Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Infekcja laptopa Win8.1- bardzo niska wydajność

dysiel 12 Sie 2018 20:16 141 5
  • #1 12 Sie 2018 20:16
    dysiel
    Poziom 3  

    Witam, problem polega na tym iż zniknał program antyvisrusowy avast, przegladarka ,,ten komputer" nie reagowała, tak samo jak ctrl+alt+del spowodowało totalne zawieszenie pulpitu(komputera). Po restarcie wszystko wróciło do normy.
    Przesyłam logi z frst.
    Z góry dziękuje za pomoc.

    0 5
  • #2 12 Sie 2018 20:28
    Kolobos
    Spec od komputerów

    Skoro system sie zawiesil to normalne, ze avast nie dzialal.

    Brakuje addition.txt z FRST.

    Co to za pliki?
    2017-12-22 23:33 - 2015-10-23 02:53 - 000003584 _____ () C:\Users\Karool\Drumatic 3.64.dll
    2017-12-22 23:33 - 2015-10-23 02:53 - 000003584 _____ () C:\Users\Karool\minimoog V.64.dll
    2017-12-22 23:33 - 2015-10-23 02:53 - 000003584 _____ () C:\Users\Karool\Predator.64.dll
    2017-12-22 23:33 - 2015-10-23 02:53 - 000003584 _____ () C:\Users\Karool\Sawer.64.dll
    2017-12-22 23:33 - 2015-10-23 02:53 - 000003584 _____ () C:\Users\Karool\Twist 2_x64.64.dll

    Wykonaj Fixlist.txt dla FRST:
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3709896 2015-11-04] (Napisy24.pl)
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {0fe8b54a-ed70-11e7-82b4-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {180107ca-f873-11e7-82b5-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {2a4b50f2-c830-11e6-8272-806e6f6e6963} - "F:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {34a954d7-cdeb-11e6-8277-acfdce355d26} - "G:\setup.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {3f4e5b5b-8748-11e7-82ab-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {3f4e5e93-8748-11e7-82ab-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {3f4e615a-8748-11e7-82ab-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {3f4e61a4-8748-11e7-82ab-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {4c03d4e0-657d-11e8-82c5-acfdce355d26} - "E:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {67149ba4-e41f-11e6-8281-acfdce355d26} - "E:\Setup\rsrc\autorun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {67149f3a-e41f-11e6-8281-acfdce355d26} - "F:\_AUTORUN\AUTORUN.EXE"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {84325692-c631-11e6-8271-acfdce355d26} - "F:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {9513a29c-c5fa-11e6-826e-acfdce355d26} - "F:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {9513a2f4-c5fa-11e6-826e-acfdce355d26} - "F:\AutoRun.exe"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {b475554c-a630-11e7-82ac-acfdce355d26} - "G:\_AUTORUN\AUTORUN.EXE"
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {b687bbeb-38ba-11e7-8297-acfdce355d26} - "E:\LaunchU3.exe" -a
    HKU\S-1-5-21-756321152-1871159502-821472197-1001\...\MountPoints2: {d2568aac-2676-11e7-8295-acfdce355d26} - "E:\AutoRun.exe"
    GroupPolicy: Restriction ? <==== ATTENTION
    Tcpip\..\Interfaces\{7AE6C886-3395-48C2-8248-BAB2B4D5C201}: [DhcpNameServer] 13.5.0.88
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\C:\OA30\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]


    Zamiesc screen calego okna z:
    CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable

    0
  • #5 14 Sie 2018 20:41
    RADU23
    Moderator - Komputery Serwis

    W Addition widać jedynie kilka wpisów. Możesz wykonać jeszcze taki fixlist:

    Cytat:
    AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\ProgramData\PACE:99BFF1275D0780FE [217]

    0