Prośba o sprawdzenie logów

[tachion]

Odinstaluj:
Java 8 Update 31
Java 8 Update 45

Odinstaluj programy których nie używasz: 
HP 3D DriveGuard
HP CoolSense
HP Documentation
HP DVB-T TV Tuner
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP QuickWeb
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass 2012
HP Software Framework

Do notatnika wklej i zapisz jako fixlist.txt

Kod:

CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3961904883-45433630-1413176399-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3961904883-45433630-1413176399-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3961904883-45433630-1413176399-1001\...\CurrentVersion\Windows: [Load] C:\Users\Q82\LOCALS~1\Temp\mskobzd.bat <===== UWAGA
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  Brak pliku [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Brak pliku
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130880477385613469&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130880477385613469&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3961904883-45433630-1413176399-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130880477385613469&GUID=00000000-0000-0000-0000-000000000000
URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {355018DD-35B1-49E6-B68A-EA286502CDD6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {355018DD-35B1-49E6-B68A-EA286502CDD6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
Toolbar: HKU\S-1-5-21-3961904883-45433630-1413176399-1001 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Brak pliku
CHR Extension: (Avast Online Security) - C:\Users\Q82\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
C:\Windows\system32\Drivers\aswBDF4.tmp
C:\Windows\system32\Drivers\aswC356.tmp
C:\Windows\system32\Drivers\aswC3B4.tmp
C:\Windows\system32\Drivers\aswC8C4.tmp
C:\Windows\system32\Drivers\aswBF3C.tmp
C:\Windows\system32\Drivers\aswC289.tmp
C:\Windows\system32\Drivers\aswC2E7.tmp
C:\Windows\system32\Drivers\aswC22A.tmp
RemoveDirectory: C:\Users\Q82\AppData\Roaming\Mozilla
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Task: {1E382B77-DC59-4341-892D-DE46BE659263} - System32\Tasks\{2324F215-A65D-460C-B60A-02323D0891C1} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {2B95EB01-ED0E-4D77-8165-E20D4B7AFAD1} - System32\Tasks\{5B210BBA-0492-425A-A8C8-95D8AF29121A} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {39D36305-32F5-4308-9128-7F534B53DC14} - System32\Tasks\{AD6FFCD4-D55E-450D-979D-949F1BF86AB6} => pcalua.exe -a C:\Users\Q82\AppData\Local\Temp\DownloadManager.exe -d C:\Users\Q82\Desktop -c "C:\Users\Q82\AppData\Local\Temp\DownloadManager.exe" C:\Users\Q82\AppData\Local\Temp\DownloadManager.exe  /PID=4852 /SUBPID=0 /DISTID=6470 /NETWORDK=1 /CID=0 /PRODUCT_ID=6060 /RETURNING_USER_DAYS=2  /SERVER_URL=hxxp://installer.ppdownload.com
Task: {44A34DFA-39D5-475B-B394-860EC7D25D1B} - System32\Tasks\{491816D8-3743-42E6-AD48-0FEBAAE77A3A} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {62FA8B43-2BDB-4E8A-8366-03A9A38D41DF} - System32\Tasks\{668830E7-9A38-4FE8-8798-435615B0EA05} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {7013D616-22E2-4595-9B62-1E357834FCEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {75959AE6-66A0-4D1E-AA53-DEE6DBD0B3A8} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-Q82-HP => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {9864DF4B-1357-4F3B-A50E-794C903F4CF7} - System32\Tasks\{59C517E0-FAA4-4EEB-95F0-BFE08B529894} => pcalua.exe -a "C:\Users\Q82\Desktop\Nowy folder\FootballManager2014.exe" -d "C:\Users\Q82\Desktop\Nowy folder"
Task: {BFF4E756-CD1D-42BB-BACF-344E0F9E1B68} - System32\Tasks\{11190429-4AEF-4327-AF67-0555B6608760} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {C928856E-1F62-420D-A3D4-45E3D2C64246} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
Task: {CDC342F6-398A-4D5C-819E-358C087984AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {DC0925B5-9767-448E-A5CA-F788FADF5DD2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {DEDEF5BA-3E49-48CB-99E7-DAAF5DC14C87} - System32\Tasks\{E577A36B-59F2-46EB-BB9D-922A15477411} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {E03805C1-071B-4A7A-BDCD-6A5DA0FE459B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {F8428F0E-9312-4F05-ADD7-D3AD2C80B74A} - System32\Tasks\{880E2B69-5C5A-4623-956F-55D2CB7106C1} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKCU\Software\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files (x86)\Common Files"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\Q82\AppData\Local
CMD: dir /a C:\Users\Q82\AppData\LocalLow
CMD: dir /a C:\Users\Q82\AppData\Roaming
CMD: netsh advfirewall reset
EmptyTemp:

Zapisany skrypt umieść obok ściągniętego programu FRST 
Następnie w programie kliknij Napraw. Po wykonaniu pokaż raport z tego działania.

Ściągnij program

[Aby zobaczyć linki, zarejestruj się tutaj]

uruchom, kliknij Skanuj i następnie Usuń

Pokaż raport z tego działania.

Zrób nowe logi i przedstaw z FRST.txt > Addition.txt