[Rozwiązano] Po uruchomieniu komputera otwiera się rosyjska strona z dziewczynami.

Witam. Przy uruchamianiu komputera wyskakuje mi na explorer stronka z rosyjska reklama. Jest to trochę uciążliwe, będę wdzięczny za pomoc. Kombinowałem żeby się tego czegoś pozbyć, antywirusem, anty-malware, lecz nie dało rady. Będę bardzo wdzięczny za pomoc.
Nazwa tej strony hxxp:// gameorplay.info/nextpage.html.
Moja przeglądarka to Internet Explorer.

Odinstaluj:
MyImageConverter Internet Explorer Homepage and New Tab
SpyHunter4 wersja 4.28

Wykonaj Fixlist.txt dla FRST:
CustomCLSID: HKU\S-1-5-21-1877200154-1791478165-3791630935-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\PC\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ContextMenuHandlers2-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
ContextMenuHandlers1_S-1-5-21-1877200154-1791478165-3791630935-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\PC\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
ContextMenuHandlers4_S-1-5-21-1877200154-1791478165-3791630935-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\PC\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
ContextMenuHandlers5_S-1-5-21-1877200154-1791478165-3791630935-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\PC\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku
Task: {07B5B946-3409-4F10-873B-601F508EA373} - System32\Tasks\{1573181A-5B26-4CF1-B124-EF66C9A9DD6F} => C:\Windows\system32\pcalua.exe -a C:\Users\PC\Downloads\gimp-2.0.5-i586-setup.exe -d C:\Users\PC\Downloads




Task: {2DA0AB47-E316-4069-AABE-46F6DEFEC8E5} - System32\Tasks\PC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== UWAGA
Task: {2F2A57AB-44E2-47C1-AF7C-8467EE494953} - System32\Tasks\{DE7E4DD2-2730-48C0-AAED-E0991172AF5D} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {38B0E183-3FB8-4578-BAB4-B3A6E32F2EA2} - System32\Tasks\{A44C88B4-CD0F-4205-A05F-283EE99AE650} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {50276518-5AB2-499A-896B-F1DAC572372E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {792AD6B9-159E-4D09-BD14-6642F1F37B81} - System32\Tasks\{5E204A2D-DF80-4C7A-9467-977888A89A43} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {8EA681E7-4BEB-4D8D-91A7-1F779EBACA0C} - System32\Tasks\{3BB250CA-921C-43D9-987F-203615811B75} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {ACCFE30D-4535-4AA4-939B-1AC87D1FCA26} - System32\Tasks\{D8743488-CBC4-4F9C-831F-A798E2ACA471} => D:\Zainstalowane Gry\Final Fantasy X X-2 HD Remaster\Final Fantasy X X-2 HD Remaster\FFX&X-2_LAUNCHER.exe [2016-05-12] (SQUARE ENIX CO., LTD.)
Task: {AE6212F7-3A33-4814-8BDA-A4954D829F06} - System32\Tasks\{E7C7D81D-F5D1-4342-9896-7F722A82D978} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {AF18D91A-500C-4260-9F22-06C9B91F19F9} - System32\Tasks\{CC08103F-2CB8-4F81-89DA-FA63AEDECAFC} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.30.64.105/pl/abandoninstall?page=tsProgressBar
Task: {D5A5B665-0A06-4A49-9DE0-AE2E6132DCC6} - System32\Tasks\Opera scheduled Autoupdate 1500924887 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe
Task: {EC47DCBE-748A-4F74-B476-A81249637943} - System32\Tasks\{89648B8A-5CD7-4D33-8392-BB1608F188DF} => C:\Windows\system32\pcalua.exe -a "H:\Dane z Komputera\Gry Pc\Gta San Andreas\GTA San Andreas - spolszczenie.exe" -d "H:\Dane z Komputera\Gry Pc\Gta San Andreas"
Task: {F4654952-6667-457A-B6D6-FAC42D506696} - System32\Tasks\{F3C6191B-543F-45B9-B7AF-CFE97C4660C5} => D:\Zainstalowane Gry\Gothic\System\Gothic.exe
Task: {FF685AFA-5E98-4E1D-AEF7-675CE9A9E977} - System32\Tasks\{1D763AB6-8038-4298-9AA2-D1439BE98974} => C:\Windows\system32\pcalua.exe -a D:\Download\MinecraftZyczu.exe -d D:\Download
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [432]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [432]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [432]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\PC\Dane aplikacji:NT [40]
AlternateDataStreams: C:\Users\PC\Dane aplikacji:NT2 [432]
AlternateDataStreams: C:\Users\PC\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\PC\AppData\Roaming:NT2 [432]
HKU\S-1-5-21-1877200154-1791478165-3791630935-1000\...\Run: [PC] => explorer.exe hxxp://exinariuminix.info <==== UWAGA
HKU\S-1-5-21-1877200154-1791478165-3791630935-1000\...\MountPoints2: {81d61d9f-b7e7-11e6-8823-fcaa1472479f} - G:\Startme.exe
HKU\S-1-5-21-1877200154-1791478165-3791630935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAL-PC.scr
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\40qvsxwf.default\user.js [2016-08-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [685752 2017-08-12] (Enigma Software Group USA, LLC.)
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-10-15] ()
U3 a90552t7; C:\Windows\System32\Drivers\a90552t7.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
U3 as426cxv; C:\Windows\System32\Drivers\as426cxv.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 TTDrv; \??\D:\KOPLAYER\vbox\TTDrv.sys [X]
2018-02-17 20:15 - 2018-02-17 21:41 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-02-17 18:50 - 2018-02-17 18:50 - 000001011 _____ C:\Users\PC\Desktop\SpyHunter4.lnk
2018-02-17 18:50 - 2018-02-17 18:50 - 000000000 ____D C:\Program Files\Enigma Software Group
2018-02-17 18:34 - 2018-02-17 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
2018-02-17 18:34 - 2016-10-15 17:29 - 000022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2018-02-17 17:35 - 2018-02-17 17:35 - 000000000 _____ C:\autoexec.bat
2018-02-13 21:55 - 2018-02-13 21:55 - 000000000 ____D C:\Users\PC\AppData\Local\D255FC.tmpd
2018-02-13 21:55 - 2018-02-13 21:55 - 000000000 _____ C:\Users\PC\AppData\Local\D255FC.tmp
2018-02-05 00:34 - 2018-02-05 00:34 - 000003458 _____ C:\Windows\System32\Tasks\PC
2018-02-02 17:54 - 2018-02-02 17:54 - 000000000 _____ C:\Users\PC\Desktop\YourGame.exe
2018-01-30 23:14 - 2018-01-30 23:14 - 000000000 ____D C:\Users\PC\AppData\Local\D2B06C.tmpd
2018-01-30 23:14 - 2018-01-30 23:14 - 000000000 _____ C:\Users\PC\AppData\Local\D2B06C.tmp
2018-01-30 23:13 - 2018-01-30 23:13 - 000000000 ____D C:\Users\PC\AppData\Local\D26D92.tmpd
2018-01-30 23:13 - 2018-01-30 23:13 - 000000000 _____ C:\Users\PC\AppData\Local\D26D92.tmp
2018-01-30 22:51 - 2018-01-30 22:51 - 000000000 ____D C:\Users\PC\AppData\Local\D26EE6.tmpd
2018-01-30 22:51 - 2018-01-30 22:51 - 000000000 _____ C:\Users\PC\AppData\Local\D26EE6.tmp
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 ____D C:\Users\PC\AppData\Local\D2FC83.tmpd
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 ____D C:\Users\PC\AppData\Local\D22548.tmpd
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 _____ C:\Users\PC\AppData\Local\D2FC83.tmp
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 _____ C:\Users\PC\AppData\Local\D22548.tmp
2018-01-30 22:38 - 2018-01-30 22:38 - 000000000 ____D C:\Users\PC\AppData\Local\D22DBF.tmpd
2018-01-30 22:38 - 2018-01-30 22:38 - 000000000 _____ C:\Users\PC\AppData\Local\D22DBF.tmp
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 ____D C:\Users\PC\AppData\Local\D2CAE5.tmpd
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 ____D C:\Users\PC\AppData\Local\D237FA.tmpd
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 _____ C:\Users\PC\AppData\Local\D2CAE5.tmp
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 _____ C:\Users\PC\AppData\Local\D237FA.tmp
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 ____D C:\Users\PC\AppData\Local\D2DBC4.tmpd
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 ____D C:\Users\PC\AppData\Local\D2321F.tmpd
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 _____ C:\Users\PC\AppData\Local\D2DBC4.tmp
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 _____ C:\Users\PC\AppData\Local\D2321F.tmp
2018-01-30 22:21 - 2018-01-30 22:21 - 000000000 ____D C:\Users\PC\AppData\Local\D2263A.tmpd
2018-01-30 22:21 - 2018-01-30 22:21 - 000000000 _____ C:\Users\PC\AppData\Local\D2263A.tmp
2018-01-30 22:12 - 2018-01-30 22:12 - 000000000 ____D C:\Users\PC\AppData\Local\D29512.tmpd
2018-01-30 22:12 - 2018-01-30 22:12 - 000000000 _____ C:\Users\PC\AppData\Local\D29512.tmp
2018-01-30 22:11 - 2018-01-30 22:11 - 000000000 ____D C:\Users\PC\AppData\Local\D266E0.tmpd
2018-01-30 22:11 - 2018-01-30 22:11 - 000000000 _____ C:\Users\PC\AppData\Local\D266E0.tmp
2018-01-30 22:05 - 2018-01-30 22:05 - 000000000 ____D C:\Users\PC\AppData\Local\D2951F.tmpd
2018-01-30 22:05 - 2018-01-30 22:05 - 000000000 _____ C:\Users\PC\AppData\Local\D2951F.tmp
2018-01-30 21:56 - 2018-01-30 21:56 - 000000000 ____D C:\Users\PC\AppData\Local\D2A7A5.tmpd
2018-01-30 21:56 - 2018-01-30 21:56 - 000000000 _____ C:\Users\PC\AppData\Local\D2A7A5.tmp
2018-01-30 21:52 - 2018-01-30 21:52 - 000000000 ____D C:\Users\PC\AppData\Local\D212D4.tmpd
2018-01-30 21:52 - 2018-01-30 21:52 - 000000000 _____ C:\Users\PC\AppData\Local\D212D4.tmp
2018-01-22 23:48 - 2018-01-22 23:48 - 000000000 ____D C:\Users\PC\AppData\Local\D2D420.tmpd
2018-01-22 23:48 - 2018-01-22 23:48 - 000000000 _____ C:\Users\PC\AppData\Local\D2D420.tmp
2018-01-22 21:51 - 2018-01-22 21:51 - 000000000 ____D C:\Users\PC\AppData\Local\D2F98A.tmpd
2018-01-22 21:51 - 2018-01-22 21:51 - 000000000 _____ C:\Users\PC\AppData\Local\D2F98A.tmp
2018-01-22 16:55 - 2018-01-22 16:55 - 000000000 ____D C:\Users\PC\AppData\Local\D219D6.tmpd
2018-01-22 16:55 - 2018-01-22 16:55 - 000000000 _____ C:\Users\PC\AppData\Local\D219D6.tmp
2018-01-21 21:55 - 2018-01-21 21:55 - 000000000 ____D C:\Users\PC\AppData\Local\D237F0.tmpd
2018-01-21 21:55 - 2018-01-21 21:55 - 000000000 _____ C:\Users\PC\AppData\Local\D237F0.tmp
2018-01-30 21:52 - 2018-01-30 21:52 - 000000000 _____ () C:\Users\PC\AppData\Local\D212D4.tmp
2018-01-22 16:55 - 2018-01-22 16:55 - 000000000 _____ () C:\Users\PC\AppData\Local\D219D6.tmp
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 _____ () C:\Users\PC\AppData\Local\D22548.tmp
2018-01-30 22:21 - 2018-01-30 22:21 - 000000000 _____ () C:\Users\PC\AppData\Local\D2263A.tmp
2018-01-30 22:38 - 2018-01-30 22:38 - 000000000 _____ () C:\Users\PC\AppData\Local\D22DBF.tmp
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 _____ () C:\Users\PC\AppData\Local\D2321F.tmp
2018-01-21 21:55 - 2018-01-21 21:55 - 000000000 _____ () C:\Users\PC\AppData\Local\D237F0.tmp
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 _____ () C:\Users\PC\AppData\Local\D237FA.tmp
2018-02-13 21:55 - 2018-02-13 21:55 - 000000000 _____ () C:\Users\PC\AppData\Local\D255FC.tmp
2018-01-30 22:11 - 2018-01-30 22:11 - 000000000 _____ () C:\Users\PC\AppData\Local\D266E0.tmp
2018-01-30 23:13 - 2018-01-30 23:13 - 000000000 _____ () C:\Users\PC\AppData\Local\D26D92.tmp
2018-01-30 22:51 - 2018-01-30 22:51 - 000000000 _____ () C:\Users\PC\AppData\Local\D26EE6.tmp
2018-01-30 22:12 - 2018-01-30 22:12 - 000000000 _____ () C:\Users\PC\AppData\Local\D29512.tmp
2018-01-30 22:05 - 2018-01-30 22:05 - 000000000 _____ () C:\Users\PC\AppData\Local\D2951F.tmp
2018-01-30 21:56 - 2018-01-30 21:56 - 000000000 _____ () C:\Users\PC\AppData\Local\D2A7A5.tmp
2018-01-11 21:40 - 2018-01-11 21:40 - 000000000 _____ () C:\Users\PC\AppData\Local\D2A820.tmp
2018-01-30 23:14 - 2018-01-30 23:14 - 000000000 _____ () C:\Users\PC\AppData\Local\D2B06C.tmp
2018-01-30 22:37 - 2018-01-30 22:37 - 000000000 _____ () C:\Users\PC\AppData\Local\D2CAE5.tmp
2018-01-22 23:48 - 2018-01-22 23:48 - 000000000 _____ () C:\Users\PC\AppData\Local\D2D420.tmp
2018-01-30 22:28 - 2018-01-30 22:28 - 000000000 _____ () C:\Users\PC\AppData\Local\D2DBC4.tmp
2018-01-22 21:51 - 2018-01-22 21:51 - 000000000 _____ () C:\Users\PC\AppData\Local\D2F98A.tmp
2018-01-30 22:50 - 2018-01-30 22:50 - 000000000 _____ () C:\Users\PC\AppData\Local\D2FC83.tmp
EmptyTemp:

Po wykonaniu usun katalog C:\FRST.

Spróbuj zrobić jeszcze skanowanie programem AdwCleaner.

Dzieki za szybka odpowiedz jak znajde chwilke czasu to sprawdze.Na te chwile odinstalowalem SpyHunter 4 lecz MyImageConverter Internet Explorer Homepage and New Tab nie mogę znalesc niemam tego w dodaj usun.

Przepraszam ale jak to zrobić
Wykonaj Fixlist.txt dla FRST.
Dzieki za pomoc.

Otworz notatnik, wklej do niego podana tresc, zapisz pod nazwa Fixlist w katalogu w ktorym masz zapisany frst, uruchom FRST i wybierz Napraw.

Czesc już zrobiłem czy wklejać jakies logi i skanować czyms jeszcze jak pisal kolega Jakubek56 .

Usun katalog C:\FRST.

Uzyj wspomniany AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

To wszystko.

Już zrobione dzięki za pomoc .
Temat do zamkniecia.