Zamulony laptop 2

Dla specjalistów Bezpieczeństwo
#1

Komputer zamula, avast zgłasz wirusy. Oto logi

FRST http://www.wklej.org/id/1676403/

i Addition http://www.wklej.org/id/1676407/

Z góry dziękuje za sprawdzenie

#2

Odinstaluj McAfee Security Scan Plus.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF HKU\S-1-5-21-511226566-4064373183-81019540-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\Magda\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-03-05 21:45 - 2015-03-05 21:45 - 00000000 ____ D () C:\Program Files\McAfee Security Scan
2015-03-02 21:45 - 2015-03-05 21:45 - 00000000 ____ D () C:\ProgramData\McAfee Security Scan
Task: {3176101B-021B-465F-8669-CD558909DDB7} - \Dealply No Task File <==== ATTENTION
Task: {3244EF79-B379-4109-9E9D-913521624D16} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {5FC0D6A1-4064-4001-B8F5-2E60413F9F6E} - \BitGuard No Task File <==== ATTENTION
Task: {65E282C4-AE1E-4E88-80B2-5667134AD96D} - \DealPlyLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {B90351C9-7089-47D3-B96A-5CB62C01B7B4} - System32\Tasks\e-pity2012_kwiecien => C:\Program Files (x86)\e-file\e-pity2012\signxml.exe
Task: {D9D594CC-BDB8-4837-9CB5-00516B13205D} - \EPUpdater No Task File <==== ATTENTION
Task: {DED1EFF4-D0AF-40BD-8C22-AA3EDEE91CCF} - System32\Tasks\e-pity2012_styczen => C:\Program Files (x86)\e-file\e-pity2012\signxml.exe
Task: {EE170F42-6986-4391-8073-D91D02E26A04} - \DealPlyLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511226566-4064373183-81019540-1000Core.job => C:\Users\Magda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511226566-4064373183-81019540-1000UA.job => C:\Users\Magda\AppData\Local\Facebook\Update\FacebookUpdate.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

#3

Dzięki. Oto log:   http://wklej.to/qw5BO

#4

Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 16 ActiveX

Adobe Flash Player 16 NPAPI

Java 7 Update 45

Java 7 Update 67

Microsoft Silverlight

Zainstaluj:

Flash Player 17.0.0.134 Plugin

Flash Player 17.0.0.134 ActiveX

Java 8 Update 40

Silverlight 5.1.30514.0