Elektroda.pl
Elektroda.pl
X
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

[Solved] serdeczna pro¶ba o sprawdzenie logów

Galandir 23 Dec 2021 21:58 156 5
  • Helpful post
    #2
    Kolobos
    IT specialist
    Odinstaluj:
    SpyHunter
    GridinSoft Anti-Malware

    Sam to dodales?
    Startup: C:\Users\galan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStartMenadżer.bat [2020-12-07] () [Brak podpisu cyfrowego]

    Fixlist.txt:
    CloseProcesses:
    (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
    C:\Program Files\EnigmaSoft\
    (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\galan\AppData\Roaming\.dllbackups\dllservices.exe
    (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\galan\AppData\Local\Temp\1y6QaG1dVqmqkzRvawVNVxn3bhE\dllservices.exe <4>
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\Run: [Napisy24.pl] => C:\Program Files\Napisy24\Napisy24.exe [11889152 2020-11-06] (Napisy24.pl) [Brak podpisu cyfrowego]
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\galan\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\Run: [electron.app.dllservices] => C:\Users\galan\AppData\Roaming\.dllbackups\dllservices.exe [63924677 2021-12-21] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu]
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\MountPoints2: {7322a804-6b17-11eb-84cf-902b346383a0} - "J:\setup.exe"
    HKU\S-1-5-21-627756873-3696626691-1916622033-1001\...\MountPoints2: {7322a902-6b17-11eb-84cf-902b346383a0} - "K:\setup.exe"
    Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
    Task: {1FA1397F-FCC2-4D7E-AC04-E294F10977E4} - System32\Tasks\Opera GX scheduled Autoupdate 1613181166 => C:\Users\galan\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
    Task: {30BAE55A-8D56-4E21-B751-1D10A1DCD90C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
    Task: {491916D9-E32C-41D8-AB05-0A5FB9E06D7B} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [25631304 2021-12-08] (GridinSoft, LLC -> Gridinsoft LLC)
    Task: {5BBF1597-1AC9-4C9A-95C1-6A32743D2F1B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
    Task: {5FEF4A66-DA58-478F-92A9-8F50EE0355DF} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614947142 => C:\Users\galan\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\galan\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
    Task: {6CA45182-5E82-41B3-A701-F0F13840D296} - System32\Tasks\Agent Activation Runtime\NlsDatework.Royale => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe C:\Users\galan\AppData\Local\ProfActive\VdapBare\SrcEpm_Medvd.dll
    Task: {F493629D-05F6-4FEB-BC34-0F51DB53C5D0} - System32\Tasks\Opera scheduled Autoupdate 1612910163 => C:\Users\galan\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software)
    CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://mysearch.avg.com
    S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]
    2021-12-23 21:47 - 2021-12-23 21:47 - 000000000 ____D C:\Users\galan\Desktop\FRST-OlderVersion
    2021-12-23 20:05 - 2021-12-23 20:05 - 000000000 ____D C:\Users\galan\AppData\Roaming\Ookla
    2021-12-21 18:59 - 2021-12-23 21:45 - 000000000 ____D C:\Users\galan\AppData\Roaming\dll-propagation
    2021-12-21 18:58 - 2021-12-23 21:05 - 000000000 ____D C:\Users\galan\AppData\Roaming\dllservices
    2021-12-21 18:58 - 2021-12-21 18:58 - 000000000 ___HD C:\Users\galan\AppData\Roaming\.dllbackups
    EmptyTemp:
  • #3
    Galandir
    Level 2  
    Nie dodawałem nic, chociaż może dzieciaki się bawiły. Ehhhh trzeba męsk± rozmowę przeprowadzić. Natomiast SpyHunter i GridinSoft Anti-Malware to efekt po ataku Virusa Leex na mój komputer. Radzono bym to zainstalował. :/
  • Helpful post
    #4
    Kolobos
    IT specialist
    To usun tez:
    Startup: C:\Users\galan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStartMenadżer.bat [2020-12-07] () [Brak podpisu cyfrowego]

    Leex to nie wirus tylko infekcja szyfrujaca pliki. Na przyszlosc nie instaluj badziewia typu SpyHunter itp.
  • #5
    Galandir
    Level 2  
    Super, dzięki za pomoc. Pozdrawiam
  • #6
    Galandir
    Level 2  
    Super, dzięki za pomoc. Pozdrawiam

    Dodano po 1 [minuty]:

    FRST pomógł