Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Mozolne działanie komputera - możliwy wirus? Proszę o sprawdzenie logów FRST

Generał Mróz 16 Lip 2018 14:03 129 2
  • #2 16 Lip 2018 15:19
    safbot1st
    Poziom 43  

    Odinstaluj
    McAfee Safe Connect (HKLM-x32\...\{CA2B3316-2536-489C-BB9D-B6E15572A90C}) (Version: 1.4.3.156 - McAfee, Inc)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.690.1 - McAfee, Inc.)

    Poniżej fixlist.txt

    CloseProcesses:
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKU\S-1-5-21-1082723092-2675457934-1974529277-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1032624 2018-01-23] (McAfee Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-02-21]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.690\SSScheduler.exe (McAfee, Inc.)
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [320944 2018-01-23] (AnchorFree Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.1
    1.690\McCHSvc.exe [405400 2018-02-19] (McAfee, Inc.)
    S1 cpzmlevy; \??\C:\WINDOWS\system32\drivers\cpzmlevy.sys [X]
    Task: {042976DD-E146-4337-8E28-5902DA14A161} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    Hosts:
    EmptyTemp:

    0
  • #3 16 Lip 2018 21:27
    RADU23
    Moderator - Komputery Serwis

    @Generał Mróz

    Otwórz notatnik i wklej zawartość:

    Cytat:
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    S1 cpzmlevy; \??\C:\WINDOWS\system32\drivers\cpzmlevy.sys [X]
    WinThruster (HKLM\...\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}) (Version: 1.16.7 - Solvusoft Corporation) Hidden <==== UWAGA
    WinThruster (HKLM-x32\...\WinThruster) (Version: 1.16.7 - Solvusoft Corporation) <==== UWAGA
    Task: {042976DD-E146-4337-8E28-5902DA14A161} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA


    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0