Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Logi FRST, prośba o sprawdzenie.

marcin55246 01 Sty 2016 02:40 582 4
  • Pomocny post
    #2 01 Sty 2016 04:02
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    Task: {3793507E-0ECE-4B27-B27D-8F3E4C72BC8B} - System32\Tasks\ViewCounter => c:\programdata\{002cadd3-a488-46af-002c-cadd3a48b74e}\cubase75v32b64b.exe <==== UWAGA
    Task: {4D74EAD5-E441-4F04-8426-BD9DF08B64DA} - System32\Tasks\TrackGraph => c:\programdata\{ba1e7b4f-76cf-934e-ba1e-e7b4f76ced3d}\7868734628845273352b.exe <==== UWAGA
    Task: {93C93EF2-AD4C-4F7E-B86A-245C493CFCD1} - System32\Tasks\{9B0927F5-C724-4314-919A-EDB10817782D} => pcalua.exe -a D:\Dwnld\xo318m.exe -d D:\Dwnld
    Task: {B6905F30-6C22-4C37-A20A-1508C77B8781} - System32\Tasks\{64DE8473-99C0-4A30-857B-21E912E53442} => pcalua.exe -a D:\Dwnld\BB-SR-GOoH\Redist\DirectX\dxsetup.exe -d D:\Dwnld\BB-SR-GOoH\Redist\DirectX
    Task: C:\Windows\Tasks\TrackGraph.job => c:\programdata\{ba1e7b4f-76cf-934e-ba1e-e7b4f76ced3d}\7868734628845273352b.exe <==== UWAGA
    Task: C:\Windows\Tasks\ViewCounter.job => c:\programdata\{002cadd3-a488-46af-002c-cadd3a48b74e}\cubase75v32b64b.exe <==== UWAGA
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {0918a23a-bf2d-11e4-bb7d-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {1ee843c0-ae2c-11e5-b9e0-fcaa140d9fb4} - J:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {2a6ec668-6286-11e4-9eb0-d0509925ad44} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {4b34500e-c340-11e4-8a2d-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {4b34501b-c340-11e4-8a2d-fcaa140d9fb4} - H:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {4f02f711-6230-11e4-82bb-d0509925ad44} - K:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {4f02f71d-6230-11e4-82bb-d0509925ad44} - K:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {55538f29-ad56-11e5-89d8-fcaa140d9fb4} - J:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {58bf3a51-9c19-11e4-b4e6-806e6f6e6963} - F:\Run.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {5a832c7f-9dd8-11e4-a53b-fcaa14125ded} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {9299f536-95cf-11e5-a4e1-fcaa140d9fb4} - J:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {98fc182c-a990-11e4-b427-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {a5e71711-8226-11e3-8ec5-d0509925ad44} - H:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {b57c704c-607c-11e4-b557-806e6f6e6963} - F:\ASRSetup.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {c30247f9-6280-11e4-a475-d0509925ad44} - K:\AutoRun.exe




    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {c3024825-6280-11e4-a475-d0509925ad44} - K:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {f188dd1c-be8a-11e4-8651-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {f188dd28-be8a-11e4-8651-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {f188dd32-be8a-11e4-8651-fcaa140d9fb4} - G:\AutoRun.exe
    HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\...\MountPoints2: {f188dd3f-be8a-11e4-8651-fcaa140d9fb4} - G:\AutoRun.exe
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-3966114883-1945539125-4201670732-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
    S2 cFosSpeedS; "C:\Windows\cFosSpeed\spd.exe" -service [X]
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    U3 ahdwjuv7; C:\Windows\System32\Drivers\ahdwjuv7.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
    S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
    S3 gdrv; \??\C:\Windows\gdrv.sys [X]
    S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
    2015-12-31 03:46 - 2015-12-31 03:47 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:



    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 01 Sty 2016 11:46
    Kolobos
    Spec od komputerów

    Jeszcze wykonaj jeszcze taki fixlist.txt:
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
    2015-12-31 20:46 - 2015-07-14 19:46 - 00000352 _____ C:\Windows\Tasks\TrackGraph.job
    2015-12-31 20:46 - 2015-07-09 13:46 - 00000342 _____ C:\Windows\Tasks\ViewCounter.job

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0