Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows 7 - prośba o sprawdzenie logów OTL i FRST

Malibu008 30 Paź 2016 15:15 468 1
  • #2 30 Paź 2016 15:36
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA
    Task: {49A0FA79-84A2-4CA7-9F95-0467DEB4248F} - System32\Tasks\{8853FC28-2393-44CC-9063-66DCCA918ED0} => pcalua.exe -a "D:\Internet Download\wlsetup-web (1).exe" -d "D:\Internet Download"
    Task: {FBD1FBEB-5315-431E-8629-EAF06A6D16D1} - System32\Tasks\ScriptWriter => C:\Users\Sebastian\AppData\Local\ScriptWriter\ScriptWriter.exe [2016-10-30] () <==== UWAGA
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    GroupPolicy: Ograniczenia ? <======= UWAGA
    GroupPolicy\User: Ograniczenia ? <======= UWAGA
    HKU\S-1-5-21-1916386096-1507538218-1162836935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=818407
    SearchScopes: HKU\S-1-5-21-1916386096-1507538218-1162836935-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL =
    SearchScopes: HKU\S-1-5-21-1916386096-1507538218-1162836935-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B314BFC94-D20A-42AE-A809-F8B783FB862B%7D&gp=811014
    BHO: Ďîčńę@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Sebastian\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2016-10-30] (Mail.Ru)
    Toolbar: HKU\S-1-5-21-1916386096-1507538218-1162836935-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
    CHR DefaultSearchURL: Default -> hxxp://go-search.ru/search?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> gosearch
    CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?part={searchTerms}
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\PepperFlash\pepflashplayer.dll => Brak pliku
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Brak pliku
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\pdf.dll => Brak pliku
    CHR Plugin: (Norton Confidential) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => Brak pliku
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Brak pliku
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx




    CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - <nie znaleziono>
    CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof [2016-10-30]
    CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2016-10-30]
    CHR HKU\S-1-5-21-1916386096-1507538218-1162836935-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1916386096-1507538218-1162836935-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1916386096-1507538218-1162836935-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
    S3 MSICDSetup; \??\F:\CDriver.sys [X]
    2016-10-30 14:41 - 2016-10-30 14:41 - 00000000 ____D C:\AdwCleaner
    2016-10-30 13:30 - 2016-10-30 13:30 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Mail.Ru
    2016-10-30 13:30 - 2016-10-30 13:30 - 00000000 ____D C:\ProgramData\Mail.Ru
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0