Wyskakujące okna/karty z reklamami w przeglądarce

Witam.

Ostatnio podczas korzystania z przeglądarek internetowych co jakiś czas wyskakuje nowa karta, oraz nowe okno z jakąś reklamą spamem. Zmieniła się również strona startowa. Proszę o sprawdzenie logów również pod kątem keyloggerów, gdyż teraz jakoś boję się logować na konto bankowe.

 

OTL: http://wklej.org/hash/cdc4991d5da/

Extras: http://wklej.org/hash/f86399e697b/

 

FRST: http://wklej.org/hash/1160ecad46a/

Addition: http://wklej.org/hash/f7976c7a432/

W panelu sterowania odinstaluj:

HD-V2.1

Lollipop

NetTock

WindowsMangerProtect20.0.0.722

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

Dziękuję :wink:

 

Nowy log FRST: http://wklej.org/hash/67709e018a5/

Odinstaluj RapidMediaConverter.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

Startup: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
FF Extension: HD-V2.1 - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fx4yl5ai.default\Extensions\BGKGT66124770@ZYFBNPM50498512.com [2014-09-07]
FF Extension: No Name - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\fx4yl5ai.default\extensions\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}.xpi []
CHR DefaultSearchKeyword: Default -> istartsurf
CHR DefaultSearchProvider: Default -> istartsurf
CHR DefaultSearchURL: Default -> http://www.istartsurf.com/web/?type=ds&ts=1410080284&from=vtt&uid=HitachiXHTS547575A9E384_J2190059G50Y0CG50Y0CX&q={searchTerms}
CHR Extension: (Quick start) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-07]
C:\AdwCleaner
C:\Users\Mateusz\AppData\Roaming\*.exe
C:\Users\Mateusz\AppData\Local\11559
C:\Users\Mateusz\AppData\Local\Lollipop_09070924
C:\Users\Mateusz\AppData\Roaming\RapidMediaConverter
C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
C:\Users\Mateusz\AppData\Local\RapidMediaConverter
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
C:\Program Files (x86)\RapidMediaConverter
Task: {103617B1-85C0-434A-A265-9CCC926EE29B} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-1 => C:\Program Files (x86)\HD-V2.1\HD-V2.1-codedownloader.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {14D76C14-C4DB-4DB3-A00D-A4E6B150B6DB} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07] (globalUpdate) <==== ATTENTION
Task: {37D2F231-A3AD-41BA-838B-3D2320EB961D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07] (globalUpdate) <==== ATTENTION
Task: {45359F63-5AC1-4629-A943-E274F01B30CD} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-11 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-11.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {82C1294E-810B-4256-83CC-D3C5CDA65D64} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-7 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-7.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {85EF07AA-ABE9-4542-B590-0B2B376FB0C6} - System32\Tasks\LXSYWC => C:\Users\Mateusz\AppData\Roaming\LXSYWC.exe [2014-09-07] (InfoHD-V2.1)
Task: {897356BF-9095-4225-BBC2-6A09C10D6885} - System32\Tasks\0e85def0-cb85-45ac-9426-bb6475f956ad => C:\Program Files (x86)\HD-V2.1\0e85def0-cb85-45ac-9426-bb6475f956ad.exe [2014-09-07] () <==== ATTENTION
Task: {94C85010-1101-4098-802F-A2A86469A571} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-6 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-6.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {9AB0C8A8-3FE9-48B7-B037-0946F495CCAC} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-3 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-3.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {9C8CC534-BACD-41E0-B1A2-ACC9B2DC197C} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-2 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-2.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {B39FB089-C916-4076-9561-0EB8112D93F5} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-5_user => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-5.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {B6CC1DEA-9CC0-4C98-9B12-0EC7566D934F} - System32\Tasks\AmiUpdXp => C:\Users\Mateusz\AppData\Local\11559\a1859.exe [2014-09-07] () <==== ATTENTION
Task: {DF7D2EB2-0ACD-4390-A696-03CE0D0F4EF3} - System32\Tasks\b6871200-4fce-465f-8aaa-c0ac45b69709 => C:\Program Files (x86)\HD-V2.1\b6871200-4fce-465f-8aaa-c0ac45b69709.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {E9CD7EB3-FB65-44F0-A82B-5DD9AB793EC1} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-4 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-4.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: {F09D1774-9029-4AE6-851F-4BC3A0E010A2} - System32\Tasks\VIJCW => C:\Users\Mateusz\AppData\Roaming\VIJCW.exe [2014-09-07] (InfoHD-V2.1)
Task: {F6576032-F098-425C-BB54-5FDFDDD391D6} - System32\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-5 => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-5.exe [2014-09-07] (InfoHD-V2.1) <==== ATTENTION
Task: C:\WINDOWS\Tasks\0e85def0-cb85-45ac-9426-bb6475f956ad.job => C:\Program Files (x86)\HD-V2.1\0e85def0-cb85-45ac-9426-bb6475f956ad.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\Mateusz\AppData\Local\11559\a1859.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b6871200-4fce-465f-8aaa-c0ac45b69709.job => C:\Program Files (x86)\HD-V2.1\b6871200-4fce-465f-8aaa-c0ac45b69709.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-1.job => C:\Program Files (x86)\HD-V2.1\HD-V2.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-11.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-2.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-3.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-4.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-5.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-5_user.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-6.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d763c749-dda0-4d10-85f1-d9cc91924381-7.job => C:\Program Files (x86)\HD-V2.1\d763c749-dda0-4d10-85f1-d9cc91924381-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\LXSYWC.job => C:\Users\Mateusz\AppData\Roaming\LXSYWC.exe
Task: C:\WINDOWS\Tasks\VIJCW.job => C:\Users\Mateusz\AppData\Roaming\VIJCW.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.