Zamulony laptop, podejrzenia infekcji, problemy z intenetem

[Alvarus]

Witam, tak jak w tytule, laptop jest strasznie zamulony, do tego prawdopodobnie dochodzą jakieś infekcje o których nie wiem plus internet, który ma drastyczne skoki pingu i utraty pakietów. Dostawca zapewniał, że to nie ich wina, zrobili co mogli i sam też co mogłem to zrobiłem (zmiana kanału + zmiany częstotliwości WiFi)

FRST.txt

Addition.txt

Shortcut.txt

[jessica]

Nic tu nie wskazuje na istnienie infekcji.

 

Tylko kosmetyka:

Uruchom FRST. Na klawiaturze naciśnij jednocześnie CTRL+Y.
Otworzy się Notatnik - wklej do niego:

Spoiler

FirewallRules: [UDP Query User{CF2B3C84-2B22-45C4-940A-24892C1D0AA9}E:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{780E332E-A843-43C2-B6C7-3F5B0D84A8EA}E:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [{60208BFB-F726-4DD1-BABB-43FBDB01D0B9}] => (Allow) C:\Users\w\AppData\Roaming\uTorrent\uTorrent.exe Brak pliku
FirewallRules: [{A29812FA-EDF9-43BA-9A5D-3995BCEA7A5D}] => (Allow) C:\Users\w\AppData\Roaming\uTorrent\uTorrent.exe Brak pliku
FirewallRules: [UDP Query User{014FFA7C-0657-4781-9046-4411E8817ECB}E:\counter-strike 1.6 v43\hl.exe] => (Allow) E:\counter-strike 1.6 v43\hl.exe Brak pliku
FirewallRules: [TCP Query User{79E87334-5BEC-4BCF-B56B-30ADA5BE346F}E:\counter-strike 1.6 v43\hl.exe] => (Allow) E:\counter-strike 1.6 v43\hl.exe Brak pliku
FirewallRules: [{4FDF527F-526E-4410-BE9F-9A6065F277ED}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Brak pliku
FirewallRules: [{CC781214-1B98-4C08-8B32-813D5C875A9D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Brak pliku
FirewallRules: [{D44419E2-C894-456E-A071-3DF4EE8DEF30}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Brak pliku
FirewallRules: [{9091667C-E83D-43A2-A1F8-AFF152F55D5A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Brak pliku
FirewallRules: [UDP Query User{E7E8EEDD-D2EE-4EAD-AE89-AF9059C35790}E:\cs\csgo.exe] => (Block) E:\cs\csgo.exe Brak pliku
FirewallRules: [TCP Query User{F4640F75-D95C-4868-9EFC-C693FE3BA97A}E:\cs\csgo.exe] => (Block) E:\cs\csgo.exe Brak pliku
FirewallRules: [UDP Query User{A3360507-718F-4779-AD97-A580D13D4C59}E:\warthunder\launcher.exe] => (Allow) E:\warthunder\launcher.exe Brak pliku
FirewallRules: [TCP Query User{D6966B8A-B941-45EE-9E49-AD20E16C5963}E:\warthunder\launcher.exe] => (Allow) E:\warthunder\launcher.exe Brak pliku
FirewallRules: [UDP Query User{A0EB1CF7-55E8-407E-A21F-7FA411D9D483}E:\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{7A8BCBA1-EFD7-474A-A2C8-292E139F7A3D}E:\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{F060601F-2B09-496B-AED7-79171B1E0643}E:\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{B5413890-9142-499D-9628-A4E6578C55E8}E:\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{464218F8-E3D1-4A01-8865-6A8818C05F22}E:\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{177CF6A9-6FA7-45DC-A2E4-135EB7058860}E:\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{EDB0C047-4524-4524-BFC3-B8B2CA44AE6C}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe Brak pliku
FirewallRules: [TCP Query User{D5503BF2-AF18-417B-8D27-E0047321430E}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe Brak pliku
FirewallRules: [UDP Query User{934B8B5A-8160-4C2C-9B77-699E5FCE9BB3}E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{BFD8CB77-AB20-4E6B-9A3B-AD70CB98333E}E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{F9AD7653-407D-43A2-A103-2DE949A5A0F9}E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{372D7910-2260-4D5A-902A-CF05FFDC3162}E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{4A338066-E43A-480B-B01D-2247D2E5CF0F}E:\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{E314E18D-93DC-4809-BE83-B6E316711505}E:\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [UDP Query User{7ABE6277-4F3D-4E59-AA5B-4876C038E9F4}E:\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [TCP Query User{A8014ACE-FD23-43A4-AE5E-5C37AE44BEED}E:\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Block) E:\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe Brak pliku
FirewallRules: [{944667C1-61DE-4A47-A934-9B9241E60DA2}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe Brak pliku
FirewallRules: [{8C27A770-D32D-403C-9AD4-193901F35D51}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [{16A00A71-A340-4BE7-B28C-EEF236D6E15B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [{90F5A95F-42B4-4E9C-A803-7FA03E5DE7D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe Brak pliku
FirewallRules: [{B196C688-1D5F-47E4-AF66-04152F7021A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe Brak pliku
FirewallRules: [{4E25741B-91EB-45DD-ADE7-D29A705D7439}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku
FirewallRules: [{DC286833-9CBA-4E2B-942B-2A2D7599D07E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku
FirewallRules: [{03F918ED-3521-4675-B941-2D54B15A0350}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe Brak pliku
FirewallRules: [{E3C99AE3-2A41-4ACD-A337-3D420C7DE812}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe Brak pliku
FirewallRules: [TCP Query User{2420294C-63DD-4140-BF73-F729D43B6536}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe Brak pliku
FirewallRules: [UDP Query User{2E95C1B0-E432-4B94-9F98-4225D2D16C0A}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe Brak pliku
FirewallRules: [{37D4D5BA-8B8E-48FF-95EC-330733487A44}] => (Allow) C:\Program Files (x86)\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe Brak pliku
FirewallRules: [{820004B5-6484-42FE-A848-863659DF5527}] => (Allow) C:\Program Files (x86)\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe Brak pliku
FirewallRules: [{D1548211-8465-4ACA-8541-A302184B0375}] => (Allow) C:\Program Files (x86)\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe Brak pliku
FirewallRules: [{20D8D0C8-3BEB-4095-80F3-E1D7CE35F527}] => (Allow) C:\Program Files (x86)\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe Brak pliku
FirewallRules: [TCP Query User{3D343CF0-0847-4CF1-B8E0-D9DCF94EE81B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Block) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe Brak pliku
FirewallRules: [UDP Query User{41176C5E-750F-4DB4-8C72-C5FC0A513250}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Block) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe Brak pliku
FirewallRules: [TCP Query User{4466BEC5-9BCA-40BE-87C9-213C7EBA12DE}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe Brak pliku
FirewallRules: [UDP Query User{E20A78DD-6200-4686-B37F-F1ABCC9BF077}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe Brak pliku
FirewallRules: [TCP Query User{DF243C40-87EB-4A3C-99AE-EF10D66B8F7C}E:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) E:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe Brak pliku
FirewallRules: [UDP Query User{2B464737-CF00-4D39-A07F-BC332CC6F92B}E:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) E:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
C:\Users\w\Desktop\wszystkie śmieci\gry\Dungeons 2.lnk
C:\Users\w\Desktop\wszystkie śmieci\gry\LPCLauncher — skrót .lnk
C:\Users\w\Desktop\wszystkie śmieci\gry\Mortal Kombat X Premium Edition.lnk
HOSTS:
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:

Na klawiaturze naciśnij jednocześnie CTRL+S.
W FRST kliknij na Fix (NAPRAW).

 

jessi

[Alvarus]

Skrypt wykonany pomyślnie.

 

Jakieś jeszcze działania?

Fixlog.txt

[jessica]

Cytat

Jakieś jeszcze działania?

Nie.

 

jessi

[Alvarus]

Proszę nie zamykać tematu na wypadek gdyby wciąż coś się działo, w dalszym ciągu testuję działanie