Powolne włączanie i praca laptopa i infekcje

wlodek04 · 18 Grudzień 2015 19:09

Witam,

Atis · 19 Grudzień 2015 08:28

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [] = [X]
HKLM\...\Policies\Explorer\Run: [AoboAutoRun32] = rundll32.exe "C:\windows\SysWOW64\drivers\sysfilter\WinSock.dll",OK
HKLM\...\Policies\Explorer\Run: [AoboAutoRun64] = rundll32.exe "C:\windows\SysWOW64\drivers\sysfilter\WinSock64.dll",OK
HKLM-x32\...\Run: [PowerDVD12Agent] = "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
HKU\S-1-5-21-1745266210-4204149599-3607975665-1000\...\Run: [iCloudServices] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} =  Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia ======= UWAGA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - Brak nazwy - !{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} -  Brak pliku
Toolbar: HKLM - Brak nazwy - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  Brak pliku
S3 svcprocess; C:\windows\svcproxy\svcprocess.exe [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S2 ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [X]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6}; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [X]
2015-12-18 19:51 - 2015-12-18 20:03 - 00000000 ____ D C:\Users\ania\Downloads\FRST-OlderVersion
2015-12-11 15:42 - 2014-12-17 17:57 - 00000000 ____ D C:\AdwCleaner
2015-12-05 02:34 - 2015-12-05 02:34 - 0000000 ____ H () C:\Users\ania\AppData\Local\BIT3FB7.tmp
C:\ProgramData\*.log
Task: {0E513AA7-C699-47AF-98A6-169EE7A55688} - System32\Tasks\EasyPartitionManager = C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {35AB4616-66C8-49BB-9C45-FF5B1C7AE23F} - System32\Tasks\MirageAgent = C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {E3F80967-C644-4790-BD59-BC09E7CAEB7D} - System32\Tasks\{CF91F477-D830-4955-9D2E-9947A6E01AA9} = pcalua.exe -a C:\Users\ania\Desktop\MinecraftZyczu.exe -d C:\Users\ania\Desktop
Task: {EC71CBAD-3F19-439C-89F4-01C2816DD29F} - System32\Tasks\avastBCLRestartS-1-5-21-1745266210-4204149599-3607975665-1000 = Chrome.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KNet = ""="service"
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

wlodek04 · 19 Grudzień 2015 13:01

Fixlog: http://wklej.org/id/1881904/

Atis · 19 Grudzień 2015 19:03

Skasuj folder C:\FRST