Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Re: Użycie CPU 100 prosze o pomoc

xDominocPvP1337 01 Gru 2017 13:33 519 11
  • #1 01 Gru 2017 13:33
    xDominocPvP1337
    Poziom 3  

    Zawsze mam 100% CPU gdy odpale menadżera zadań to się zmniejsza troche proszę o pomoc

    0 11
  • #3 01 Gru 2017 13:40
    nomudrek
    Poziom 27  

    Ale jaki proces tak obciaża procesor?

    0
  • #4 01 Gru 2017 13:50
    xDominocPvP1337
    Poziom 3  

    ADW cleaner'a nie mogę uruchomić ponieważ pisze że ten program jest zablokowany z powodu ochrony użytkownika.Proces obciążający to :Proces bezczynności procesora i securedisk

    Dodano po 3 [minuty]:

    Re: Użycie CPU 100 prosze o pomoc

    0
  • #8 01 Gru 2017 14:23
    Kolobos
    Spec od komputerów

    Masz zainfekowany system.

    Zamiesc jeszcze addition.txt, ktory wygenerowal frst.

    0
  • #9 01 Gru 2017 14:28
    xDominocPvP1337
    Poziom 3  

    Poprawiłem link bo nie mogłem pisac

    0
  • #10 01 Gru 2017 14:37
    Kolobos
    Spec od komputerów

    Nie pobieraj programow przy uzyciu menadzerow pobierania, ktore instaluja szkodliwe dodatki (np. z dobrychprogramow). Pobieraj TYLKO z bezposrednich linkow.
    Nie uzywaj tez wiecej combofix.

    Z tego co widze to do infekcji doszlo po uruchomieniu czegos z
    2017-11-30 10:17 - 2017-11-30 10:17 - 000635161 _____ C:\Users\1\Downloads\BrazzersKonta.zip
    Na przyszlosc mysl wlasciowa glowa i nie sciagaj ani nie uruchamiaj takich plikow. Plik oczywiscie tez usun.

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== UWAGA

    W FRST wybierz napraw.

    Nastepnie odinstaluj:
    Online Application
    Advanced SystemCare 10
    CCleaner
    YoutubeAdBlock

    W razie problemow z deinstalacja, pomin i wykonaj reszte.

    Usun recznie te pliki:
    C:\Users\1\Desktop\Wszystko\Gооglе Сhrоmе.lnk
    C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
    C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk

    I utworz nowe skroty do Chrome oraz IE.

    Utworz kolejny Fixlist.txt z taka zawartoscia:
    CloseProcesses:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
    ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
    ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
    Task: {33FE0363-1339-455A-B8C6-18BAAC39ADEC} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {43926049-4A25-4241-86BD-F9B42A6E4070} - System32\Tasks\LaCieS => C:\Disk\WebService.exe [2017-09-18] (TODO: <Company name>)
    Task: {482D5CAF-B522-43E1-B28E-4013AA2F69BC} - System32\Tasks\{1F13D7DC-8354-44DF-BDD3-BA5282D1DB54} => C:\Windows\system32\pcalua.exe -a "C:\Users\1\Desktop\forge-1.7.10-10.13.4.1614-1.7.10-installer-win (1).exe" -d C:\Users\1\Desktop
    Task: {4EFBA772-5184-4501-8EE3-11FD9F289F63} - System32\Tasks\BmHhCekqquvtRi => rundll32 "C:\Program Files (x86)\vknAtWNPMhpU2\lbwdpfLQNDYgY.dll",#1




    Task: {4F314B84-7420-4027-9092-171B5B2C073D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-28] (Piriform Ltd)
    Task: {54DBC644-9B06-4DB0-953A-56D7B9ABE214} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {5D2C2B3A-378D-4EFB-9364-A3CB4F9CDCC3} - System32\Tasks\Batman TV Feed => C:\Windows\system32\rundll32.exe "C:\Program Files\Batman TV Feed\Batman TV Feed.dll",EZpYrjK <==== UWAGA
    Task: {712AA4D0-33CA-4661-8E90-9E5EDE7A0D42} - System32\Tasks\{2D0CB7DF-D56C-4926-9627-8CD507490EE0} => C:\Windows\system32\pcalua.exe -a "C:\Users\1\Desktop\server\forge-1.7.10-10.13.4.1558-1.7.10-installer-win (1).exe" -d C:\Users\1\Desktop\server
    Task: {71FB9162-86E4-449F-AD4F-34350FB8BC93} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-10-20] (IObit)
    Task: {855482F2-AB8C-487F-A13B-3F599EC5760E} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {8AD47635-7270-4008-9B3E-6E10AF1B6122} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {8C111A8A-E71F-4753-AB90-1F1E12FF50C9} - System32\Tasks\Driver Booster SkipUAC (1) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
    Task: {95D12BFC-48E7-46A6-A7BD-6E54D4A43B8D} - System32\Tasks\jVVcebPoCjhHKmi2 => rundll32 "C:\Program Files (x86)\ExRIRmygU\bdfQDg.dll",#1
    Task: {9D53E4E5-B4B4-41FB-9C39-4E041ABD3AC7} - System32\Tasks\{745753B0-6A78-42B3-9115-688CE9704480} => C:\Windows\system32\pcalua.exe -a C:\Users\1\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe -d C:\Windows\SysWOW64 -c /groupsextract:100;101;102; /out:"C:\Users\1\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:3336
    Task: {9ED06AF8-BC01-467B-B60A-DAC6E980706A} - System32\Tasks\boQbXxbEJPaDgWztw => rundll32 "C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\BcPMmfQ.dll",#1
    Task: {A0BD4873-D754-496E-B788-9669B26A7B17} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\1\AppData\Roaming\Adobe\Manager.exe
    Task: {B2A614C3-1F05-4BF4-BDBD-09C9E96E6B89} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== UWAGA
    Task: {C4F30E85-A52F-432D-9927-AA888A0EC19A} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {C612FE68-5809-441B-9781-E76EEB2E6D64} - System32\Tasks\boQbXxbEJPaDgWztw2 => rundll32 "C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\BcPMmfQ.dll",#1
    Task: {D240AAD8-2098-4D8F-9C7A-1CC7AAFD8347} - System32\Tasks\{9F42F5B3-EEF7-445A-9764-A0CC508980E0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\D2GF1PC9LO\uninstaller.exe" -d "C:\Program Files\D2GF1PC9LO"
    Task: {D33C345B-DC1C-48F3-BB2B-BA4ACC63BDD5} - System32\Tasks\jVVcebPoCjhHKmi => rundll32 "C:\Program Files (x86)\ExRIRmygU\bdfQDg.dll",#1
    Task: {ED762FED-8730-4B40-903C-B0604CAF9E97} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {EF6E3616-6310-4C2A-B892-FBA533AB8008} - System32\Tasks\ASC10_SkipUac_1 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-10-24] (IObit)
    Task: C:\Windows\Tasks\boQbXxbEJPaDgWztw.job => C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\BcPMmfQ.dll
    Task: C:\Windows\Tasks\jVVcebPoCjhHKmi.job => C:\Program Files (x86)\ExRIRmygU\bdfQDg.dll
    Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [432]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [432]
    AlternateDataStreams: C:\Users\1\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\1\Dane aplikacji:NT2 [432]
    AlternateDataStreams: C:\Users\1\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\1\AppData\Roaming:NT2 [432]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [432]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
    Hosts:
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
    () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    () C:\Windows\temp\g2D19.tmp.exe
    (TODO: <Company name>) C:\Disk\WebService.exe
    (TODO: <Company name>) C:\Disk\WebService.exe
    (PC Tools) C:\Disk\securedisk.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
    HKLM-x32\...\Run: [booster] => "C:\Users\1\AppData\Local\PCBooster\booster.exe" -o 188.42.242.221:3333 -u 49YfoE2xWHG1vywX2xTV8XZzBzB1E2QHEF9GtzPKSPRdK5TEkxXGRxVdAq8LwbA2Pz7jNQ9gYBxeFPHcqiiqaGJM2QyW64C -p WORKER-64-1411 -k --backgr (dane wartości zawierają 21 znaków więcej).
    HKLM\...\RunOnce: [1-KOMPUTER] => C:\Windows\TEMP\g2D18.tmp.exe [215040 2017-12-01] () <==== UWAGA
    HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== UWAGA
    HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== UWAGA
    HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== UWAGA
    HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== UWAGA
    HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== UWAGA
    HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== UWAGA
    HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== UWAGA
    HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== UWAGA
    HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== UWAGA
    HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== UWAGA
    HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== UWAGA
    HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== UWAGA
    HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-2754168526-3365084882-6796978-1000\...\Run: [TablacusApp2] => C:\Users\1\AppData\Roaming\TablacusApp2\TablacusApp.exe [626176 2017-11-30] (iegyym EFYDLOYMOP)
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    BHO: YoutubeAdBlock -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> C:\Program Files (x86)\gVEKLTxUjIE\t1N6WSy.dll [2017-11-30] ()
    BHO-x32: YoutubeAdBlock -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> C:\Program Files (x86)\gVEKLTxUjIE\kh6VAO5M.dll [2017-11-30] ()
    FF user.js: detected! => C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\dafvtcf5.default\user.js [2017-09-22]
    OPR Extension: (Tables) - C:\Users\1\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-11-30]
    OPR Extension: (0) - C:\Users\1\AppData\Roaming\Opera Software\Opera Stable\Extensions\keakaoleafeemhlcpdgcgnaehpeofopp [2017-11-30]
    C:\Users\1\AppData\Roaming\Opera Software\Opera Stable\Extensions\keakaoleafeemhlcpdgcgnaehpeofopp
    C:\Users\1\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj
    R2 AdsService; C:\Users\1\AppData\Local\AdService\AdService.dll [716800 2017-11-30] () [Brak podpisu cyfrowego]
    R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
    R1 wfcre; C:\Windows\System32\drivers\wfcre.sys [132992 2017-11-14] ()
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 EverestDriver; \??\C:\Users\1\AppData\Local\Temp\EverestDriver.sys [X] <==== UWAGA
    R3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.5\temp\FairplayKD.sys [X]
    S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
    2017-12-01 13:17 - 2017-12-01 13:17 - 000003146 _____ C:\Windows\System32\Tasks\{9F42F5B3-EEF7-445A-9764-A0CC508980E0}
    2017-11-30 19:31 - 2017-11-30 19:31 - 001587096 _____ ( ) C:\Users\1\Downloads\Everest-Home-Edition-11558-AsystentPobierania.exe
    2017-11-30 10:58 - 2017-11-30 10:58 - 000018437 _____ C:\ComboFix.txt
    2017-11-30 10:53 - 2017-11-30 10:53 - 000000266 __RSH C:\Users\1\ntuser.pol
    2017-11-30 10:30 - 2017-11-30 10:58 - 000000000 ____D C:\Qoobox
    2017-11-30 10:30 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe
    2017-11-30 10:30 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe
    2017-11-30 10:30 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2017-11-30 10:30 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2017-11-30 10:30 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2017-11-30 10:30 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe
    2017-11-30 10:30 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe
    2017-11-30 10:30 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe
    2017-11-30 10:26 - 2017-11-30 10:27 - 005659763 ____R (Swearware) C:\Users\1\Downloads\ComboFix.exe
    2017-11-30 10:25 - 2017-11-30 10:25 - 000000000 ____D C:\ProgramData\5de82ce0-5317-0
    2017-11-30 10:25 - 2017-11-30 10:25 - 000000000 ____D C:\ProgramData\5de82ce0-25c1-1
    2017-11-30 10:24 - 2017-11-30 10:24 - 000000004 _____ C:\ProgramData\rwi.xfad
    2017-11-30 10:24 - 2017-11-30 10:24 - 000000000 ____D C:\ProgramData\Microleaves
    2017-11-30 10:23 - 2017-12-01 12:49 - 000000302 _____ C:\Windows\Tasks\boQbXxbEJPaDgWztw.job
    2017-11-30 10:23 - 2017-11-30 10:23 - 000002728 _____ C:\Windows\System32\Tasks\boQbXxbEJPaDgWztw2
    2017-11-30 10:23 - 2017-11-30 10:23 - 000002576 _____ C:\Windows\System32\Tasks\boQbXxbEJPaDgWztw
    2017-11-30 10:23 - 2017-11-30 10:23 - 000000000 ____D C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER
    2017-11-30 10:22 - 2017-12-01 13:44 - 000000342 _____ C:\Windows\Tasks\Online Application V2G3.job
    2017-11-30 10:22 - 2017-12-01 13:44 - 000000342 _____ C:\Windows\Tasks\Online Application V2G2.job
    2017-11-30 10:22 - 2017-12-01 13:40 - 000000342 _____ C:\Windows\Tasks\Online Application V2G6.job
    2017-11-30 10:22 - 2017-12-01 13:40 - 000000342 _____ C:\Windows\Tasks\Online Application V2G5.job
    2017-11-30 10:22 - 2017-12-01 13:40 - 000000342 _____ C:\Windows\Tasks\Online Application V2G4.job
    2017-11-30 10:22 - 2017-12-01 12:49 - 000000280 _____ C:\Windows\Tasks\jVVcebPoCjhHKmi.job
    2017-11-30 10:22 - 2017-11-30 22:24 - 000000374 _____ C:\Windows\Tasks\Updater_Online_Application.job
    2017-11-30 10:22 - 2017-11-30 10:23 - 000000000 ____D C:\Users\1\AppData\LocalLow\ZUAwrnxgIZhKc
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003222 _____ C:\Windows\System32\Tasks\LaCieS
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003206 _____ C:\Windows\System32\Tasks\Updater_Online_Application
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G6
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G5
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G4
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G3
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G2
    2017-11-30 10:22 - 2017-11-30 10:22 - 000003060 _____ C:\Windows\System32\Tasks\BmHhCekqquvtRi
    2017-11-30 10:22 - 2017-11-30 10:22 - 000002706 _____ C:\Windows\System32\Tasks\jVVcebPoCjhHKmi2
    2017-11-30 10:22 - 2017-11-30 10:22 - 000002554 _____ C:\Windows\System32\Tasks\jVVcebPoCjhHKmi
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Windat
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Users\1\AppData\Local\AdService
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Program Files (x86)\vknAtWNPMhpU2
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Program Files (x86)\Microleaves
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Program Files (x86)\gVEKLTxUjIE
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Program Files (x86)\FpGcSjfNZDUn
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Program Files (x86)\ExRIRmygU
    2017-11-30 10:22 - 2017-11-30 10:22 - 000000000 ____D C:\Disk
    2017-11-30 10:21 - 2017-12-01 13:44 - 000000342 _____ C:\Windows\Tasks\Online Application V2G1.job
    2017-11-30 10:21 - 2017-11-30 10:49 - 000000000 ____D C:\Users\1\AppData\Roaming\mlpplsmakmr
    2017-11-30 10:21 - 2017-11-30 10:49 - 000000000 ____D C:\Users\1\AppData\Roaming\fzeyofeuahs
    2017-11-30 10:21 - 2017-11-30 10:21 - 000003170 _____ C:\Windows\System32\Tasks\Online Application V2G1
    2017-11-30 10:21 - 2017-11-30 10:21 - 000000000 ____D C:\Users\1\AppData\Roaming\Easeware
    2017-11-30 10:20 - 2017-11-30 10:49 - 000000000 ____D C:\Users\1\AppData\Roaming\yppvtlu225m
    2017-11-30 10:20 - 2017-11-30 10:49 - 000000000 ____D C:\Users\1\AppData\Roaming\edefvt423em
    2017-11-30 10:20 - 2017-11-30 10:30 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
    2017-11-30 10:20 - 2017-11-30 10:30 - 000001910 _____ C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
    2017-11-30 10:20 - 2017-11-30 10:20 - 000000000 ____D C:\Users\1\AppData\Roaming\BrowserModule
    2017-11-30 10:20 - 2017-11-30 10:20 - 000000000 ____D C:\Users\1\AppData\Local\AdvinstAnalytics
    2017-11-30 10:19 - 2017-12-01 13:48 - 000016710 _____ C:\Windows\System32\Tasks\Batman TV Feed
    2017-11-30 10:19 - 2017-11-30 18:54 - 000000000 ____D C:\Program Files (x86)\WeatherInspect
    2017-11-30 10:19 - 2017-11-30 10:49 - 000000000 ____D C:\Users\1\AppData\Roaming\5p4tbwelqqc
    2017-11-30 10:19 - 2017-11-30 10:19 - 000000000 ____D C:\Users\1\AppData\Roaming\Microleaves
    2017-11-30 10:19 - 2017-11-30 10:19 - 000000000 ____D C:\ProgramData\0c1009c0-28f3-0
    2017-11-30 10:18 - 2017-11-30 20:04 - 000000000 ____D C:\Users\1\AppData\Local\PCBooster
    2017-11-30 10:18 - 2017-11-30 10:34 - 000000000 ____D C:\Users\1\AppData\Roaming\One System Care
    2017-11-30 10:18 - 2017-11-30 10:19 - 000000000 ____D C:\ProgramData\0c1009c0-7417-1
    2017-11-30 10:18 - 2017-11-30 10:18 - 000000000 ____D C:\Users\1\AppData\Roaming\TablacusApp2
    2017-11-30 10:18 - 2017-11-30 10:18 - 000000000 ____D C:\Users\1\AppData\Local\Optimizer
    2017-11-30 10:18 - 2017-11-30 10:18 - 000000000 ____D C:\Program Files\Easeware
    2017-11-28 16:08 - 2017-11-28 16:08 - 001532832 _____ ( ) C:\Users\1\Downloads\Your File Is Ready To Download_VgShcH_1689091120.exe
    2017-11-18 16:53 - 2017-11-18 16:53 - 001572192 _____ ( ) C:\Users\1\Downloads\DAEMON-Tools-Lite-12708-AsystentPobierania.exe
    2017-11-30 10:33 - 2017-10-20 06:54 - 000002884 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (1)
    2017-08-22 18:44 - 2017-08-22 18:44 - 000000058 _____ () C:\Users\1\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    C:\Windows\TEMP\g2D18.tmp.exe

    W FRST wybierz Napraw.

    Po wykonaniu uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Na koniec zamiesc nowe logi z FRST, ze skanowania.

    0
  • #11 01 Gru 2017 14:59
    xDominocPvP1337
    Poziom 3  

    Nie ogarniam trochę jak zrobic z tym FRST

    0
  • #12 01 Gru 2017 16:39
    Kolobos
    Spec od komputerów

    Ale czytac potrafisz? W takim razie wykonaj to co napisalem. Otworz notatnik, wklej do niego to co podalem i zapisz pod nazwa Fixlist.txt w katalogu do ktorego pobrales frst.

    0