Wirusy po instalowaniu YAC masa reklam

Witam

Proszę o sprawdzenie logów 

YAC odinstalowałem z poziomu Windowsa ale nie wiem, czy nie zostały jeszcze jakieś śmieci. komputer trochę przymula.

 http://wklej.org/id/1711289/ Shortcut.txt

http://wklej.org/id/1711295/ Addition.txt

http://wklej.org/id/1711298/ FRST.txt.txt

Otwórz notatnik systemowy i wklej:

Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job = C:\WINDOWS\system32\xp_eos.exe
HKLM\...\Run: [RTHDCPL] = C:\WINDOWS\RTHDCPL.EXE [16248320 2013-09-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] = C:\WINDOWS\SkyTel.EXE [2879488 2013-09-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] = C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2013-09-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] = C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] = %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-448539723-2139871995-1177238915-1003\...\MountPoints2: {a78ac5fe-8a4e-11e3-8e63-0016d45cb16b} - F:\AutoRun.exe
HKU\S-1-5-21-448539723-2139871995-1177238915-1003\...\MountPoints2: {f189bde2-6fb7-11e3-8df1-0016d45cb16b} - F:\AutoRun.exe
HKU\S-1-5-21-448539723-2139871995-1177238915-1003\...\MountPoints2: {f189bde5-6fb7-11e3-8df1-0016cfb2524b} - F:\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-21-448539723-2139871995-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
HKU\S-1-5-21-448539723-2139871995-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
SearchScopes: HKU\S-1-5-21-448539723-2139871995-1177238915-1003 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=pr_8117e40b-7192-4986-b488-21ad411616f2q={searchTerms}
SearchScopes: HKU\S-1-5-21-448539723-2139871995-1177238915-1003 - {962AC2A5-9EE2-4025-838A-EDE900503B18} URL = http://rts.dsrlte.com/?affID=naq={searchTerms}r=440
FF NewTab: hxxp://search.yac.mx/?utm_source=butm_medium=iSafefrom=iSafeuid=hitachixhts541212h9at00_hp0400beg9mgsag9mgsax
FF SearchPlugin: C:\Documents and Settings\aa\Dane aplikacji\Mozilla\Firefox\Profiles\hdlblho9.default\searchplugins\dsrlte.xml [2015-01-06]
FF SearchPlugin: C:\Documents and Settings\aa\Dane aplikacji\Mozilla\Firefox\Profiles\hdlblho9.default\searchplugins\keepmysearch.xml [2014-06-24]
FF SearchPlugin: C:\Documents and Settings\aa\Dane aplikacji\Mozilla\Firefox\Profiles\hdlblho9.default\searchplugins\search-simple.xml [2015-03-19]
FF Extension: xRocket Toolbar - C:\Documents and Settings\aa\Dane aplikacji\Mozilla\Firefox\Profiles\hdlblho9.default\Extensions\arthurj8283@gmail.com [2015-05-09]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\aa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR HKLM\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [Not Found]
R2 MaintainerSvc3.60.7903455; C:\Documents and Settings\All Users\Dane aplikacji\9da7836e-08a2-4521-927d-d48b90cc42b6\maintainer.exe [128288 2015-05-14] ()
R1 {4cd43b17-66da-4083-84a6-95351168df77}Gt; C:\WINDOWS\System32\drivers\{4cd43b17-66da-4083-84a6-95351168df77}Gt.sys [55872 2015-05-11] (StdLib)
R1 {720fcc5f-8c2d-493b-9002-0b9451870f11}t; C:\WINDOWS\System32\drivers\{720fcc5f-8c2d-493b-9002-0b9451870f11}t.sys [55872 2014-11-27] (StdLib)
R1 {7f2b4ad0-671a-477b-bcd4-79d041f50d27}t; C:\WINDOWS\System32\drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys [55232 2014-04-24] (StdLib)
R1 {fa3b34ca-0c65-4a8c-a90c-6a59b07fd3e2}t; C:\WINDOWS\System32\drivers\{fa3b34ca-0c65-4a8c-a90c-6a59b07fd3e2}t.sys [55872 2014-11-28] (StdLib)
S4 IntelIde; No ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; No ImagePath
2015-05-09 14:44 - 2015-04-17 04:43 - 00056232 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeNetFilter.sys
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.