Witam.

   Zaraz po włączeniu komputera pojawia się cmd.exe i zaraz po tym odpala się ta oto stronka. http://gangnamgame.net 

http://www.wklej.org/id/1798165/

http://www.wklej.org/id/1798166/

http://www.wklej.org/id/1798167/

 Proszę o pomoc.

Otwórz notatnik systemowy i wklej:

Task: {A0231D11-E69F-488E-9952-1B0C016EC198} - System32\Tasks\0614tUpdateInfo = C:\ProgramData\Avg_Update_0614t\0614t_AVG-Secure-Search-Update.exe [2014-07-03] ()
Task: {EE8E998F-9171-4E32-9E98-840468C7AC3D} - System32\Tasks\{69D35603-FF67-4737-A44F-5B411494FE86} = pcalua.exe -a C:\Users\Paweł\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: C:\Windows\Tasks\0614tUpdateInfo.job = C:\ProgramData\Avg_Update_0614t\0614t_AVG-Secure-Search-Update.exe
HKLM-x32\...\Run: [CMD] = cmd.exe /c start http://gangnamgame.org exit
HKU\S-1-5-21-29079470-672811852-2171392520-1000\...\Run: [Akamai NetSession Interface] = "C:\Users\Paweł\AppData\Local\Akamai\netsession_win.exe"
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
HKU\S-1-5-21-29079470-672811852-2171392520-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={2E600758-57BA-49A6-B8E9-51FB7C481CEB}mid=de86a654166447d2b04a2ba4cd11abdd-ad1491be2ce6c122f6b66faa90e70c2decf7d34clang=plds=AVGcoid=avgtbavgcmpid=1214tbpr=frd=2014-11-12 17:49:59v=4.1.4.948pid=wtusg=sap=hp
SearchScopes: HKU\S-1-5-21-29079470-672811852-2171392520-1000 - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={2E600758-57BA-49A6-B8E9-51FB7C481CEB}mid=de86a654166447d2b04a2ba4cd11abdd-ad1491be2ce6c122f6b66faa90e70c2decf7d34clang=plds=AVGcoid=avgtbavgcmpid=0715tbpr=frd=2014-11-12 17:49:59v=4.1.4.948pid=wtusg=sap=dspq={searchTerms}
FF SearchPlugin: C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\2zkjalu4.default-1415560311936\searchplugins\avg-secure-search.xml [2015-07-25]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-08-24]
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-24] (AVG Secure Search)
S3 AsrSetupDrv; \\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \\C:\Windows\xhunter1.sys [X]
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Dzieki serdeczne za pomoc

Skasuj folder C:\FRST