe -a C:\Users\Me\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-07-10 15:45 - 2015-07-10 15:57 - 00000000 ____ D C:\AdwCleaner
2015-07-09 15:00 - 2015-07-09 15:00 - 00003132 _____ C:\WINDOWS\System32\Tasks\{0046AEC0-EE51-418D-AAC7-EF159DD09E05}
2015-07-15 14:37 - 2015-03-01 15:44 - 00000000 ____ D C:\Users\Me\Desktop\FRST-OlderVersion
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Przeskanuj programem Malwarebytes Anti-Malware http://www.malwarebytes.org/8/