Shiny

Loga po 1 instrukcji nie mogę wrzucić, nie wiem czemu. Oto kod: All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-205586509-1478516020-4212114400-1000\Software\Microsoft\Windows\CurrentVersion\Run\\achxthn deleted successfully. C:\Users\warsztat\AppData\Local\yqspbq.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-205586509-1478516020-4212114400-1000\Software\Microsoft\Windows\CurrentVersion\Run\\krasv deleted successfully. C:\Windows\krasv.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-205586509-1478516020-4212114400-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Windows System deleted successfully. C:\Users\warsztat\P-7-78-8964-9648-3874\windll.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-205586509-1478516020-4212114400-1000\Software\Microsoft\Windows\CurrentVersion\Run\\taskmsr deleted successfully. C:\Users\warsztat\AppData\Roaming\taskmsr\taskmsr.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-205586509-1478516020-4212114400-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Login access deleted successfully. C:\Users\warsztat\AppData\Roaming\web2net.exe moved successfully. C:\Users\warsztat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wejho.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully. C:\Users\warsztat\AppData\Roaming\taskmsr folder moved successfully. C:\Users\warsztat\P-7-78-8964-9648-3874 folder moved successfully. C:\Users\warsztat\AppData\Roaming\nservice32.exe moved successfully. C:\Users\warsztat\AppData\Roaming\Mozilla\Firefox\Profiles\o93w3c8q.default\searchplugins\search.xml moved successfully. Prefs.js: "http://domredi.com/1/" removed from browser.startup.homepage Prefs.js: "http://www.bigseekpro.com/search/toolbar/hypercam/{98A32B86-ECBF-4F1A-9556-375700820596}?q=" removed from keyword.URL Prefs.js: "http://www.premierarticles.info" removed from browser.startup.homepage ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{DBCEE391-A0C3-482E-B5F5-85EE4B223AB9}" /E : value set successfully! Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: warsztat ->Temp folder emptied: 1022311123 bytes ->Temporary Internet Files folder emptied: 31604723 bytes ->Java cache emptied: 19353172 bytes ->FireFox cache emptied: 87880269 bytes ->Google Chrome cache emptied: 240062118 bytes ->Flash cache emptied: 35450738 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 326265984 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1 681,00 mb OTL by OldTimer - Version 3.2.53.0 log created on 06282012_144248 Files\Folders moved on Reboot... C:\Users\warsztat\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\warsztat\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Kolejno dodaje następne logi w załącznikach. Serdecznie dziękuje za pomoc AdwCleanerS1.txt OTL.Txt

Dodaje logi. OTL.Txt Extras.Txt

Witam! Wiem, wiem, jest strasznie wiele tematów na ten temat, ale jakoś nie mogę sobie poradzić z pozbyciem się tego świństwa. Komunikat o blokadzie pojawił się wczoraj, jednak troszeczkę różni się od tych zalanych w internecie (nie ma znaku policji). Mam Windowsa 7 i możliwość odpalenia trybem wierszy i trybem awaryjnym. Trochę jestem zielony w tych sprawach, pierwszy raz próbuje zwalczyć wirusa więc nie wiem dokładnie jak to działa. Prosiłbym o dokładne wytłumaczenie, co i jak bo naprawdę próbowałem, ale kiepsko mi to wychodzi. Z Góry Dziękuje i Pozdrawiam,