Spowolnienie komputera, możliwa infekcja


(kajetan r) #1

Witam,

Proszę o sprawdzenie logow  komputera, który ostatnimi czasy bardzo zwolnił.

http://www.wklej.org/id/1674322/

http://www.wklej.org/id/1674324/


(Acorus) #2

Otwórz notatnik systemowy i wklej:

Task: {4B03C4B5-03FA-45FA-900C-F70A042F2C06} - \Program aktualizacji online firmy Adobe. No Task File ==== ATTENTION
Task: {AAA99186-9FD1-48EE-9031-856092E2DBB5} - System32\Tasks\{EA13407F-48C9-4B00-9293-49FDA91EE580} = Iexplore.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?source=lightinstalleramp;LastError=1618
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] = C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-2914820289-1135939938-3734323650-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2914820289-1135939938-3734323650-1001 - {6D6ECB53-05B5-49E0-B993-C98A47CF25F7} URL = https://search.yahoo.com/search?fr=chr-greentree_ieei=utf-8ilc=12type=201117p={searchTerms}
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
U3 DfSdkS; No ImagePath
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 getbus; \\C:\Users\Stefan\AppData\Local\Temp\getbus.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 SBIOSIO; \\C:\Users\Stefan\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
2015-03-24 20:24 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-24 20:24 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-24 20:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-24 20:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-24 20:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-24 20:24 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-24 20:24 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-24 20:24 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-24 20:23 - 2015-03-24 20:45 - 00000000 ____ D () C:\windows\erdnt
2015-03-24 20:10 - 2015-03-24 20:13 - 00000000 ____ D () C:\AdwCleaner
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Przeskanuj programem Malwarebytes Anti-Malware http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.1.4.1018.exe