Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Logi FRST - Prośba o sprawdzenie.

kuba202 19 Sie 2015 11:24 465 3
  • #2 19 Sie 2015 11:34
    Kolobos
    Spec od komputerów

    Nie uzywaj combofix.

    Fixlist.txt dla FRST:
    Task: {29DCA65A-8029-45C1-B99E-BCAA0B11B775} - System32\Tasks\{2B0DDD1A-7FA7-4BB4-8357-8A331B04246D} => D:\Users\Witcher\Desktop\\zip zap\Extreme Injector v3.exe
    Task: {3458E082-E116-4205-A221-C72750997669} - System32\Tasks\Security Software => D:\Users\Witcher\AppData\Roaming\Security Software\Security Software.exe [2015-08-11] ()
    Task: {4FDAD827-EA43-4EB8-864F-6C436C114728} - System32\Tasks\Jelbruss Secure Web Cleaner => D:\Program Files (x86)\Jelbruss Secure Web\jswtask.exe <==== ATTENTION
    Task: {588429F5-43F5-454B-A229-D8EDE4CD2BB9} - System32\Tasks\Win Update => D:\Users\Witcher\AppData\Roaming\Updater\winupd.exe <==== ATTENTION
    Task: {768743F0-1A05-4869-AA25-36CA7D15F218} - System32\Tasks\Personal Computer Service Cleaner => D:\Program Files (x86)\Personal Computer Service\Personal ComputerService.exe [2015-07-29] (Secure Best Updater)
    Task: {D7D3498A-EC91-4459-A3F0-840E261AFA86} - System32\Tasks\{F05C4394-6D98-4883-AE2E-83335EB61B97} => D:\Users\Witcher\Desktop\\zip zap\Extreme Injector v3.exe
    Task: {FE7120AF-A31E-4933-BF0C-D168D923D1E1} - System32\Tasks\{2E4616EE-0C15-4F63-A475-E632B27958D8} => D:\Users\Witcher\Desktop\\zip zap\Extreme Injector v3.exe
    AlternateDataStreams: D:\ProgramData:NT
    AlternateDataStreams: D:\ProgramData:NT2
    AlternateDataStreams: D:\Users\All Users:NT
    AlternateDataStreams: D:\Users\All Users:NT2
    AlternateDataStreams: D:\ProgramData\Application Data:NT
    AlternateDataStreams: D:\ProgramData\Application Data:NT2
    AlternateDataStreams: D:\ProgramData\Dane aplikacji:NT
    AlternateDataStreams: D:\ProgramData\Dane aplikacji:NT2
    AlternateDataStreams: D:\ProgramData\MTA San Andreas All:NT
    AlternateDataStreams: D:\ProgramData\MTA San Andreas All:NT2
    AlternateDataStreams: D:\Users\Witcher\Dane aplikacji:NT
    AlternateDataStreams: D:\Users\Witcher\Dane aplikacji:NT2
    AlternateDataStreams: D:\Users\Witcher\AppData\Roaming:NT
    AlternateDataStreams: D:\Users\Witcher\AppData\Roaming:NT2
    HKLM-x32\...\Run: [] => [X]
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    R3 WPRO_41_2001; D:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-08-18] ()
    S3 catchme; \??\D:\ComboFix\catchme.sys [X]
    S3 EagleX64; \??\D:\Windows\system32\drivers\EagleX64.sys [X]
    S3 FairplayKD; \??\D:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 X6va027; \??\D:\Windows\SysWOW64\Drivers\X6va027 [X]
    S3 xhunter1; \??\D:\Windows\xhunter1.sys [X]
    2015-08-18 23:17 - 2015-08-18 23:17 - 00000000 ___SD D:\ComboFix




    2015-08-18 23:11 - 2015-08-18 23:36 - 00094656 _____ (CACE Technologies) D:\Windows\system32\WPRO_41_2001woem.tmp
    2015-08-18 23:07 - 2015-08-18 23:07 - 00005634 _____ D:\AdwCleaner[C1].txt
    2015-08-18 23:03 - 2015-08-18 23:07 - 00000000 ____D D:\AdwCleaner
    2015-08-18 23:03 - 2015-08-18 23:03 - 00012985 _____ D:\AdwCleaner[S1].txt
    2015-08-18 23:02 - 2015-08-18 23:02 - 01573888 _____ D:\Users\Witcher\Downloads\adwcleaner_5.001_www.INSTALKI.pl (1).exe
    2015-08-17 21:59 - 2015-08-17 22:00 - 00012904 _____ D:\AdwCleaner[S3].txt
    2015-08-12 14:27 - 2015-08-12 14:27 - 00032851 _____ D:\ComboFix.txt
    2015-08-12 13:59 - 2015-08-12 13:59 - 00013494 _____ D:\Users\Witcher\Desktop\combofix — skrót.lnk
    2015-08-11 22:05 - 2015-08-11 22:05 - 00003334 _____ D:\Windows\System32\Tasks\Security Software
    2015-08-11 22:05 - 2015-08-11 22:05 - 00000000 ____D D:\Users\Witcher\AppData\Roaming\Security Software
    2015-08-07 02:03 - 2015-08-07 02:03 - 00771781 _____ D:\Users\Witcher\Downloads\Advanced RAR Repair 1.2 Full (1).exe
    2015-06-06 22:43 - 2015-06-06 22:43 - 00000000 ____D D:\Program Files\Enigma Software Group
    2015-06-06 22:42 - 2015-06-06 22:42 - 03109248 _____ (Enigma Software Group USA, LLC.) D:\Users\Witcher\Downloads\SpyHunter-Installer (4).exe
    2015-06-02 22:03 - 2015-07-29 18:04 - 00003676 _____ D:\Windows\System32\Tasks\Personal Computer Service Cleaner
    2015-06-02 22:03 - 2015-06-02 22:03 - 00000000 ____D D:\Program Files (x86)\Personal Computer Service
    2015-06-02 18:15 - 2011-06-26 08:45 - 00256000 _____ D:\Windows\PEV.exe
    2015-06-02 18:15 - 2010-11-07 19:20 - 00208896 _____ D:\Windows\MBR.exe
    2015-06-02 18:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
    2015-06-02 18:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
    2015-06-02 18:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
    2015-06-02 18:15 - 2000-08-31 02:00 - 00098816 _____ D:\Windows\sed.exe
    2015-06-02 18:15 - 2000-08-31 02:00 - 00080412 _____ D:\Windows\grep.exe
    2015-06-02 18:15 - 2000-08-31 02:00 - 00068096 _____ D:\Windows\zip.exe
    2015-06-02 18:10 - 2015-08-18 23:15 - 05635271 ____R (Swearware) D:\Users\Witcher\Downloads\ComboFix.exe
    2015-05-29 22:01 - 2015-08-11 20:27 - 00003298 _____ D:\Windows\System32\Tasks\Jelbruss Secure Web Cleaner
    2015-05-29 22:01 - 2015-05-29 22:01 - 00003292 _____ D:\Windows\System32\Tasks\Win Update
    2015-08-18 23:17 - 2014-12-01 17:48 - 00000000 ____D D:\Qoobox
    D:\Users\Witcher\AppData\Roaming\Updater\
    EmptyTemp:

    0
  • #3 19 Sie 2015 11:38
    kuba202
    Poziom 6  

    Combofix nie wymagało za dużo wiedzy i w wielu przypadkach mi pomogło.

    0
  • #4 19 Sie 2015 12:05
    Kolobos
    Spec od komputerów

    Wlasnie dlatego nie powinienes go uzywac, to nie jest automat do usuwania.

    0