Dużo reklam, spowolniona praca komputera

majyka1 · 30 Czerwiec 2014 17:02

Zeskanowane avastem, malware antimalware, adwcleaner, ccleaner, poniżej załączam logi z otl i farbar recovery z prośbą sprawdzenia i pomocy w dalszym sprzątaniu komputera

otl ->http://wklejto.pl/205666

extras ->http://www.wklejto.pl/205667

frst ->http://www.wklejto.pl/205668

addition ->http://www.wklejto.pl/205669

Dziękuję za pomoc, Majka

Acorus · 30 Czerwiec 2014 17:19

Odinstaluj MetaCrawler,Smileys We Love Toolbar for IE.Otwórz Notatnik i wklej:

Task: {2281DB50-7A23-4B79-A680-9B3D0107DABB} - \Scheduled Update for Ask Toolbar No Task File ==== ATTENTION
Task: {2D453D65-C60C-4965-B043-82883A04AA2C} - \YourFile Update No Task File ==== ATTENTION
Task: {4145E1C9-B854-40D9-BFF5-B7D1E56F542D} - \spmonitor No Task File ==== ATTENTION
Task: {6E16F5AF-91E6-40C4-8197-2CE5FDCC5976} - System32\Tasks\SpyHunter4Startup = C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {79A66CEC-43C6-45CB-9A70-DD900FC08EA9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1745266210-4204149599-3607975665-1000Core = C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {848883BB-2442-49F5-B5AB-897471596BCF} - \MetaCrawler No Task File ==== ATTENTION
Task: {9A3F68CE-5C5F-4B42-A894-6D9088501BA3} - \SpeedUpMyPC No Task File ==== ATTENTION
Task: {A1C16442-6625-40BE-9FBA-A2A035DCC141} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1745266210-4204149599-3607975665-1000UA = C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-12] (Facebook Inc.)
Task: {A7704C53-A426-4484-9AC6-DF83CECE6792} - \DigitalSite No Task File ==== ATTENTION
Task: {B4C772CA-7775-4F6B-B324-4D93D1C6F58F} - \AdobeFlashPlayerUpdate 2 No Task File ==== ATTENTION
Task: {EE832FF4-080B-4EEF-A632-20A5EB62BB89} - \Update Bonanza No Task File ==== ATTENTION
Task: {F206A86D-C682-418B-854C-AED7E1FA5B2A} - \AdobeFlashPlayerUpdate No Task File ==== ATTENTION
Task: C:\windows\Tasks\Bonanza.job = C:\Users\Ela\AppData\Roaming\Bonanza\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1745266210-4204149599-3607975665-1000Core.job = C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1745266210-4204149599-3607975665-1000UA.job = C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\MountPoints2: {2c755834-4982-11e2-ac94-90a4de698592} - F:\AutoRun.exe
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\MountPoints2: {2c75584e-4982-11e2-ac94-90a4de698592} - F:\AutoRun.exe
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\MountPoints2: {6c2c7232-d3f0-11e2-b33f-90a4de698592} - F:\AutoRun.exe
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\MountPoints2: {f89e7675-b5a2-11e2-ac20-90a4de698592} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {1CED0EC9-1AA6-4EB2-8C21-3B405978E670} URL = http://rts.dsrlte.com/?q={searchTerms}r=856
SearchScopes: HKCU - {29E8F927-49A0-48C7-9F27-BA5E30BBB3EE} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=kwq={searchTerms}locale=en_USapn_ptnrs=^U3apn_dtid=^OSJ000^YY^PLapn_uid=26626D0C-7F77-4FAD-BF47-28FD431BA73Aapn_sauid=5DA6B3AC-CD0D-44DB-9389-3991A8B7CA01
SearchScopes: HKCU - {decabc4f-3db2-4891-8ea8-481dd7f8a09c} URL = http://search.uri.pl/search.php?i=tiibq={searchTerms}
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Extension: metacrawler.com - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\Extensions\ffxtlbr@metacrawler.com [2013-10-25]
FF Extension: Search - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1666} [2013-09-23]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-11]
FF Extension: BonanzaDeals - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-18]
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\extensions\shortcutff@gmail.com
FF Extension: shortcut - C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\4orswmmq.default\extensions\shortcutff@gmail.com [2014-06-22]
CHR HomePage: hxxp://rts.dsrlte.com
CHR RestoreOnStartup: "hxxp://rts.dsrlte.com"
CHR StartupUrls: "hxxp://rts.dsrlte.com"
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: http://rts.dsrlte.com/?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Ela\AppData\Local\Temp\ccex.crx [2011-11-14]
R1 {a459d632-5225-4bb9-9a0b-002544d16f6e}w64; C:\Windows\System32\drivers\{a459d632-5225-4bb9-9a0b-002544d16f6e}w64.sys [61112 2014-04-24] (StdLib)
S3 esgiguard; \\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2014-06-30 17:42 - 2014-06-30 17:45 - 00000000 ____ D () C:\AdwCleaner
2014-06-30 14:51 - 2011-10-09 02:44 - 00000000 ____ D () C:\Program Files (x86)\Przyspiesz Komputer
2014-06-30 12:59 - 2014-01-02 12:27 - 00000282 _____ () C:\windows\Tasks\Bonanza.job
C:\Users\Ela\AppData\Local\Temp\dsrlte.exe
C:\Users\Ela\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Ela\AppData\Local\Temp\htmlayout.dll
C:\Users\Ela\AppData\Local\Temp\Quarantine.exe

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.