Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów z FRST.

esan01 13 Wrz 2016 12:06 405 3
  • Pomocny post
    #2 13 Wrz 2016 12:33
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:
    Task: {70E471AC-FB53-4088-A034-A081E768FCAA} - System32\Tasks\{E8748722-8101-40A5-91FF-EEAB46ECD678} => pcalua.exe -a "D:\Pobrane\Native Instruments Reaktor 6 v6.0.1 Incl Patched and Keygen-R2R+EXTRAS\Native.Instruments.Reaktor.6.v6.0.1.Incl.Patched.and.Keygen-R2R\Native.Instruments.Reaktor.6.v6.0.1.Incl.Patched.and.Keygen-R2R\r2r-3980\NI_Reaktor_601_WIN_Installer.7z.exe" -d "D:\Pobrane\Native Instruments Reakto (dane wartości zawierają 183 znaków więcej).
    Task: {B49C8A75-F553-4390-B4C4-871B65F0B632} - System32\Tasks\esnShinbonesBotheringV2 => Rundll32.exe RemortgagedHyper.dll,main 7 1 <==== UWAGA
    Task: {FB7C1F65-F9BF-4EF5-997E-D8DBEA2007D2} - System32\Tasks\{646306B3-BE0F-D3E4-6842-5CD8B2F9F0B0} => C:\Users\esn\AppData\Roaming\{64630~1\synctask.exe [2013-04-15] () <==== UWAGA
    Task: {FCADE1DC-FC09-4910-9C83-2B8263937F7F} - System32\Tasks\{71D754C5-C02F-4E65-BFB7-246C4BBBD46B} => pcalua.exe -a I:\support\Directx\DirectX9\DXSETUP.exe -d I:\support\Directx\DirectX9
    Task: C:\Windows\Tasks\{646306B3-BE0F-D3E4-6842-5CD8B2F9F0B0}.job => C:\Users\esn\AppData\Roaming\{64630~1\synctask.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Free Rider HD Offline Editor.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app-id=kffmoglgaljfcfaadaknkiipcclifcbn --profile-directory=Default
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
    ShortcutWithArgument: C:\Users\esn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%




    HKU\S-1-5-21-2639501056-632033229-1610102501-1000\...\MountPoints2: {0f3c7f32-4e40-11e6-b421-00252214c3cd} - J:\setup.exe
    HKU\S-1-5-21-2639501056-632033229-1610102501-1000\...\MountPoints2: {550caa23-0d53-11e6-bd5f-00252214c3cd} - I:\setup.exe
    HKU\S-1-5-21-2639501056-632033229-1610102501-1000\...\MountPoints2: {740b0a53-e37b-11e5-aa88-00252214c3cd} - H:\StartUp.exe
    HKU\S-1-5-21-2639501056-632033229-1610102501-1000\...\MountPoints2: {f95fe329-cda2-11e5-9188-00252214c3cd} - F:\setup.exe
    HKU\S-1-5-21-2639501056-632033229-1610102501-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKLM -> DefaultScope - brak wartości
    FF NewTab: C:\\ProgramData\\Quotenamrons\\ff.NT
    FF DefaultSearchEngine: findit
    FF Homepage: C:\\ProgramData\\Quotenamrons\\ff.HP
    CHR Plugin: (Widevine Content Decryption Module) - C:\Users\esn\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Brak pliku
    CHR Plugin: (Shockwave Flash) - C:\Users\esn\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll => Brak pliku
    CHR HKLM\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    2016-09-09 09:46 - 2016-09-13 11:27 - 00000000 ____D C:\AdwCleaner
    2016-09-12 15:56 - 2016-04-03 14:56 - 00000266 _____ C:\Windows\Tasks\{646306B3-BE0F-D3E4-6842-5CD8B2F9F0B0}.job
    2016-04-03 14:56 - 2016-04-03 14:56 - 6504960 _____ () C:\Users\esn\AppData\Roaming\agent.dat
    2016-04-03 14:56 - 2016-04-03 14:56 - 0065232 _____ () C:\Users\esn\AppData\Roaming\Config.xml
    2016-04-03 14:56 - 2016-04-03 14:56 - 0081403 _____ () C:\Users\esn\AppData\Roaming\inst.lat
    2016-04-03 14:56 - 2016-04-03 14:56 - 0014208 _____ () C:\Users\esn\AppData\Roaming\InstallationConfiguration.xml
    2016-04-03 14:56 - 2016-04-03 14:56 - 0127488 _____ () C:\Users\esn\AppData\Roaming\Installer.dat
    2016-04-03 14:56 - 2016-04-03 14:56 - 0018432 _____ () C:\Users\esn\AppData\Roaming\Main.dat
    2016-04-03 14:56 - 2016-04-03 14:56 - 0005568 _____ () C:\Users\esn\AppData\Roaming\md.xml
    2016-04-03 14:56 - 2016-04-03 14:56 - 0126464 _____ () C:\Users\esn\AppData\Roaming\noah.dat
    2016-04-03 14:56 - 2016-04-03 14:55 - 0979968 _____ () C:\Users\esn\AppData\Roaming\Openis.exe
    2016-04-03 14:56 - 2016-04-03 14:56 - 1626339 _____ () C:\Users\esn\AppData\Roaming\Openis.tst
    2016-04-30 19:23 - 2016-06-11 22:44 - 0028055 _____ () C:\Users\esn\AppData\Roaming\phpdesigner.xml
    2016-04-03 14:56 - 2016-04-03 14:56 - 0032038 _____ () C:\Users\esn\AppData\Roaming\uninstall_temp.ico
    2016-05-11 19:56 - 2016-09-12 09:56 - 0000142 _____ () C:\Users\esn\AppData\Roaming\WB.CFG
    2016-04-03 14:56 - 2016-04-03 14:56 - 0402905 _____ () C:\Users\esn\AppData\Roaming\Zamtouch.bin
    2016-09-05 21:28 - 2016-09-05 21:28 - 0000218 _____ () C:\Users\esn\AppData\Local\recently-used.xbel
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 13 Wrz 2016 18:45
    esan01
    Poziom 5  

    Dziękuję za pomoc :)
    Wszystko działa jak należy : )

    0
  • #4 13 Wrz 2016 19:25
    krzychupar
    Poziom 41  

    Usuń C:\FRST i zamknij temat.
    Prośba o sprawdzenie logów z FRST.

    0