Avast nie radzi sobie z wirusami

kaczorrr · 17 Kwiecień 2015 21:35

Dobry wieczór.

Proszę o sprawdzenie logów i pomoc w sprawie licznych infekcji. Od wczoraj Avast blokuje trojany ale nie załatwia to problemu. Na komputerze instalują się liczne niechciane programy przy każdym ponownym uruchomieniu, pomimo tego że są odinstalowywane.

FRST http://wklej.org/hash/4ece79d22fe/

ADDITION http://wklej.org/id/1690613/

SHOTRCUT http://wklej.org/id/1690615/

Atis · 17 Kwiecień 2015 21:45

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [mbot_pl_190] => [X]
HKLM-x32\...\Run: [gmsd_pl_96] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (Dynamo Combo) - C:\Users\KACZOR\AppData\Local\Google\Chrome\User Data\Default\Extensions\eheacoflpaonnngbihgdjcgjlhbfhcpe [2015-01-22]
CHR Extension: (Bookmark Manager) - C:\Users\KACZOR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
R2 solomero; C:\Users\KACZOR\AppData\Roaming\D372C860-1429214424-11DE-96FB-90E6BA461C4B\nsu102F.tmpfs [X]
S1 ccnfd_1_10_0_2; system32\drivers\ccnfd_1_10_0_2.sys [X]
S1 ccnfd_1_10_0_4; system32\drivers\ccnfd_1_10_0_4.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
2015-04-16 22:16 - 2015-04-16 22:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-16 22:11 - 2015-04-16 22:11 - 00000000 ____ D () C:\Program Files (x86)\993921c0-44ed-4637-86fb-00cbdeef4c71
2015-04-16 22:04 - 2015-04-16 22:12 - 00000000 ____ D () C:\Users\KACZOR\AppData\Local\D372C860-1429221853-11DE-96FB-90E6BA461C4B
2015-04-16 22:00 - 2015-04-16 23:35 - 00000000 ____ D () C:\Users\KACZOR\AppData\Roaming\D372C860-1429214424-11DE-96FB-90E6BA461C4B
2014-03-21 19:55 - 2014-03-21 19:59 - 0000092 _____ () C:\Users\KACZOR\AppData\Roaming\regsvr32.exe_log.txt
2014-03-21 19:55 - 2014-03-21 19:59 - 0000825 _____ () C:\Users\KACZOR\AppData\Roaming\LiveSupport.exe_log.txt
2014-07-18 23:29 - 2014-07-18 23:35 - 0000000 _____ () C:\Users\KACZOR\AppData\Local\{456BB797-8B96-4CEB-8AE9-77302A9CEBF6}
Task: {3E1ADD4B-AF48-4038-A458-631D8C9BBB6E} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {474AAD1D-D86B-4E93-8F91-67A3CD7B8CFF} - System32\Tasks\532bdfc9-e401-4434-95c7-1b7d96e6d106 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\532bdfc9-e401-4434-95c7-1b7d96e6d106.exe <==== ATTENTION
Task: {4D487692-3ACB-4E38-A051-C93A017D9881} - System32\Tasks\{818B3492-5BFF-4A51-9B4B-16C97220D610} => pcalua.exe -a C:\CanonMP\MP750780\cnmvsa.exe -d C:\CanonMP\MP750780
Task: {564B42CB-6E35-4CFE-8626-54F972533352} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5.exe <==== ATTENTION
Task: {57F890A1-75C4-4A8D-BA7D-DBA599BE88E4} - \a2zLyrics-1-updater No Task File <==== ATTENTION
Task: {737C2A15-5776-421C-8062-5803B11FAB9E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {8258E7FE-24ED-49FE-8F18-7B93FF3CD49A} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-6 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-6.exe <==== ATTENTION
Task: {9282705C-D0D8-4014-91A2-10D00A2B2F25} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-6.exe <==== ATTENTION
Task: {967DE618-05DA-4C70-A973-CBF5805A1BE9} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-10.exe <==== ATTENTION
Task: {B9153CD5-A90A-43F0-A6FB-0723DA481D9A} - \a2zLyrics-1-codedownloader No Task File <==== ATTENTION
Task: {BD9B7967-991C-4C8A-8DC8-9E36643A3877} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-3 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-3.exe <==== ATTENTION
Task: {C7666FAF-72A3-4444-9A39-30EE654630E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFC38573-A4A4-4508-9E0B-BFBFBEAA5FEA} - \a2zLyrics-1-enabler No Task File <==== ATTENTION
Task: {D053A986-3F34-434A-9AB9-A3B4D1784BF5} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-7.exe <==== ATTENTION
Task: {ECDD49A6-FE5D-44B9-96AA-586DAF01E87F} - System32\Tasks\{E82B9EA3-5DAB-40B8-9338-0F85FF36B8D6} => pcalua.exe -a C:\Users\KACZOR\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
Task: {F15C9EE3-3174-4E60-9FE5-7D2C4CB893FD} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5.exe <==== ATTENTION
Task: {F2395214-68AE-4883-97B3-0B0D843054D8} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-7 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-7.exe <==== ATTENTION
Task: {F8E0E948-C309-43E7-8A26-74F1E5DF9AFB} - System32\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-11 => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\532bdfc9-e401-4434-95c7-1b7d96e6d106.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\532bdfc9-e401-4434-95c7-1b7d96e6d106.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV16.04\e4fc5ba0-cb30-4e9c-a4ab-32638ee13f5f-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.

kaczorrr · 17 Kwiecień 2015 22:03

AdwCleaner http://wklej.org/id/1690630/

fixlog http://wklej.org/id/1690632/

FRST http://wklej.org/id/1690633/

Atis · 17 Kwiecień 2015 22:25

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
2015-04-16 22:03 - 2015-04-16 22:03 - 00000000 ____ D () C:\Program Files (x86)\bc40f0d5-83e2-4bb7-bd72-20b453dbb34e
2015-04-17 23:50 - 2014-01-04 13:55 - 00000000 ____ D () C:\AdwCleaner
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj Microsoft Silverlight i zainstaluj Silverlight 5.1.30514.0

kaczorrr · 17 Kwiecień 2015 22:30

Dziękuję serdecznie za pomoc. Pozdrawiam.