System zaczął działać powoli/ antywirus wykrył virusy


(michall36) #1

Witam,

 

dziś system zaczął działać bardzo wolno - problemy nawet z odświeżaniem ikon na pulpicie.

McAfee wykrył następujące zagrożenia:

http://forum.dobreprogramy.pl/gallery/image/6625-virrrrr/

 

Malwarebytes Anti-Malware:http://www.wklej.org/id/1644865/ (wszystko przeniesione do kwarantany)

 

Farbar Recovery Scan Tool

 FRST

Addition


(Atis) #2

Jeżeli nie masz aktualnej licencji to odinstaluj stary McAfee.

Jak wyczyścić pamięć podręczną Java:

http://www.java.com/pl/download/help/plugin_cache.xml

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [Zipper] => C:\Program Files (x86)\ABC Backup\abcbackup.exe
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1989786366-3510892519-2189099974-1001\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1989786366-3510892519-2189099974-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\windows\system32\eed_ec.dll,SpeedLauncher
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1989786366-3510892519-2189099974-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1989786366-3510892519-2189099974-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1989786366-3510892519-2189099974-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath
2015-02-23 20:04 - 2015-02-23 20:04 - 00000000 ____ D () C:\QUARANTINE
2015-02-19 20:40 - 2015-02-19 20:40 - 00000000 ____ D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {4133815E-6E12-4B83-8FDD-4821E3D715FE} - System32\Tasks\{11C30FC0-B25A-472B-A9A7-621415E19D7B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -c -runfromtemp -l0x0015 -removeonly
Task: {4F300A4D-D917-422B-9257-8BE80791E891} - System32\Tasks\{1B079B65-18A2-4C68-8BAB-C8D9B98825A2} => pcalua.exe -a F:\IsInstallPending.exe -d F:\
Task: {7C7EFBE6-72D6-4A78-B2DB-CAF5F17EE891} - System32\Tasks\{7865E224-4274-45BE-9516-11068875428A} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe"
Task: {92C65838-1C11-4DBB-8611-5607974FEED2} - System32\Tasks\{2989BAC4-5DD5-4D63-88C1-86268B8BDC04} => pcalua.exe -a C:\Users\Michal\Desktop\setup_basic_3500.exe -d C:\Users\Michal\Desktop
Task: {DAB1D933-D1E3-4091-B1EC-3E613C4498D8} - System32\Tasks\{26E5E144-920A-4F95-A5F2-7C6791067B35} => pcalua.exe -a "C:\Users\Michal\Desktop\1241700387-BMW-M3-v1.2\NFS-U2 BMW M3 v1.2\NFS-CfgInstaller.exe" -d "C:\Users\Michal\Desktop\1241700387-BMW-M3-v1.2\NFS-U2 BMW M3 v1.2"
Task: {DB3DD524-F263-490B-B605-F9F677AE9ADF} - System32\Tasks\{B9004B33-A144-4AD5-9668-12A4B1E312CD} => pcalua.exe -a C:\Users\Michal\Desktop\patch\GTAIV_TU5\GTAIV_TU5.exe -d C:\Users\Michal\Desktop\patch\GTAIV_TU5
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(michall36) #3

FixLog


(Atis) #4

Skasuj folder C:\FRST