Problem z reklamami

Dla specjalistów Bezpieczeństwo
#1

Witam. Mam problem, złapałem jakiegoś wirusa i bez przerwy wyskakują mi rekla my.

 

http://www.wklejto.pl/213891 

http://www.wklejto.pl/213893 

http://www.wklejto.pl/213894 

 

Czy to wystarczy czy muszę zrobić coś jeszcze?

Z góry dzięki wszystkim za pomoc.

Addition.txt

FRST.txt

OTL.Txt

#2

Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.Pokaż nowe logi z FRST.

#3

nowe logi: http://www.wklejto.pl/213896

#4

Otwórz Notatnik i wklej:

HKU\S-1-5-18\...\Run: [Optimizer Pro] = C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
ShortcutTarget: rvlkl.lnk - C:\Program Files (x86)\keylogger\rvlkl.exe (No File)
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459gct=hpd=488-210v=a13350-409t=4
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=210systemid=488v=a13350-409apn_uid=4433576439524569apn_dtid=TCH001o=APN11459apn_ptnrs=AG1q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=210systemid=488v=a13350-409apn_uid=4433576439524569apn_dtid=TCH001o=APN11459apn_ptnrs=AG1q={searchTerms}
SearchScopes: HKCU - {0CEDB358-34FB-477E-89EF-BDBA1BF68812} URL = http://search.softonic.com/MON00084/tb_v1?q={searchTerms}SearchSource=4cc=
SearchScopes: HKCU - {7759890F-2C4B-4C8B-8768-6CAAB02F8986} URL = http://startsear.ch/?aff=1src=spcf=afa16129-19ee-11e1-a717-90a4de1de253q={searchTerms}
SearchScopes: HKCU - {877F46FF-184E-4BA3-8851-961E07D848C2} URL = http://www.idg.pl?q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=210systemid=488v=a13350-409apn_uid=4433576439524569apn_dtid=TCH001o=APN11459apn_ptnrs=AG1q={searchTerms}
BHO-x32: myCoups - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Bartek\AppData\Local\myCoups\temp.dat ()
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
FF SearchPlugin: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\pvuxzavj.default\searchplugins\absearch-search.xml
FF SearchPlugin: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\pvuxzavj.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: NetVideoHunter - C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\pvuxzavj.default\Extensions\netvideohunter@netvideohunter.com [2014-07-29]
FF Extension: 19503e42ca3c4c27b1e29cdb2170ee34 - C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\pvuxzavj.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2014-10-27]
FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\pvuxzavj.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011-11-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
CHR Extension: (kikeacjcceacohckgiajooneiabebfjj) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikeacjcceacohckgiajooneiabebfjj [2014-10-27]
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [X]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 MREMP50a64; \\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 xhunter1; \\C:\windows\xhunter1.sys [X]
2014-10-27 17:58 - 2014-10-27 17:59 - 00000000 ____ D () C:\AdwCleaner
2014-10-23 08:54 - 2014-10-23 17:41 - 00000000 ____ D () C:\Program Files (x86)\Optimizer Pro
2014-10-23 07:23 - 2014-10-23 07:23 - 00001340 _____ () C:\windows\Tasks\SXDUB.job
2014-10-23 07:22 - 2014-10-23 07:22 - 00001342 _____ () C:\windows\Tasks\YGNQIZ.job
2014-10-23 04:39 - 2014-10-27 16:07 - 00000000 ____ D () C:\Program Files (x86)\globalUpdate
2014-10-23 04:39 - 2014-10-23 04:39 - 00000000 ____ D () C:\Users\Bartek\AppData\Local\globalUpdate
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

#5

Wielkie dzięki, pomogło.

#6

Skasuj folder C:\FRST