Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Spowlniony windows 8.1 64 bit - wirus ?

NeVerMine 30 Sie 2017 12:23 504 6
  • Pomocny post
    #2 30 Sie 2017 13:42
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku
    ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {211AA05F-DFF4-4C18-80E4-BB7248B39E6D} - System32\Tasks\{5E0ADC6F-D1BF-4597-86AB-A4544331BF9D} => C:\Windows\system32\pcalua.exe -a C:\Users\ACER\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: F - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {13b998fb-f556-11e4-8271-f8a963de9abc} - "F:\Startme.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {438b7f21-66f8-11e6-82be-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {438b7f51-66f8-11e6-82be-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {53d416e3-061a-11e6-82a9-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {5aca214e-993e-11e5-8294-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {66b84fdf-eefa-11e6-82d4-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {802615be-0922-11e6-82aa-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {b4054146-98e4-11e5-8292-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {b4054187-98e4-11e5-8292-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa012243-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa0122bb-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa01230f-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa012317-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa012329-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2086042201-927610313-3130997700-1001\...\MountPoints2: {fa01235a-4766-11e6-82bd-b010412293ca} - "F:\AutoRun.exe"
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1




    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-2086042201-927610313-3130997700-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2086042201-927610313-3130997700-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2086042201-927610313-3130997700-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
    SearchScopes: HKU\S-1-5-21-2086042201-927610313-3130997700-1001 -> {96E5D07E-5E88-4286-9E61-626842444831} URL =
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nie znaleziono>
    CHR HKU\S-1-5-21-2086042201-927610313-3130997700-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    2017-08-30 11:43 - 2017-08-30 12:09 - 000000000 ____D C:\Users\ACER\Doctor Web
    2017-08-30 11:43 - 2017-08-30 11:43 - 000000000 ____D C:\ProgramData\Doctor Web
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze obok FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #4 14 Paź 2017 12:20
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt dla FRST:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Task: {0B3F0A33-E54D-4648-B471-87FD1DB28A06} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
    Task: {31B6B815-237D-41FD-8268-EB2C11D442E0} - System32\Tasks\Opera scheduled Autoupdate 1482683102 => C:\Users\kacper\AppData\Local\Programs\Opera\launcher.exe [2017-10-10] (Opera Software)
    Task: {32F5F3A8-C408-485A-AA62-128139607BC1} - System32\Tasks\Opera scheduled suite Autoupdate 1482683114 => C:\Users\kacper\AppData\Local\Programs\Opera\launcher.exe [2017-10-10] (Opera Software)
    Task: {5C5A836B-7CEC-43CA-B4C3-6518FD58766F} - System32\Tasks\{290A0E81-B13F-4F2A-A6E0-15298B140CB4} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
    Task: {683DA74B-0653-42F5-9F08-3FD8FA75DC39} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
    Task: {87CFC428-A07E-455C-BE9B-7255FC14AED8} - System32\Tasks\{07BE92A0-A075-43FF-A596-66F3307579EA} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/pl/abandoninstall?source=lightinstaller&page=tsMain
    Task: {BEC8A0D2-1492-441F-A794-00239B54BA82} - System32\Tasks\{AF2AC1E9-154F-4900-9C29-BE308EDE37F8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/pl/abandoninstall?source=lightinstaller&page=tsMain
    HKU\S-1-5-21-1702650318-4005386671-126545580-1001\...\Run: [Opera Browser Assistant] => C:\Users\kacper\AppData\Local\Programs\Opera\suite\browser_assistant.exe [1263704 2017-05-30] (Opera Software)
    HKU\S-1-5-21-1702650318-4005386671-126545580-1001\...\MountPoints2: {fe7ca493-12b4-11e7-82b0-f0761c17597c} - "F:\AutoRun.exe"
    IFEO\taskmgr.exe: [Debugger]
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Brak pliku
    FF Homepage: Mozilla\Firefox\Profiles\9cebcaw8.default -> user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser/
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    HKU\S-1-5-21-1702650318-4005386671-126545580-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bangtony\Application\chrome.exe <==== UWAGA
    S2 DsSvc; C:\ProgramData\Package Cache\{00C5024D-925C-4E9E-A8E6-F9B84ABE0DA0}\packages\Win81_SDK\9bcb3fab78e80d68be28892ea7ad46c3.msp:dp [X] <==== UWAGA
    U1 aswbdisk; Brak ImagePath
    S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
    S3 X6va064; \??\C:\WINDOWS\SysWOW64\Drivers\X6va064 [X]
    2017-10-14 11:04 - 2017-10-14 11:55 - 000000000 ____D C:\AdwCleaner
    2017-10-14 10:09 - 2014-10-06 16:33 - 000000000 ____D C:\ProgramData\McAfee
    2017-10-14 10:09 - 2014-10-06 16:33 - 000000000 ____D C:\Program Files (x86)\McAfee
    EmptyTemp:



    Zamiesc screen z:
    CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable
    oraz:
    Process Explorer: https://technet.microsoft.com/pl-pl/sysinternals/processexplorer
    (cale okna)

    0
  • Pomocny post
    #6 14 Paź 2017 12:57
    Kolobos
    Spec od komputerów

    Masz zamiescic CALE okno z PE, a nie dwa razy srodkowa czesc i to tez obcieta.

    0
  • Pomocny post
    #7 14 Paź 2017 15:46
    safbot1st
    Poziom 43  

    Zamieść ponownie SMART z CDI - porównamy, gdyż (BC) szybuje = dysk nie odpowiada na komendy. Przeżył wstrząsy (BF).
    Obawiam się, że sprzęt sam w sobie jest powodem spowolnień.
    Jakim zasilaczem (model, marka) to wszystko zasilasz?

    0