malware, adware i inne...

[sarschien]

Hej, Avast przy skanowaniu podczas uruchomienia komputera wykrył bardzo dużo wirusów... Większość z nich to jest malware-gen i adware-gen [PUP] (czy jakoś tak). One są umieszczone w plikach systemowych chyba. Czy może mi ktoś pomóc z tym? Nie mam pojęcia co robić, a wolałabym uniknąć formatowania komputera.

To są logi...
Dostępne tylko dla zarejestrowanych użytkowników - FRST
Dostępne tylko dla zarejestrowanych użytkowników - addition
Dostępne tylko dla zarejestrowanych użytkowników - shortcut

I nie mam pojęcia co dalej robić...

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
S1 ccnfd_1_10_0_5; system32\drivers\ccnfd_1_10_0_5.sys [X]
S3 DIRECTIO; \??\C:\Users\Administrator\Desktop\BurnInTest-7\DirectIo.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-26] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-26] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-26] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-26] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-26] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-16] (Elex do Brasil Participações Ltda)
C:\Windows\System32\DRIVERS\iSafeNetFilter.sys
C:\Program Files (x86)\Elex-tech
C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys
S3 tor; "C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051" [X]
S2 Util Solution Real; "C:\Program Files (x86)\Solution Real\bin\utilSolutionReal.exe" [X]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-26] (Elex do Brasil Participações Ltda)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
C:\Users\Sara\AppData\Local\Temp\ccex.crx
C:\Program Files (x86)\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx
C:\Program Files (x86)\Google\Chrome\User Data\Default\Extensions\serach.crx
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Sara\AppData\Local\Temp\ccex.crx [Not Found]
CHR Extension: (Quick start) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2015-02-02]
CHR HKLM-x32\...\Chrome\Extension: [bpeeepmahhfjiediknjejcmcfmjcjdck] - C:\Program Files (x86)\Google\Chrome\User Data\Default\Extensions\serach.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dkdkpmmkgdbglmfmmmmehbkmnkopingb] - C:\Program Files (x86)\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx [Not Found]
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=ir ... 833477&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
FF HKU\S-1-5-21-3324770256-1554048312-283934608-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF user.js: detected! => C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\0ggkyv5h.default-1395601001065\user.js
FF SearchPlugin: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\0ggkyv5h.default-1395601001065\searchplugins\woolik.xml
FF Extension: Plus-HD-9.1c - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\0ggkyv5h.default-1395601001065\Extensions\EXONUDC1159428@DGG30572216.com [2015-01-11]
FF Extension: flashbugcoursevectorcom - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\0ggkyv5h.default-1395601001065\Extensions\flashbug@coursevector.com [2014-08-31]
FF Extension: HD-Total-1.1c - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\0ggkyv5h.default-1395601001065\Extensions\randlphtim@hotmail.com [2015-01-11]
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
BHO-x32: No Name -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> No File
Toolbar: HKU\S-1-5-21-3324770256-1554048312-283934608-1002 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3324770256-1554048312-283934608-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM-x32\...\Run: [] => [X]
C:\Windows\system32\*.log
C:\Windows\*.log
2015-02-02 18:58 - 2015-02-02 18:58 - 00721568 _____ (malavida) C:\Users\Sara\Downloads\Malavida_Download_Manager.exe
2015-02-02 18:55 - 2015-02-02 18:55 - 00003390 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002
2015-02-02 18:52 - 2015-02-02 18:52 - 00003432 _____ () C:\Windows\System32\Tasks\RealDownloader Update Check
2015-02-02 18:51 - 2015-02-02 18:51 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002
2015-02-02 18:51 - 2015-02-02 18:51 - 00003234 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3324770256-1554048312-283934608-1002
2015-02-02 15:44 - 2015-02-03 12:49 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 15:44 - 2015-02-03 12:41 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 15:44 - 2015-02-02 15:44 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-02 15:44 - 2015-02-02 15:44 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-02 14:55 - 2015-02-02 14:55 - 00001862 _____ () C:\Users\Sara\Desktop\YAC.lnk
2015-02-02 14:55 - 2015-02-02 14:55 - 00000000 ____D () C:\Windows\system32\log
2015-02-02 14:55 - 2015-02-02 14:55 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Elex-tech
2015-02-02 14:55 - 2015-02-02 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-02-02 14:55 - 2015-02-02 14:55 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-02-02 14:55 - 2015-01-26 08:39 - 00045224 _____ (Elex do Brasil Participaçþes Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-02-02 14:55 - 2015-01-16 11:32 - 00052392 _____ (Elex do Brasil Participaçþes Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-02-02 14:54 - 2015-02-02 19:15 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\eCyber
2015-02-02 14:53 - 2015-02-02 14:54 - 01999600 _____ (Elex do Brasil Participaçþes Ltda) C:\Users\Sara\Downloads\yet_another_cleaner_sk_179590.exe
2015-01-18 15:37 - 2015-02-02 15:31 - 00003214 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3324770256-1554048312-283934608-1002
2015-01-18 15:37 - 2015-02-02 15:30 - 00003350 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002
2015-01-09 15:40 - 2015-01-09 15:40 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieUserList
2015-01-09 15:40 - 2015-01-09 15:40 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieSiteList
2015-01-09 15:40 - 2015-01-09 15:40 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieBrowserModeList
2015-01-09 15:33 - 2015-01-09 15:33 - 00003152 _____ () C:\Windows\System32\Tasks\{BA4B4B15-5329-4702-87A5-7BAB6D2590C2}
2015-02-02 15:32 - 2012-04-03 17:23 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 15:31 - 2014-09-06 11:47 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-02 15:31 - 2014-08-28 02:48 - 00003158 _____ () C:\Windows\System32\Tasks\{B4625331-0465-4C53-9E42-B8E7A7B4292F}
2015-02-02 15:31 - 2012-11-01 23:28 - 00002976 _____ () C:\Windows\System32\Tasks\{852EF63A-0502-4CC3-8A96-28D1263D97DF}
2015-02-02 15:31 - 2012-10-14 21:17 - 00002976 _____ () C:\Windows\System32\Tasks\{6219F00C-8A8E-42C6-A62F-E32DD853403E}
2015-02-02 15:31 - 2012-10-10 18:45 - 00002976 _____ () C:\Windows\System32\Tasks\{41AC17EA-E8FA-4070-99EE-2B135603BBAA}
2015-02-02 15:31 - 2012-10-10 18:44 - 00002976 _____ () C:\Windows\System32\Tasks\{2F92EA3D-4B8B-4E3C-9701-AC7D5C0E4C2F}
2015-02-02 15:31 - 2012-04-08 17:19 - 00003142 _____ () C:\Windows\System32\Tasks\{09E0AD75-C223-4B0B-875F-989E715677FE}
2015-02-02 15:31 - 2012-04-03 17:23 - 00003870 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-02 15:31 - 2012-02-12 21:44 - 00003042 _____ () C:\Windows\System32\Tasks\{52E9B004-D3C8-479D-96FC-F0C924EB00DE}
2015-02-02 15:31 - 2009-07-14 06:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-02 15:30 - 2014-12-05 17:07 - 00003622 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 5520 series
2015-02-02 15:30 - 2014-11-12 22:13 - 00003884 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415826826
2015-02-02 15:30 - 2013-09-20 15:11 - 00002976 _____ () C:\Windows\System32\Tasks\{4381454F-1837-4BCF-B292-B18772EA3F05}
2015-02-02 15:30 - 2013-03-10 15:29 - 00003984 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4983993E-B682-4EA0-9514-1D9E5A8874A9}
2015-02-02 15:30 - 2012-11-11 12:34 - 00003232 _____ () C:\Windows\System32\Tasks\SidebarExecute
2015-02-02 15:30 - 2012-07-19 21:24 - 00003218 _____ () C:\Windows\System32\Tasks\{70CB90FD-9E5F-4004-84A3-3A18CC5F77CF}
Task: {01F9D6B8-AB76-41DD-9344-F78166B86AFE} - System32\Tasks\{168B4C3D-5019-46DD-B945-2E01A27297C7} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|15.0
Task: {02950708-53D6-4403-A8E6-EBF7846B8619} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {0B371CEA-0622-4F1B-BCFA-3E71260ADD70} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {191C83F4-2850-41B2-AAC6-2D4995F941AB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324770256-1554048312-283934608-1002Core => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {1FE5F2A8-FA74-4846-A676-3A23A81F5F58} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {31A76F83-7B2C-4DC2-8C3E-52BDEF4E2782} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {3BE75B0B-5185-448A-A40B-461A167629AC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324770256-1554048312-283934608-1002UA => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {3C8C0E94-4849-48C2-AE64-2ED48BC15D05} - System32\Tasks\{6219F00C-8A8E-42C6-A62F-E32DD853403E} => Firefox.exe
Task: {40BA331C-A443-41E4-B9F1-C0D41759FBAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {44F91136-8A26-48DF-821B-242F5EC5E48F} - System32\Tasks\{4381454F-1837-4BCF-B292-B18772EA3F05} => Firefox.exe
Task: {533EA17D-892D-42AB-9F2A-DF9EB38FC08B} - System32\Tasks\{52E9B004-D3C8-479D-96FC-F0C924EB00DE} => pcalua.exe -a J:\SETUP.EXE -d J:\
Task: {67297432-4741-433E-B766-3C0703AC51F8} - System32\Tasks\Opera scheduled Autoupdate 1415826826 => C:\Program Files (x86)\Opera\launcher.exe [2015-01-23] (Opera Software)
Task: {69534AA8-75DE-4C81-AA31-9CD71B9D850B} - System32\Tasks\{73F82FAD-8BB1-4A5A-BDAD-E89A09D6B9E9} => C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
Task: {6D178FE5-3E86-4E7C-895F-7164DFAF1A11} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3324770256-1554048312-283934608-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {6D7A21F7-DE55-48AC-B164-30DA43C5F945} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {72C8EC79-A46B-448C-8756-79D1FAB135A3} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {76D5FE56-AF1A-4D0A-B8E7-AF3C03DCA808} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {77AAB1DA-2D45-4B8B-89C6-B2EFE015ED3F} - System32\Tasks\{B132F5EB-638D-4981-BF33-5CA321D5857B} => Firefox.exe
Task: {7FE92DC7-BBF4-4200-87A2-007A28D704EF} - System32\Tasks\{2F92EA3D-4B8B-4E3C-9701-AC7D5C0E4C2F} => Firefox.exe
Task: {8199700E-CFE2-4014-88D9-1E4A7BDCCB3D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3324770256-1554048312-283934608-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {8C4D3590-E800-4F90-BE03-90DA4F7DB139} - System32\Tasks\{BA50C6ED-669F-482D-AE9C-0837AE9EE5D0} => pcalua.exe -a "C:\Users\Sara\Desktop\Dungeon Siege 2.exe" -d C:\Users\Sara\Desktop
Task: {9648E4E0-9BE9-4EBA-ACB3-EA75B0D198EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {9F4B768F-873A-40CB-AE7F-2551EC8A9530} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3324770256-1554048312-283934608-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {A35B78DF-BD94-4203-977B-9D3ACC8F2845} - System32\Tasks\{41AC17EA-E8FA-4070-99EE-2B135603BBAA} => Firefox.exe
Task: {B0EC61BB-CAAF-424D-BE52-DFAD134FD9CF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {B29D7BCC-5957-47B9-9066-94E1E760A08D} - System32\Tasks\{09E0AD75-C223-4B0B-875F-989E715677FE} => pcalua.exe -a C:\Users\Sara\Desktop\dungeondiege2bw_pl.exe -d C:\Users\Sara\Desktop
Task: {B4C94F98-DC34-45A8-8CDC-72A7334B5070} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {CF64AC78-AB55-4F4A-9B81-D2CE4081AF05} - System32\Tasks\{70CB90FD-9E5F-4004-84A3-3A18CC5F77CF} => pcalua.exe -a "C:\Users\Sara\Desktop\Super Bros 3 Mario Forever Lost Map.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D8BB00CC-E1D4-4C6B-B4CA-6D3966B5B8ED} - System32\Tasks\{E537EC6E-D9A9-4F04-9A54-A16DEDF3349A} => pcalua.exe -a D:\pets1\cd1\eauninstall.exe -d D:\pets1\cd1
Task: {DB8C44DF-45AA-40C6-A314-58497ADC58E7} - System32\Tasks\{BA4B4B15-5329-4702-87A5-7BAB6D2590C2} => pcalua.exe -a C:\Users\Sara\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor <==== ATTENTION
Task: {EB2A18C7-5EB5-49C1-A42C-0A85C9C1D208} - System32\Tasks\{B4625331-0465-4C53-9E42-B8E7A7B4292F} => pcalua.exe -a C:\Users\Sara\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=ild <==== ATTENTION
Task: {ED32B725-3B4A-4522-8C1C-A6E126A3C868} - System32\Tasks\{852EF63A-0502-4CC3-8A96-28D1263D97DF} => Firefox.exe
Task: {F56B32E5-098A-4872-8E22-78D7798FF00B} - System32\Tasks\{9866B2AD-A3E3-4DC5-BC88-69AD113094F5} => pcalua.exe -a "D:\Dungeon Siege 2 [4CD English + Patch 2.2 + Spolszczenie] &amp;&amp; Broken World [1CD English + Spolszczenie]\DS2 Spolszczenie.exe" -d "D:\Dungeon Siege 2 [4CD English + Patch 2.2 + Spolszczenie] &amp;&amp; Broken World [1CD English + Spolszczenie]"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324770256-1554048312-283934608-1002Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324770256-1554048312-283934608-1002UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
CustomCLSID: HKU\S-1-5-21-3324770256-1554048312-283934608-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sara\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
Emptytemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Odinstaluj: McAfee Security Scan Plus / QuickShare / Update_for_BonanzaDeals / YAC(Yet Another Cleaner!)

3. Użyj >Dostępne tylko dla zarejestrowanych użytkowników
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

4. Uruchom Dostępne tylko dla zarejestrowanych użytkowników. Wciśnij dowolny klawisz i czekaj, aż skończy się operacja. (UWAGA: podczas pobierania, programy mogą wskazywać, że to jest zagrożenie, proszę to zignorować). Pokaż raport.

5. Wykonaj i wklej nowe logi z FRST.

[sarschien]

Gdy próbuję odinstalować QuickShare to pokazuje mi się komunikat:

"There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor."
I Avast pokazuje, że przeniósł do kwarantanny zagrożenie Adware-gen.

Jakaś pomoc co ja mogę zrobić w takiej sytuacji?

[djarta]

Ominac i wykonywac dalsze czynnosci

[sarschien]

a takie coś wyszło

Dostępne tylko dla zarejestrowanych użytkowników - AdwCleaner
Dostępne tylko dla zarejestrowanych użytkowników - JRT

Dostępne tylko dla zarejestrowanych użytkowników - FRST
Dostępne tylko dla zarejestrowanych użytkowników - addiction
Dostępne tylko dla zarejestrowanych użytkowników - shortcut

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
Task: {0300EE33-3C3E-4F21-8C7F-8144F527BFC4} - \User_Feed_Synchronization-{4983993E-B682-4EA0-9514-1D9E5A8874A9} No Task File <==== ATTENTION
Task: {EA5B6645-2428-43BE-91B2-32311E551B0F} - \SidebarExecute No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:9FB286BF
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickShare" /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKLM-x32 - (No Name) - {707db484-2428-402d-afb5-d85b387544c7} - No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> D:\Real Alternative\browser\plugins\nprpjplug.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=ir ... 833477&ir=
2014-08-05 13:15 - 2014-08-05 13:16 - 0000000 _____ () C:\Users\Sara\AppData\Local\{053441CB-168D-4F29-A3D3-125E5185D0A3}
2014-08-05 13:13 - 2014-08-05 13:13 - 0000000 _____ () C:\Users\Sara\AppData\Local\{90EE28FB-5098-4ECF-B6C0-6F72F53C381F}
2014-05-16 19:57 - 2014-05-16 19:58 - 0000000 _____ () C:\Users\Sara\AppData\Local\{98FA744C-EED6-4C55-B14B-6D088BA1A95C}
2015-02-03 14:57 - 2015-02-03 14:57 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieUserList
2015-02-03 14:57 - 2015-02-03 14:57 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieSiteList
2015-02-03 14:57 - 2015-02-03 14:57 - 00000000 __SHD () C:\Users\Sara\AppData\Local\EmieBrowserModeList

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Wykonaj wszystko z tego tematu: Kroki kończące temat.
Końcowo pokazujesz: raport z DelFix oraz raport z pełnego skanowania Malwarebytes

[sarschien]

Dostępne tylko dla zarejestrowanych użytkowników - Delfix
Dostępne tylko dla zarejestrowanych użytkowników - Malwarebytes

[djarta]

Usun wszystkie smietki ktore wykryl MBAM i jest OK.

[sarschien]

Bardzo dziękuję za pomoc