Wolny komputer i wirusy log


(Widwa) #1

Witam. OStatnio wziąłem się za robote mojego pc bo zaczął chodzić coraz wolniej. przeskanowałęm  komputer esetem, usunał mi zainfekowane pliki. zrobiłem skan spyhunterem., wyszło 2000 ponad jakiś wirusów, hijackerow. pup optional itd. jakiś tam dupereli. wszystko spyhunter wyczyscil czy co tam miał zrobic z dysku i rejestru. zrobiłęm tez skan lalwarebytes anti-malware. adwcleanerem .spybotem  combofixem. - z trybu awaryjnego i różnymi jeszcze.. i chyba większości się pozbylem. komputer chodzi już jakoś w miare. i zwracam się do was żebyście sprawdzili logi czy wszystko już niebezpieczne usunąłem i pomogli jakoś wyczyścic kompa z niepotrzebnych rzeczy, wirusów itd


(Acorus) #2

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.


(Widwa) #3

Prosze

 

FRTS:

http://wklej.org/id/1508173/

ADDITION:

http://wklej.org/id/1508179/


(Acorus) #4

Odinstaluj Spybot - Search & Destroy,SpyHunter.Otwórz Notatnik i wklej:

Task: {0E70260C-55F8-499C-9AB8-CF261656D75D} - System32\Tasks\SpyHunter4Startup = C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe [2014-11-01] (Enigma Software Group USA, LLC.)
Task: {528882BD-6469-4CBF-BE5B-6339AB285408} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDImmunize.exe
Task: {56DDBD95-5B08-40D4-B68E-F2B9E8B75744} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDUpdate.exe
Task: {E42AC3CF-6A75-4AFF-8663-C372A1BED72F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDScan.exe
Task: {E4DA1717-D674-4971-82DE-42E625A22219} - \Program aktualizacji online firmy Adobe. No Task File ==== ATTENTION
HKU\S-1-5-21-564210249-4218895514-1997272203-1000\Software\Classes\exefile: ===== ATTENTION!
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-564210249-4218895514-1997272203-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
FF Extension: No Name - {F003DA68-8256-4b37-A6C4-350FA04494DF} [Not Found]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
2014-11-02 19:20 - 2014-11-02 19:20 - 15578360 _____ (Elex do Brasil Participações Ltda) C:\Users\Dawid\Desktop\yet_another_cleaner_sk_110808.exe
2014-11-02 10:03 - 2014-11-02 23:17 - 00000000 ____ D () C:\Users\Dawid\Downloads\SpyHunter-4.17.6.4336 Plus Patch software-free.net
2014-11-02 10:02 - 2014-11-02 10:03 - 44541663 _____ () C:\Users\Dawid\Downloads\SpyHunter-4.17.6.4336 Plus Patch software-free.net.rar
2014-11-02 09:37 - 2014-11-02 09:37 - 00079462 _____ () C:\sh4_service.log
2014-11-01 19:32 - 2014-11-01 19:32 - 00002244 _____ () C:\Users\Dawid\Desktop\SpyHunter.lnk
2014-11-01 19:32 - 2014-11-01 19:32 - 00000000 ____ D () C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-01 19:32 - 2014-11-01 19:32 - 00000000 ____ D () C:\sh4ldr
2014-11-01 19:30 - 2014-11-01 19:32 - 00000000 ____ D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-11-01 19:30 - 2014-11-01 19:30 - 46175312 ___RH () C:\Users\Dawid\Desktop\spyhunterS4.exe
2014-11-01 19:23 - 2014-11-02 23:17 - 00000000 ____ D () C:\Users\Dawid\Downloads\SpyHunter_4.17.8[2014]PL
2014-11-01 19:05 - 2014-11-01 19:05 - 00000000 ____ D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-01 19:04 - 2014-11-01 19:18 - 00000000 ____ D () C:\ProgramData\Spybot - Search Destroy
2014-11-01 19:04 - 2014-11-01 19:08 - 00000000 ____ D () C:\Program Files (x86)\Spybot - Search Destroy 2
2014-11-01 19:04 - 2014-11-01 19:04 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-SD Start Center.lnk
2014-11-01 19:04 - 2014-11-01 19:04 - 00001339 _____ () C:\Users\Public\Desktop\Spybot-SD Start Center.lnk
2014-11-01 19:04 - 2014-11-01 19:04 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search Destroy 2
2014-11-01 19:04 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-11-01 19:02 - 2014-11-01 19:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Dawid\Desktop\spybot-2.4.exe
2014-11-02 23:31 - 2013-08-29 00:14 - 00000000 ____ D () C:\AdwCleaner
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Widwa) #5

ok zaraz to zrobie. a czemu odinstalować spyhunter?


(Widwa) #6

zrobiłem tak jak napisałęś ,coś jeszcze?


(Acorus) #7

Skasuj folder C:\FRST