Komputer wolno działa - podejrzenie wirusa


(Danbar1990) #1

Prosze o sprawdzenie logów, ponieważ komputer strasznie zamula.

Z góry dziękuje za pomoc

FRST http://wklej.to/ejhWT

Addition http://wklej.to/EhupK


(Dimatheus) #2

solusek111 , zapoznaj się, proszę, z tym tematem, a następnie - korzystając z przycisku Edytuj (na dole pierwszego posta po prawej stronie) i opcji Użyj pełnego edytora - popraw tytuł wątku tak, by mówił konkretnie o problemie. Poprawnie zatytułowany wątek zwiększa szansę na uzyskanie szybkiej pomocy. Zignorowanie tej prośby będzie skutkować przeniesieniem tematu do kosza.

Pozdrawiam,

Dimatheus


(Atis) #3

W panelu sterowania odinstaluj:

FoxTab Media Player

GeekBuddy

McAfee Security Scan Plus

Video Download Converter version 1.0.0.0

Web Browser Packages

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Danbar1990) #4

FRST http://wklej.to/lkcN5


(Atis) #5

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-507921405-963894560-1417001333-1004\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [1379840 2011-08-16] ()
HKU\S-1-5-21-507921405-963894560-1417001333-1004\...\Policies\Explorer: [RestrictRun] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-507921405-963894560-1417001333-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-507921405-963894560-1417001333-1004 -> URL http://startsear.ch/?aff=2&src=sp&cf=783793e8-67cf-11e1-9d7d-001a4d8b91df&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TinyBHO Class -> {00e71626-0bef-11dc-8314-0800200c9a66} -> C:\Documents and Settings\Michał\Dane aplikacji\DownloaderGold\ieplug.dll No File
BHO: TinyBHO Class -> {00e71626-0bef-11dc-8314-0864264c9a64} -> C:\Documents and Settings\Michał\Dane aplikacji\DownloaderGold\ieplug.dll No File
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
CHR HomePage: Default -> hxxp://search.babylon.com/?babsrc=HP_ss_wls&mntrId=B23B6C71D91F6B60&affID=119357&tsp=4957
CHR Extension: (Hold Page) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pgcfmnelakbbgmkdgkbengjoghnejgle [2014-12-03]
U3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 IntelIde; No ImagePath
U3 TlntSvr; No ImagePath
C:\Avenger
C:\AdwCleaner
CustomCLSID: HKU\S-1-5-21-507921405-963894560-1417001333-1004_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Documents and Settings\Michał\Dane aplikacji\GG\ggdrive\ggdrive-menu.dll No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Danbar1990) #6

FRST: http://wklej.to/T5zLB

Nie potrafię znaleźć raportów z fixlog


(Atis) #7

Skasuj folder C:\FRST

Odinstaluj:

Adobe Flash Player 15 ActiveX

Adobe Flash Player 15 Plugin

Adobe Reader XI (11.0.08)

Java 6 Update 31

Zainstaluj:

Flash Player 16.0.0.235 ActiveX

Flash Player 16.0.0.235 Plugin

Adobe Reader XI 11.0.10

Java 7 Update 71

Service Pack 3

Internet Explorer 8