Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DELL Inspiron 5721 - Wydłużony czas uruchamiania - logi z FRST

ka-jak-kazimierz 27 Wrz 2016 10:18 303 2
  • CControls
  • Pomocny post
    #2 27 Wrz 2016 10:24
    Kolobos
    Spec od komputerów

    Uzyj http://www.bleepingcomputer.com/download/adwcleaner/ opcja Szukaj i Usun.

    Wykonaj Fixlist.txt dla FRST:
    Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Brak pliku <==== UWAGA
    Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Brak pliku <==== UWAGA
    Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
    Task: {55EAAD1B-FA76-4E9E-AE2C-323F83A098AC} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Core => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA
    Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Brak pliku <==== UWAGA
    Task: {849C3FDB-82F1-42DC-8E30-6E98CF10345E} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Pending Update => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA
    Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Brak pliku <==== UWAGA
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Brak pliku <==== UWAGA
    Task: {DDFF268E-0CBE-4A61-85A9-48492A245EAC} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== UWAGA
    GroupPolicy\User: Ograniczenia ? <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dosearches.com/?utm_source=b&u...5A1YT0_WXB1A9241618A9241618&ts=1384185223
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dosearches.com/?utm_source=b&u...5A1YT0_WXB1A9241618A9241618&ts=1384185223




    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    HKU\S-1-5-21-2718913078-2275642046-2629055180-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dosearches.com/?utm_source=b&u...5A1YT0_WXB1A9241618A9241618&ts=1384185223
    URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2718913078-2275642046-2629055180-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2718913078-2275642046-2629055180-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...618&ts=1384185223&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2718913078-2275642046-2629055180-1001 -> {AB4B4971-748F-403E-B214-92EEF65E4FFA} URL =
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=...uid=WDCXWD10JPVT-75A1YT0_WXB1A9241618A9241618
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dosearches.xml [2013-11-11]
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Kazimierz\AppData\Roaming\Mozilla\Firefox\Profiles\p5qbbvwu.default-1449914208581\extensions\deskCutv2@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Kazimierz\AppData\Roaming\Mozilla\Firefox\Profiles\p5qbbvwu.default-1449914208581\extensions\yahooprotected@gmail.com => nie znaleziono
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [X]
    S1 wfdrvr_vw_1_10_0_28; system32\drivers\wfdrvr_vw_1_10_0_28.sys [X]
    2014-02-13 19:18 - 2014-02-13 19:18 - 0825728 _____ (AnyProtect.com) C:\Users\Kazimierz\AppData\Local\nsh7B9B.tmp.exe
    2013-01-29 16:11 - 2013-01-29 16:11 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2013-01-29 16:07 - 2013-01-29 16:08 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2013-01-29 16:08 - 2013-01-29 16:09 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2013-01-29 16:06 - 2013-01-29 16:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2013-01-29 16:09 - 2013-01-29 16:11 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
    EmptyTemp:


    Zrob tez pelny skan przy pomocy mbam i usun to co wykryje: http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    0
  • CControls
  • #3 27 Wrz 2016 13:29
    ka-jak-kazimierz
    Poziom 9  

    Znaczna poprawa. Problem uważam za rozwiązany.
    Dziękuję.

    0