Witam

Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

Raporty umieść na http://wklej.org/ i podaj link.

FRST:

Otwórz notatnik systemowy i wklej:

Task: {33D0DA70-C2B7-4729-8C4A-ECC28D9FC218} - System32\Tasks\YUQVD = C:\Users\user\AppData\Roaming\YUQVD.exe [2014-12-24] (Qwerty) ==== ATTENTION
Task: C:\Windows\Tasks\YUQVD.job = C:\Users\user\AppData\Roaming\YUQVD.exe ==== ATTENTION
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKU\S-1-5-21-4232318325-2481902409-3645321654-1000\...\MountPoints2: {0919e440-8b58-11e4-be37-50e5493880d2} - E:\setup.exe
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR StartupUrls: Default - "hxxp://isearch.omiga-plus.com/?type=hpts=1419416843from=ilduid=ST3250620NS_9QE3PXW1XXXX9QE3PXW1"
S3 gdrv; \\C:\Windows\gdrv.sys [X]
2014-12-24 12:35 - 2014-12-24 13:04 - 00000000 ____ D () C:\AdwCleaner
2014-12-24 11:26 - 2014-12-24 13:06 - 00001332 _____ () C:\Windows\Tasks\YUQVD.job
2014-12-24 11:26 - 2014-12-24 11:26 - 01815520 _____ (Qwerty) C:\Users\user\AppData\Roaming\YUQVD.exe
2014-12-24 11:26 - 2014-12-24 11:26 - 00004366 _____ () C:\Windows\System32\Tasks\YUQVD
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.