Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prosze o sprawdzenie logów

jezikk 14 Lis 2018 14:25 60 4
  • #2 14 Lis 2018 14:43
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Spybot - Search & Destroy
    ITbrain AntiMalware

    Wykonaj Fixlist.txt dla FRST:
    Task: {01B995F9-DD70-445B-B002-6DEE2A063951} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    Task: {0D298590-33FA-489C-B9C4-6D49AAFEF909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {2A1889E5-6FF6-4121-861F-8CF2E7298CFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
    Task: {2B8BAEB9-8DA0-49BC-BBFD-7DA95F0681D0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {3591D517-B0EE-441A-85DB-11EC2F60DC27} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {52D59A08-BC59-4FCB-96B6-E01A45842B7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {5E7A0844-5B3B-44BF-928C-83358012E9B2} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA
    Task: {64764366-8DE1-40B2-8E60-82A69E590D31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {8F05AEAA-818D-4D35-A67A-2C9DC6BF2877} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {98CB88BA-1CAB-4C47-BEC6-BC51FA824DC9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {9CF91EE3-F96D-4006-8021-C4AFB2B1C476} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
    Task: {BE3BECDF-38E8-4AAE-A13A-F2C822651143} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {CA79130D-2815-4A14-8FB1-D583A50DDC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {E2145C5C-9C16-4718-A0B7-46092111A157} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
    Task: {E512D952-A660-437F-9A72-FCDF2EB61D4A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {ECA67146-DC54-4456-B4BE-61E6315E0DD9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
    Task: {F08C92C5-31BC-40EC-9D64-A664041EF7A5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {F9FD1139-A16E-4DB5-978B-13B43C56796C} - System32\Tasks\{C97F2693-9713-4FCF-90BE-5487A984F330} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ryszard Jezierski\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\SkyDriveSetup.exe" -c /uninstall
    Task: {FAF0B716-481A-4708-AFCB-067D0D01ECDA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA




    Hosts:
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    C:\ProgramData\molecule-76\
    C:\ProgramData\gsm900-59\
    C:\Users\Ryszard Jezierski\AppData\Roaming\current-32\
    HKU\S-1-5-21-2482127469-3211399756-2625842056-1001\...\Run: [molecule-31] => C:\ProgramData\molecule-76\molecule-81.exe [884224 2018-10-14] ()
    HKU\S-1-5-21-2482127469-3211399756-2625842056-1001\...\Winlogon: [Shell] C:\ProgramData\gsm900-59\gsm900-15.exe -51,explorer.exe <==== UWAGA
    Startup: C:\Users\Ryszard Jezierski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\current-6.lnk [2018-11-14]
    ShortcutTarget: current-6.lnk -> C:\Users\Ryszard Jezierski\AppData\Roaming\current-32\current-2.exe ()
    BootExecute: autocheck autochk * sdnclean64.exe
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
    R4 gzflt; C:\Program Files\ITbrain\AntiMalware\gzflt.sys [178384 2017-11-09] (BitDefender LLC)
    2018-11-14 13:57 - 2018-11-14 13:57 - 002416128 _____ (Farbar) C:\Users\Ryszard Jezierski\Downloads\FRST64(1).exe
    2018-11-12 13:52 - 2018-11-12 13:52 - 000000000 ____D C:\Program Files\ITbrain
    2018-11-02 18:48 - 2018-11-02 18:48 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2018-11-02 18:48 - 2018-11-02 18:48 - 000001460 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2018-11-02 18:48 - 2018-11-02 18:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
    2018-11-02 18:42 - 2018-11-02 18:43 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Ryszard Jezierski\Downloads\spybotsd-2.7.64.0.exe
    2018-11-02 17:59 - 2018-11-12 22:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2018-11-02 17:59 - 2018-11-02 19:28 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2018-11-02 17:59 - 2018-11-02 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2018-11-02 17:59 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
    2018-11-02 17:57 - 2018-11-02 17:57 - 000425304 _____ (Secure By Design Inc.) C:\Users\Ryszard Jezierski\Downloads\Ninite Malwarebytes Spybot 2 Installer.ex
    2018-09-11 18:09 - 2018-11-14 10:50 - 000000000 ____D C:\ProgramData\gsm900-59
    2018-11-14 10:46 - 2018-04-29 02:05 - 000000000 ____D C:\ProgramData\molecule-76

    0
  • Pomocny post
    #4 14 Lis 2018 15:19
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0
  • #5 14 Lis 2018 15:29
    jezikk
    Poziom 7  

    Dziekuje za szybka pomoc. Mam nadzieje ze nic nie wroci.

    0