Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows 7 wolne działanie - prośba o sprawdzenie logów.

Gepetto 08 Lut 2017 13:54 294 2
  • #1 08 Lut 2017 13:54
    Gepetto
    Poziom 10  

    Witam

    Od niedawna system uruchamia się i działa bardzo wolno. Windows 7 na HP Pavilion dv6. Podejrzewam infekcję, proszę o sprawdzenie załączonych logów lub sugestię jak dalej działać.

    0 2
  • Pomocny post
    #2 08 Lut 2017 14:08
    Kolobos
    Spec od komputerów

    Niczego takiego nie widac.

    Wykonaj Fixlist.txt dla FRST:
    Task: {0AF19500-EF45-4B27-A66D-2ABFE6DF4888} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Brak pliku <==== UWAGA
    Task: {18768D30-5E78-4AB3-A6A5-D14271EF182F} - System32\Tasks\{F03FEFEA-55F0-40BE-8344-FC7CE7980E2C} => E:\Shinyekap Nezha-1.exe
    Task: {1879F36B-4FB6-44F0-8749-6260316C765A} - System32\Tasks\{A3741079-C9A3-4D03-82EE-BFBBF3CC2773} => pcalua.exe -a C:\Users\Piasek\Desktop\setupDziobasRarPlayer0.009.52.exe -d C:\Users\Piasek\Desktop
    Task: {293D34C6-010E-4AA4-8006-EB5BCB272525} - System32\Tasks\{DB55308A-F750-4C87-93B1-F801E5032013} => pcalua.exe -a C:\Users\Piasek\Desktop\dotnetfx35.exe -d C:\Users\Piasek\Desktop
    Task: {2B1B42C5-AFBB-4FDB-B6E4-43816F53FA5B} - \ProtectedSearch\Protected Search -> Brak pliku <==== UWAGA
    Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
    Task: {40064A52-C90E-4D89-9057-4727FA0DC856} - System32\Tasks\{827087BE-B77B-4DD8-9E0A-4A4C57CE8BA0} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {5BDB0BA8-3B80-4284-9ED5-7F1A8391BCC4} - System32\Tasks\4786 => Wscript.exe C:\Users\Piasek\AppData\Local\Temp\launchie.vbs //B <==== UWAGA
    Task: {5C01279B-C5C2-41A2-8E49-0C84D4F163D6} - System32\Tasks\{176859B9-9050-4BFF-8D08-3456F922873B} => pcalua.exe -a "C:\Program Files (x86)\T-Mobile\InternetManager_H\uninst.exe"
    Task: {79CDBC3B-0854-4895-9F87-878E06E151C2} - System32\Tasks\{F83AED5B-2EEB-4F6F-BC9F-6165F51D217B} => Iexplore.exe
    Task: {8F861470-3A8C-4295-AC48-E78A8F6C57EA} - System32\Tasks\{750A72F2-F93E-490D-8FD4-62D816E6EE2B} => pcalua.exe -a C:\Users\Piasek\Desktop\iview438_setup.exe -d C:\Users\Piasek\Desktop
    Task: {96555F78-7967-450D-A618-BFF50DD7F044} - System32\Tasks\{8386E913-355D-43C4-A981-E0E23777340C} => pcalua.exe -a "C:\Program Files (x86)\Pop-a-Color Value\unins000.exe"
    Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    Task: {B14FA40F-F2CF-46AE-B552-641274313C31} - System32\Tasks\{82349F79-961D-469A-8050-5F41345ABAAA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
    Task: {B83A27DC-0D79-4EBA-8B78-3F0C9D36EA9B} - System32\Tasks\{79C9515B-246D-443F-A870-D3EFD6BD8691} => pcalua.exe -a "C:\Users\Piasek\Downloads\installer_save2pc_full (1).exe" -d C:\Users\Piasek\Desktop
    Task: {B86076B7-8B47-4148-850B-0052D258BF2C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Brak pliku <==== UWAGA
    Task: {BD626691-4B79-4B56-A471-D349DA7D7C9F} - System32\Tasks\{E35109AE-F40F-4CE0-B1DF-CF647EE0B054} => E:\Shinyekap Nezha-1.exe
    Task: {BDD52B94-FB59-422E-8F03-59625C898244} - System32\Tasks\{DE0BEAB8-2086-48DE-A13D-3F9E5CD21C14} => pcalua.exe -a C:\Users\Piasek\Desktop\iview433_setup.exe -d C:\Users\Piasek\Desktop




    Task: {C7D705D2-F742-49EE-A13E-F75205554C53} - System32\Tasks\{F777D1CC-D063-46DE-8178-84B187E40A62} => pcalua.exe -a C:\Users\Piasek\Desktop\iview430_setup.exe -d C:\Users\Piasek\Desktop
    Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
    Task: {F0566B63-3D9E-4A38-A1D3-E853207DB2B3} - System32\Tasks\{B053E411-EEE8-4699-8594-D0FC888B9B85} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
    Task: {F55CD1FB-9B97-4BA1-924E-FC3C58572F30} - System32\Tasks\{173A4DA8-1988-4581-B334-2786D9F3D8D7} => pcalua.exe -a "C:\Users\Piasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2X329KE\RegCleaner.exe" -d C:\Users\Piasek\Desktop
    Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
    Task: {FAC2358F-32C8-4F53-AFD6-0B9743C9C826} - System32\Tasks\{5CCF2874-DC24-4F06-9306-77E95CC67A2B} => pcalua.exe -a H:\Programy\Nero-6.6.0.15_plk.exe -d H:\Programy
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: G - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {017a9771-f065-11e1-bea6-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {071cda8a-d27a-11e1-9e87-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {07efb772-e8a3-11e2-b669-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {114ae9a5-51c7-11e2-8f0b-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {12dce90f-e96d-11e1-b176-001e101f7fb6} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {14962d8f-8196-11e2-9796-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {176d4bf2-da16-11e1-bbb3-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {1dcf8cfd-c8a0-11e2-9ebe-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {1dcf8d0f-c8a0-11e2-9ebe-cc52af992d76} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {1dcf8d22-c8a0-11e2-9ebe-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {201aaff0-cbac-11e6-8cff-001e101f82a0} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {2fd6e00a-cd4a-11e0-839b-cc52af992d76} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {317f32f1-f573-11e2-b4a5-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {3451a872-dda3-11e1-b1f4-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {3451a87a-dda3-11e1-b1f4-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {3549af57-053d-11e6-8d81-cc52afa2cb54} - F:\startme.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {37a1ef7f-4969-11e3-87eb-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {37a1efa5-4969-11e3-87eb-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {39f2456f-b1c4-11e0-82ab-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {39f245c5-b1c4-11e0-82ab-001e101f1ed9} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {405b2e86-10a2-11e2-8180-001e101f63cf} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {405b2e8d-10a2-11e2-8180-001e101f63cf} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {40aed925-0f7f-11e2-9d70-001e101f79c9} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {40aed929-0f7f-11e2-9d70-001e101f79c9} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {414760ff-0ee6-11e2-af83-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {41476110-0ee6-11e2-af83-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {41476113-0ee6-11e2-af83-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {41476118-0ee6-11e2-af83-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {4147612c-0ee6-11e2-af83-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {4ddf92a8-1c01-11e4-bf46-001e101fb681} - F:\LGAutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {52965270-f578-11e2-93c5-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {52aa7078-db25-11e1-8380-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {53d1070c-13cc-11e2-af4d-001e101f7f74} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {53d10719-13cc-11e2-af4d-001e101f7f74} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {53d1acb5-9f58-11e5-8d06-001e101f2b52} - I:\startme.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6095f67e-1151-11e2-a3ae-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {63a26789-c9fe-11e2-aefb-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6595e711-dd6e-11e2-b5d7-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6595e71c-dd6e-11e2-b5d7-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6595e725-dd6e-11e2-b5d7-2c27d7bb51a2} - I:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {65cedecf-0c41-11e2-ab2b-806e6f6e6963} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {65cedf01-0c41-11e2-ab2b-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {65cedf03-0c41-11e2-ab2b-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6740c288-0038-11e2-8ed3-001e101f82a7} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6770e6fb-f574-11e2-add4-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {68803207-c7fd-11e0-b94a-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6b20522d-4948-11e3-af2f-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6b20523b-4948-11e3-af2f-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6cdfd9b4-3f71-11e2-a3fa-001e101fabdd} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {6cdfd9b8-3f71-11e2-a3fa-001e101fabdd} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {76201eba-0622-11e2-94dd-001e101f9843} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7942c658-c9f0-11e3-a230-001e101f8924} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7942c660-c9f0-11e3-a230-001e101f8924} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7942c663-c9f0-11e3-a230-001e101f8924} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7942c66d-c9f0-11e3-a230-001e101f8924} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7942c66f-c9f0-11e3-a230-001e101f8924} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7ae78580-1944-11e2-905f-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {7ae78589-1944-11e2-905f-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8157b44d-9e35-11e2-b106-cc52af992d76} - G:\LaunchU3.exe -a
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {81976c78-dc38-11e2-ab0f-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {82ccb483-dd72-11e2-a104-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {82ccb4a1-dd72-11e2-a104-001e101f7f74} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {82ccb4aa-dd72-11e2-a104-001e101f7f74} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {82ccb4b5-dd72-11e2-a104-001e101f7f74} - I:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8506a3a7-c2da-11e2-a5e9-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8506a3c6-c2da-11e2-a5e9-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {88601b19-495e-11e3-847f-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8aa98e19-daef-11e1-91f7-001e101f9843} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8b494c79-c99d-11e0-aaff-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {8d943c49-d62d-11e1-8243-001e101fb4df} - I:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {908159f4-527e-11e3-9fff-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {90815a47-527e-11e3-9fff-001e101fa1f5} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {946e3461-b5b7-11e0-b4aa-001e101fb45e} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {9cb6217a-583c-11e2-ac36-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {9e6fb7f9-0c43-11e2-9983-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {a1561f12-c372-11e2-8984-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {a3539b7b-f69d-11e2-ae13-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b1f28f9c-4b74-11e3-adc5-001e101f50a4} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b373e8fb-dbce-11e2-8886-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b373e909-dbce-11e2-8886-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b3a376fd-1087-11e2-980c-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b408f9fa-42e4-11e2-a6eb-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b4189bf5-0020-11e2-95b3-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b45b904e-bf29-11e2-8096-001e101f7f74} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {b98485ea-cbaf-11e6-912e-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {c50f7eb9-f1bf-11e1-9763-001e101fb45e} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {c6968d02-d35d-11e1-b134-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {cb173612-d46b-11e0-be2c-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {ce60178b-50db-11e2-87b5-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {ce60179d-50db-11e2-87b5-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {ce6017a2-50db-11e2-87b5-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {cf3c4500-19d8-11e2-97ef-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {d121506f-caed-11e6-980a-cc52af992d76} - D:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {d1923c3a-fd83-11e1-aa8f-001e101f3315} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {d4792869-8c11-11e4-b838-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {df0950a9-cc6c-11e2-9f16-2c27d7bb51a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {e7c79683-0eea-11e3-9bc4-001e101fb681} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {e8153259-f0dc-11e1-858d-001e101fb681} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {e816edf8-c776-11e0-95b8-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {f98f81f8-dc8c-11e2-8cce-cc52af992d76} - F:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {fc2685f7-acc6-11e0-9eff-cc52af992d76} - G:\AutoRun.exe
    HKU\S-1-5-21-3065275716-3603226169-3020850025-1000\...\MountPoints2: {fc268605-acc6-11e0-9eff-cc52af992d76} - G:\AutoRun.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    BHO-x32: Brak nazwy -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Brak pliku
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
    Toolbar: HKLM - Brak nazwy - !{95B7759C-8C7F-4BF1-B163-73684A933233} - Brak pliku
    Toolbar: HKLM-x32 - Brak nazwy - !{95B7759C-8C7F-4BF1-B163-73684A933233} - Brak pliku
    Toolbar: HKU\S-1-5-21-3065275716-3603226169-3020850025-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nie znaleziono]
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qbbzzc8w.default -> Yahoo
    FF Homepage: Mozilla\Firefox\Profiles\qbbzzc8w.default -> hxxps://www.malwarebytes.org/restorebrowser/
    FF SearchPlugin: C:\Users\Piasek\AppData\Roaming\Mozilla\Firefox\Profiles\qbbzzc8w.default\searchplugins\yahoo-lavasoft.xml [2016-12-17]
    CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
    CHR HKLM-x32\...\Chrome\Extension: [nhfpefkeidlhbjljfdojcnngjbddgein] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx <nie znaleziono>
    S4 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
    S2 HPSLPSVC; C:\Users\Piasek\AppData\Local\Temp\7zS7E09\hpslpsvc64.dll [X] <==== UWAGA
    S3 BT; system32\DRIVERS\btnetdrv.sys [X]
    S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
    S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
    S3 cpuz134; \??\C:\Users\Piasek\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== UWAGA
    U3 DfSdkS; Brak ImagePath
    S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
    S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
    S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 IT9135BDA; System32\Drivers\IT9135BDA.sys [X]
    S3 PBProcessMonitor264; \??\C:\Program Files\PolderbitS\Video Recorder\PBProcessMonitor264.sys [X]
    S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
    2017-02-08 13:35 - 2016-02-16 17:56 - 00000000 ____D C:\AdwCleaner
    2017-02-08 13:34 - 2016-12-17 14:41 - 00000000 ____D C:\Users\Piasek\AppData\Roaming\Lavasoft
    2017-02-08 13:34 - 2016-12-17 14:40 - 00000000 ____D C:\ProgramData\Lavasoft
    2017-02-08 13:34 - 2016-12-17 14:40 - 00000000 ____D C:\Program Files (x86)\Lavasoft
    2011-09-20 20:41 - 2011-06-09 11:03 - 0143240 _____ (Ask.com) C:\Program Files (x86)\Common Files\ApnStub.exe
    2011-09-20 20:41 - 2011-06-09 11:03 - 3486088 _____ (Ask) C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
    EmptyTemp:



    Zamiesc screeny z:
    CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable
    Process Explorer: https://technet.microsoft.com/pl-pl/sysinternals/processexplorer
    Hwinfo (sensors only): https://www.hwinfo.com/download.php
    (cale okna!)

    0
  • #3 19 Lut 2017 22:36
    Gepetto
    Poziom 10  

    Dziękuje. Temat do zamknięcia.

    0