proszę o sprawdzenie logów znajomej w celu wykluczenia infekcji. Załączam dodatkowo logi z MBAM i Adwcleaner.
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-10-10] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
Policies: C:\Users\mirela\NTUSER.pol: Ograniczenia <==== UWAGA
Task: {6F0E9455-E84B-469F-AB20-F66730B2DF58} - System32\Tasks\{B2AE24C6-63D7-40D3-9EE4-1387B60A1D56} => C:\Windows\system32\pcalua.exe -a C:\Users\mirela\Desktop\TABLET2\PhoenixSuit_V1.10\PhoenixInstall.exe -d C:\Users\mirela\Desktop\TABLET2\PhoenixSuit_V1.10
Task: {A4C357FC-1FA4-4305-8B6B-99F696757B30} - System32\Tasks\{15CB1E3B-67D3-4ABF-B3F3-DDA08F068898} => C:\Windows\system32\pcalua.exe -a C:\Users\mirela\Desktop\TABLET2\PhoenixSuit_V1.10\InstallUSBDrv.exe -d C:\Users\mirela\Desktop\TABLET2\PhoenixSuit_V1.10
FF user.js: detected! => C:\Users\mirela\AppData\Roaming\Mozilla\Firefox\Profiles\4l1iyfs5.default\user.js [2017-07-22]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S2 TrueKey; "C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe" [X]
S4 IUFileFilter; \??\C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [X]
S1 MaohaWifiNetPro; \??\C:\Program Files\GreatMaker\MaohaWiFi\MaoHaWiFiNet.sys [X] <==== UWAGA
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\mirela\Desktop\µTorrent.lnk
RemoveDirectory: C:\Users\mirela\AppData\Local\Wakopyvazersy
C:\Users\mirela\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
C:\Users\Public\Desktop\Skype.lnk
FirewallRules: [{3F75A998-742F-4EB0-A037-E148082E29C9}] => (Allow) C:\Users\mirela\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{094DC731-A9F7-448D-AFDC-E2A83060C0F6}] => (Allow) C:\Users\mirela\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
RemoveDirectory: C:\Program Files\wanttoxiamen
HOSTS:
EmptyTemp:
Error: (05/05/2021 06:19:48 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 11 gości