Witam prosze o sprawdzenia loga
OTL
Hijack :
Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.
Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.
Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.
Odinstaluj ExstraCouppoon,Genesis,Lollipop.Otwórz Notatnik i wklej:
Task: {02ED91BF-A418-4214-8F40-206CF0E6C700} - \globalUpdateUpdateTaskMachineUA No Task File ==== ATTENTION
Task: {127BC028-8780-45C3-9D76-D0F575FCD8E8} - \3b4e583e-627b-4577-847b-29c2b0697d62-5 No Task File ==== ATTENTION
Task: {2688CAAF-DAE8-43A7-A411-2981BE906092} - \3b4e583e-627b-4577-847b-29c2b0697d62-2 No Task File ==== ATTENTION
Task: {55B477AE-66DA-42EA-9121-33190F505308} - \3b4e583e-627b-4577-847b-29c2b0697d62-11 No Task File ==== ATTENTION
Task: {5C4FF792-2CE8-43E0-9B82-86C5E07FB03D} - \PutLockerDownloader V6.0-firefoxinstaller No Task File ==== ATTENTION
Task: {643BE897-F8BB-485C-8366-331AEACEEC74} - \3b4e583e-627b-4577-847b-29c2b0697d62-1 No Task File ==== ATTENTION
Task: {6C566868-993C-4F97-8EC5-2B336854888C} - \3b4e583e-627b-4577-847b-29c2b0697d62-4 No Task File ==== ATTENTION
Task: {735AC659-A0B9-4497-8E3A-E4287ED2E71E} - \PutLockerDownloader V6.0-updater No Task File ==== ATTENTION
Task: {83D2B576-32A1-49A5-9C7D-749A03640A4B} - System32\Tasks\SO_Booster-S-4675958519 = c:\programdata\blueocean\so_booster\SO_Booster.exe [2014-06-26] () ==== ATTENTION
Task: {AA007C51-B674-4FB6-A3D1-A94BA2E37AC6} - \globalUpdateUpdateTaskMachineCore No Task File ==== ATTENTION
Task: {CACCAEC6-CFAD-4C75-B577-49989469629A} - \SW-Booster-S-552427235 No Task File ==== ATTENTION
Task: C:\Windows\Tasks\SO_Booster-S-4675958519.job = c:\programdata\blueocean\so_booster\SO_Booster.exe ==== ATTENTION
HKLM-x32\...\Run: [fst_pl_144] = [X]
HKLM-x32\...\Run: [t4pc_en_7] = [X]
HKU\S-1-5-21-218251939-728255386-749680256-1001\...\Run: [lollipop_05120822] = "c:\users\root\appdata\local\lollipop\lollipop_05120822.exe" lollipop_05120822
HKU\S-1-5-21-218251939-728255386-749680256-1001\...\Run: [genesis_06270603] = c:\users\root\appdata\local\genesis_06270603\genesis_06270603.exe [2699264 2014-06-27] ()
HKU\S-1-5-21-218251939-728255386-749680256-1001\...\Policies\Explorer: []
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL = C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-06-10] ()
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll = c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-06-10] ()
ShortcutTarget: genesis_06270603.lnk - C:\Users\root\AppData\Local\Genesis_06270603\Genesis_06270603.exe ()
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Adblocker - {81CA7433-F301-0855-5E5C-E37E5B600F74} - C:\Program Files (x86)\Adblocker\JHL.dll No File
CHR Extension: (MySearch) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\micnnhldnkfacjlmejopgcdfflegblad [2014-06-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
S2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-06-10] () [File not signed]
2014-06-27 08:15 - 2014-06-27 08:15 - 00000000 ____ D () C:\Program Files (x86)\V-9.1HD
2014-06-27 08:04 - 2014-06-27 08:14 - 00000000 ____ D () C:\Program Files (x86)\fst_pl_144
2014-06-27 08:03 - 2014-06-28 18:21 - 00000000 ____ D () C:\Users\root\AppData\Local\Genesis_06270603
2014-06-26 21:31 - 2014-06-26 21:31 - 00000000 ____ D () C:\ProgramData\MySearch
2014-06-26 21:31 - 2014-06-26 21:31 - 00000000 ____ D () C:\Program Files (x86)\MySearch
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\root\AppData\Local\Google
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\root\AppData\Local\Comodo
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\HomeGroupUser$
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\GoĹÄ\AppData\Local\Google
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\GoĹÄ\AppData\Local\Comodo
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\GoĹÄ
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Google
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-26 21:29 - 2014-06-27 07:55 - 00000000 ____ D () C:\ProgramData\InstallMate
2014-06-10 14:40 - 2014-06-10 14:40 - 00000000 ____ D () C:\Users\root\AppData\Local\Packages
2014-06-10 14:20 - 2014-06-10 14:20 - 00000000 ____ D () C:\ProgramData\Fast And Safe
2014-06-28 18:17 - 2014-05-12 11:57 - 00000000 ____ D () C:\AdwCleaner
C:\Users\root\cygusb0.dll
C:\Users\root\cygwin1.dll
C:\Users\root\ftd2xx.dll
C:\Users\root\install_giveio.bat
C:\Users\root\libusb0.dll
C:\Users\root\remove_giveio.bat
C:\Users\root\status_giveio.bat
C:\Users\root\AppData\Local\Temp\*.exe
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Skasuj folder C:\FRST
Użyj http://www.bleepingcomputer.com/download/tfc/ (uruchom TFC i kliknij Start).
Bardzo dziękuję reklamy znikneły