Wirusy- otwieraja sie dziwne strony z reklamami zamulony komp

probowalem pousuwac wirusy ale bez skutku wraca wszystko ko kilku chwilach

http://wklej.to/EE5NL

http://wklej.to/XBZx6

http://wklej.to/z51FF

http://wklej.to/0akFZ

dziekuje

 

OdinstalujAVG Security Toolbar,McAfee Security Scan Plus,SpeedUpMyComputer,SUPERAntiSpyware,SupTab,Update for PriceFountain,weDownload Manager Pro.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pokaż nowe logi z FRST.

http://wklej.to/OAQgn

http://wklej.to/aORe7

Otwórz notatnik systemowy i wklej:

Task: {113C4E3C-52A8-4201-8D9B-6CFC0EB230C3} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 ==== ATTENTION
Task: {4DD9118C-208B-415B-A36C-AF0246610DA6} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 ==== ATTENTION
Task: {D1DC69A4-984E-4BB1-8287-CA88EF1014E1} - System32\Tasks\XFF = C:\Users\lukasz\AppData\Roaming\XFF.exe ==== ATTENTION
HKLM-x32\...\Run: [] = [X]
HKLM-x32\...\RunOnce: [BrowserProtector-repairJob] = wscript.exe "C:\Users\lukasz\AppData\Local\BrowserProtector\repair.js" "BrowserProtector-repairJob"
HKU\S-1-5-21-652568747-771590183-92343792-1000\...\Run: [ALLPlayer WiFi Remote] = C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [5052800 2014-01-30] (ALLPlayer Group Ltd.)
IFEO\allplayer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\allplayerremotecontrol.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\allskincreator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\epmstartloader.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\htcupctloader.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\itunes.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\launcher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mydriveconnect.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pccompanion.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\photoproduct.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\quickstart.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sbase.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\scalc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sdraw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\simpress.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\smath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\soffice.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\swriter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall mydriveconnect.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unopkg.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wmdc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wordview.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: weDownload Manager Pro - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll No File
FF Extension: BrowserProtector - C:\Users\lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\f42y5vph.default\Extensions\{3835A3E2-FE60-C529-D8E7-49A1C5A0221C} [2015-01-15]
U3 ayzabtfi; C:\Windows\System32\Drivers\ayzabtfi.sys [0] (Advanced Micro Devices) ==== ATTENTION (zero size file/folder)
S3 cpuz134; \\C:\Users\lukasz\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-01-16 12:26 - 2015-01-16 12:33 - 00000000 ____ D () C:\AdwCleaner
2015-01-15 23:44 - 2015-01-16 10:12 - 00000000 ____ D () C:\Users\lukasz\AppData\Local\BrowserProtector
2015-01-15 23:44 - 2015-01-16 10:07 - 00000000 ____ D () C:\Program Files (x86)\BrowserProtector
2015-01-15 23:44 - 2015-01-15 23:44 - 00000000 ____ D () C:\Users\lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtector
2015-01-03 14:23 - 2015-01-16 12:17 - 00000000 ____ D () C:\ProgramData\McAfee Security Scan
2015-01-16 12:20 - 2014-04-11 11:58 - 00000000 ____ D () C:\Program Files\SUPERAntiSpyware
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Przeskanuj programem Malwarebytes Anti-Malware http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.4.1028.exe

program wykrył 18 problemów usuną je . coś jeszcze zrobić?

Wszystko do kwarantanny.Skasuj folder C:\FRST

W AdwCleaner użyj opcji Odinstaluj.

ok dzieki. mam jeszcze jeden komp z podobnymi obiawami zalozyc nowy temat czy w tym wkleic logi?

Możesz kontynuować w tym temacie.

daje logi z dugiego kompa tu podobne obiawy tylko gorzej

http://wklej.to/OVziF

http://wklej.to/GgcZf

http://wklej.to/lUnic

http://wklej.to/6lTh4

http://wklej.to/yZdDJ

Masa Adware m.in Sense ,  HQ-Video-Pro-2.1cV12.01 , BlockAndSurf

 

Wstępne działania:

 

1.   Do notatnika wklej i zapisz jako  fixlist.txt i  kliknij  Fix  w Interfejsie  FRST

Plik  fixlist.txt  umieść  obok  programu  FRST

CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: HQ-Video-Pro-2.1cV12.01 -> {11111111-1111-1111-1111-110611571183} -> C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\HQ-Video-Pro-2.1cV12.01-bho64.dll (HQ-VideoV12.01)
BHO: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho64.dll (Object Browser)
BHO: BlockAndSurf -> {5D8D0046-A456-F448-403F-BD881B25B664} -> C:\Program Files (x86)\ver0BlockAndSurf\186_x64.dll ()
FF Extension: Sense - C:\Users\lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\zk14iyig.default-1421088714596\Extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com [2015-01-16]
FF Extension: HQ-Video-Pro-2.1cV12.01 - C:\Users\lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\zk14iyig.default-1421088714596\Extensions\KUPPSH47587020@KROSM80190433.com [2015-01-12]
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver0BlockAndSurf\186.xpi [2015-01-12]
R2 servervo; C:\Users\lukasz\AppData\Roaming\VOPackage\VOsrv.exe [133632 2015-01-12] () [File not signed] <==== ATTENTION
2015-01-12 19:51 - 2015-01-16 18:36 - 00000000 ____ D () C:\Users\lukasz\AppData\Roaming\systweak
2015-01-12 19:52 - 2015-01-12 19:52 - 00000000 __SHD () C:\Users\lukasz\AppData\Roaming\AnyProtectEx
2015-01-12 16:48 - 2015-01-12 16:48 - 00000000 ____ D () C:\ProgramData\WindowsMangerProtect
Task: {025C821E-8668-4796-9EAB-EC336C57CC69} - System32\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {061B382E-EAC2-4F24-95D5-62810BCC8874} - System32\Tasks\XFF => C:\Users\lukasz\AppData\Roaming\XFF.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {0A951D74-E989-457C-B33A-9765BCCD1C6E} - System32\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5_user => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {2A706A33-CAA1-4C9C-9C2D-555C24C7689C} - System32\Tasks\Yahoo! Search Updater => C:\Users\lukasz\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrsetup.exe [2015-01-12] (Pay By Ads LTD) <==== ATTENTION
Task: {3B92E5A1-4806-48BB-BD56-40C211823E57} - System32\Tasks\HNNDK => C:\Users\lukasz\AppData\Roaming\HNNDK.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {426BC687-C133-408A-B95B-83775E3C9CFB} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {4F9A955D-77F1-4C7F-9494-7321CBF9114F} - System32\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-2 => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-2.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {56EA6CF9-F1EA-4584-B6B3-24D76C65AA71} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe [2015-01-12] (Goobzo) <==== ATTENTION
Task: {58381628-0F14-47AF-ADFE-B2E0194501D9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-12] (globalUpdate) <==== ATTENTION
Task: {71966C6B-D527-42EA-BF49-60475281ACF8} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {785A56CD-4935-479C-A72C-E42EC6921265} - System32\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-4 => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-4.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {7A7E9ACD-8BCF-42A1-8275-08B3CDACE3A8} - System32\Tasks\TVNNOGJ => C:\Users\lukasz\AppData\Roaming\TVNNOGJ.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {86F1BF76-93AD-4AD7-9054-235E6A39E7E4} - System32\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-5 => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-5.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {87D37D50-01BC-4845-BEAE-A4241DCDD2D7} - System32\Tasks\Yahoo! Search => C:\Users\lukasz\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [2015-01-11] (Pay By Ads LTD) <==== ATTENTION
Task: {8816768D-072C-47F0-AF21-852452684DE3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-12] (globalUpdate) <==== ATTENTION
Task: {8B116D6A-85A1-44B2-AF29-D1E83956AE71} - System32\Tasks\XPBRKDFY => C:\Users\lukasz\AppData\Roaming\XPBRKDFY.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {912E0419-ECF1-49D1-BCC2-E7DE51EFF65F} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {96DCD529-DA60-47B6-BB86-5DB6228C9D79} - System32\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5 => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5.exe [2015-01-12] (Object Browser) <==== ATTENTION
Task: {B9BB20DD-B7BA-479C-99CB-16B6B408703A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {C16F918C-658D-497A-81AD-18F6EEFE8231} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-01-11] (YTDownloader) <==== ATTENTION
Task: {C91097E2-5D59-45FF-B762-7637A5F9AE19} - System32\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-2 => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-2.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {CA1133E6-C166-486A-B0B1-3E02924E59C9} - System32\Tasks\{53692322-5655-47D4-A32B-0B035FAF881B} => pcalua.exe -a C:\Users\lukasz\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor <==== ATTENTION
Task: {CDBECACC-86DE-42B4-A2D1-62AB20D154FF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D77D1C2C-54D5-4B3C-A54D-C0AB8C926F97} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D84E2BFF-E473-4B75-8270-A9F2DB5A97A1} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-01-11] (Goobzo) <==== ATTENTION
Task: {D84E3BB5-9E63-46D3-A402-B5D22A351617} - System32\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-1 => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\HQ-Video-Pro-2.1cV12.01-codedownloader.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {F20EF9DD-0529-48B0-8B52-BEE1C63B595A} - System32\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-4 => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-4.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: {F6AE4AD2-9A81-49AE-827A-05DD86E9D6CE} - System32\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-5_user => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-5.exe [2015-01-12] (HQ-VideoV12.01) <==== ATTENTION
Task: C:\Windows\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-2.job => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-4.job => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5.job => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5_user.job => C:\Program Files (x86)\Sense\55c40db4-6cd6-4b7a-bf73-820db23d90ad-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-1.job => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\HQ-Video-Pro-2.1cV12.01-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-2.job => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-4.job => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-5.job => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\63d57d4a-0d2e-4483-ad2f-69c04986e250-5_user.job => C:\Program Files (x86)\HQ-Video-Pro-2.1cV12.01\63d57d4a-0d2e-4483-ad2f-69c04986e250-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\HNNDK.job => C:\Users\lukasz\AppData\Roaming\HNNDK.exe <==== ATTENTION
Task: C:\Windows\Tasks\TVNNOGJ.job => C:\Users\lukasz\AppData\Roaming\TVNNOGJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\XFF.job => C:\Users\lukasz\AppData\Roaming\XFF.exe <==== ATTENTION
Task: C:\Windows\Tasks\XPBRKDFY.job => C:\Users\lukasz\AppData\Roaming\XPBRKDFY.exe <==== ATTENTION
EmptyTemp:
DeleteQuarantine:
  1. Przez Panel Sterowania Odinstaluj:

HQ-Video-Pro-2.1cV12.01

omiga-plus uninstall

Remote Desktop Access (VuuPC)

Sense

Shopper-Pro

Yahoo! Search

YTDownloader

XTab 

Hold Page

WindowsMangerProtect 

 

 

3. Pobierz  AdwClaner  uruchom go i kliknij  szukaj  a gdy ukatywni się przycisk  usuń  kliknij go.

 

AdwClaner:  http://www.bleepingcomputer.com/download/adwcleaner/

 

4. Wrzuć raport ze skryptu i z  Adwclaner  (Raport z Adwclaner znajduję się w tym folderze: C:\AdwCleaner) + zrób nowe logi z  FRST  (Zaznacz też:  Addition  i  ShortCup )

http://wklej.to/0c9zP

http://wklej.to/ymxil

http://wklej.to/tR8AI

http://wklej.to/ZAakA

http://wklej.to/nrmpp

Poprawkowe Działania:

 

1.   Do notatnika wklej i zapisz jako  fixlist.txt i  kliknij  Fix  w Interfejsie  FRST

Plik  fixlist.txt  umieść  obok  programu  FRST

CloseProcesses:
HKU\S-1-5-21-2745784920-4193742874-3797013687-1001\...\Run: [Yahoo! Search] => C:\Users\lukasz\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Users\lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\zk14iyig.default-1421088714596\extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com [Not Found]
FF Extension: No Name - C:\Users\lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\zk14iyig.default-1421088714596\extensions\KUPPSH47587020@KROSM80190433.com [Not Found]
2015-01-16 18:38 - 2014-12-02 23:46 - 00000000 ____ D () C:\ProgramData\Spybot - Search & Destroy
2015-01-16 18:49 - 2014-12-02 23:46 - 00000000 ____ D () C:\Program Files (x86)\Spybot - Search & Destroy 2
EmptyTemp:
DeleteQuarantine:
  1. Pobierz MalwareBytes Anti-Malware i wykonaj nim pełny skan systemu - wszystko co wykryje poddaj kwarantannie. (Przy instalacji możesz odznaczyć okres testowy na tą chwilę potrzebny jest tylko skaner)

 

MalwareBytes Anti-Malware:  https://www.malwarebytes.org/

 

  1. Raportu (Fixlog) z tego już nie dawaj - Jeżeli problem ustąpił to kończymy jeżeli nie to wrzuć nowe logi z FRST