Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o analiza logów FRST

berts 26 Lut 2016 18:40 444 3
  • #1 26 Lut 2016 18:40
    berts
    Poziom 8  

    Witam,

    Kolejny raz proszę o pomoc w analizie logów, człowiek wpuści dzieciaki na chwilę i nie poznaje komputera.

    Link FRST
    Link Addition

    0 3
  • #2 26 Lut 2016 18:44
    Kolobos
    Spec od komputerów

    Odinstaluj: Java Runtime Environment Packages

    Fixlist.txt dla FRST:
    Task: {9CB497FE-0428-4215-AB0E-F6491CBE0F95} - System32\Tasks\Opera scheduled Autoupdate 1456502466 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-22] (Opera Software)
    Task: {9E071745-269F-4A9B-B41B-2A695CF10918} - System32\Tasks\{A8BA57DB-BBBB-4BBA-8B81-A39E369B7E0F} => pcalua.exe -a C:\Users\Bartek\Downloads\jxpiinstall.exe -d C:\Users\Bartek\Downloads
    Task: {9E1D2C49-5743-4BAE-9F1B-25EA7EE6B93B} - System32\Tasks\{0AD8DD45-AEB7-4B3F-BA7F-B239E7FE271A} => pcalua.exe -a C:\Users\Bartek\Downloads\jxpiinstall(1).exe -d C:\Users\Bartek\Downloads
    Task: {A1149684-14F0-49AD-A1CA-63633315E658} - System32\Tasks\{206B3708-66E0-4DBA-A991-6F670A281B8C} => pcalua.exe -a C:\Users\Bartek\Downloads\20040302085631718_SM710N\Setup.exe -d C:\Users\Bartek\Downloads\20040302085631718_SM710N
    Task: {C9F5AF27-DAB2-4554-9181-99A994B29017} - System32\Tasks\{54DC1921-661E-4CEA-A89E-B96AACC78C83} => pcalua.exe -a C:\Users\Bartek\Downloads\20040318095310031_SM710N\Setup.exe -d C:\Users\Bartek\Downloads\20040318095310031_SM710N
    Task: {F7BB1CA3-393B-4BBE-8533-FEC1E73D7656} - System32\Tasks\{469B77F0-8770-43B7-89A5-00F066332A80} => pcalua.exe -a C:\Users\Bartek\Downloads\20040422145351000_SM710N\Setup.exe -d C:\Users\Bartek\Downloads\20040422145351000_SM710N
    HKU\S-1-5-21-571992522-3169779736-1960042961-1000\...\MountPoints2: {33a48470-6dc8-11e4-9d9c-001e4fc613d7} - F:\AutoRun.exe
    HKU\S-1-5-21-571992522-3169779736-1960042961-1000\...\MountPoints2: {4deccc3e-6e79-11e4-8f57-001e4fc613d7} - F:\AutoRun.exe
    HKU\S-1-5-21-571992522-3169779736-1960042961-1000\...\MountPoints2: {d604ff75-6974-11e4-9a77-806e6f6e6963} - F:\AutoRun.exe
    HKU\S-1-5-21-571992522-3169779736-1960042961-1000\...\MountPoints2: {d604ffcb-6974-11e4-9a77-001e4fc613d7} - F:\AutoRun.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-16] (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    ProxyServer: [S-1-5-21-571992522-3169779736-1960042961-1000] => proxy_pl:8080
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
    HKU\S-1-5-21-571992522-3169779736-1960042961-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
    FF Extension: Elegant Advisor - C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\wu829kea.default\extensions\{20fec063-c59d-0c63-9ae8-03180eee7f1e} [2016-02-26] [Brak podpisu cyfrowego]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
    S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
    2016-02-26 18:16 - 2016-02-26 18:20 - 00000000 ____D C:\AdwCleaner
    2016-02-26 17:01 - 2016-02-26 17:01 - 00003880 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1456502466
    EmptyTemp:

    0
  • #4 26 Lut 2016 19:19
    Kolobos
    Spec od komputerów

    Nowe logi sa zbedne, jezeli juz jest ok to usun katalog C:\FRST i to wszystko.

    0