Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

sony vaio - prośba o sprawdzenie loga

garfild209 15 Paź 2015 21:20 360 2
  • #1 15 Paź 2015 21:20
    garfild209
    Poziom 12  

    Witam kolega miał albo ma wirusa, który wysyła maile w nocy do wszystkich z książki adresowej.
    Dziś bylem u niego i skanowałem Adwcleanerem i usunąłem co tam było-
    Dr.Web CureIt! znalazł jednego wirusa i też usunął (nie pamiętam jaki ale coś z hoost
    )
    Zainstalowałem eset smart seciurity - nie było antywirusa jedynie systemowy z win 10
    i przeskanowałem programem OTL w załączniku skan może ktoś sprawdzić czy coś jest?
    dodam że chciałem uruchomić combofixa, ale się nie dało pisało, że system nie obsługiwany

    0 2
  • #2 15 Paź 2015 21:22
    Kolobos
    Spec od komputerów

    Zamiesc wymagane logi z FRST (addition.txt oraz frst.txt) w zalaczniku.

    0
  • #3 16 Paź 2015 08:47
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj McAfee Security Scan Plus i Spybot - Search & Destroy.

    Cytat:

    Task: {025BAFCD-5D51-486E-B4A1-F5F832E5E4DE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {10CABB27-77AC-48B6-B07F-6DE0F65F60B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {15159792-6FFF-4B79-8EE1-8C54B4734AED} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {709B3C1A-2487-47FE-9359-E972669AD3E6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {72CF2811-905B-45A2-BADB-A7F18C6BB578} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {76AE9D21-C35F-469D-8BB9-37862E3C071B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {A9573B28-D856-486A-9E88-2D49931563DF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {B4EDB9E2-60B3-4997-A13C-10B0CF6FB2CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {BAB9F168-2455-4D63-AC60-CBB014F3C8BB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {C07FBE20-2428-4B6E-BD9F-8F4129630295} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {D3A36BFE-3E3A-47EF-88DD-0301F48EF03E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {D45D7282-9E94-4989-AB62-A11F78830679} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {E61332E8-6E4A-4B9D-A126-C0BE8198DD07} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {F2AE9741-AD7E-489B-A355-9EB54579E9DB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    2015-10-15 16:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-10-15 16:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-10-15 16:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-10-15 16:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-10-15 16:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-10-15 16:45 - 2014-04-25 14:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll




    HKU\S-1-5-21-1636756615-1885390970-1205813804-1002\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-1636756615-1885390970-1205813804-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-10-14]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe
    URLSearchHook: [S-1-5-21-1636756615-1885390970-1205813804-1004] UWAGA => Brak domyślnego URLSearchHook
    URLSearchHook: [S-1-5-21-1636756615-1885390970-1205813804-501] UWAGA => Brak domyślnego URLSearchHook
    URLSearchHook: [S-1-5-21-1636756615-1885390970-1205813804-503] UWAGA => Brak domyślnego URLSearchHook
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Bing
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
    FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Brak pliku]
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Brak pliku]
    FF Extension: Bing Search - C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\p5hlhjsh.default\Extensions\bingsearch.full@microsoft.com [2015-07-08]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono
    CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> bing.com
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Brak pliku
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Brak pliku
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll => Brak pliku
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll => Brak pliku
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll => Brak pliku
    CHR Extension: (Bing) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-10-15]
    CHR HKU\S-1-5-21-1636756615-1885390970-1205813804-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 OneClickInternet_Service; C:\Program Files (x86)\OneClickInternet\OneClickAssistant_Service.exe [X]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2015-10-15 16:54 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2015-10-15 16:45 - 2015-10-15 17:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2015-10-15 16:45 - 2015-10-15 17:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-10-15 16:45 - 2015-10-15 16:45 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2015-10-15 16:45 - 2015-10-15 16:45 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2015-10-15 16:45 - 2015-10-15 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2015-10-15 15:49 - 2015-10-15 16:07 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe, odpal go i kliknij Fix/Napraw.

    0