Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów FRST

chris18404 16 Lut 2017 21:43 228 3
  • #2 16 Lut 2017 21:49
    Kolobos
    Spec od komputerów

    Nie zamieszczaj logow bez powodu.

    Fixlist.txt dla FRST:
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\Policies\Explorer: []
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c4c7-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c642-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c756-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {2b3749b9-d1cb-11e6-bf9b-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa5f35-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa5f6f-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa6052-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {858cef2c-c84e-11e6-bf96-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {858cef5c-c84e-11e6-bf96-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {908ed3b3-f209-11e6-bfc5-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {ce771b50-d33f-11e5-be78-0cd292a985f2} - "F:\Autorun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {ec61cb4f-dca3-11e6-bfaa-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {f8e03fa5-d967-11e5-be82-0cd292a985f2} - "G:\AutoRun.exe"
    URLSearchHook: [S-1-5-21-667180924-1909731582-1038896506-1001] UWAGA => Brak domyślnego URLSearchHook
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
    S2 vstor2; \??\C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [X]
    2016-02-24 18:09 - 2016-02-24 18:09 - 8003072 _____ () C:\Users\Krzysiek\AppData\Roaming\agent.dat
    2016-02-24 17:58 - 2016-02-24 17:58 - 0127488 _____ () C:\Users\Krzysiek\AppData\Roaming\Installer.dat
    2016-02-24 18:09 - 2016-02-24 18:09 - 0018432 _____ () C:\Users\Krzysiek\AppData\Roaming\Main.dat
    2016-02-24 18:09 - 2016-02-24 18:09 - 1894447 _____ () C:\Users\Krzysiek\AppData\Roaming\Nimex.tst
    EmptyTemp:

    0
  • #3 16 Lut 2017 21:51
    chris18404
    Poziom 19  

    Kolobos napisał:
    Nie zamieszczaj logow bez powodu.

    Fixlist.txt dla FRST:
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\Policies\Explorer: []
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c4c7-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c642-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {0590c756-7803-11e6-bf3f-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {2b3749b9-d1cb-11e6-bf9b-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa5f35-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa5f6f-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {31fa6052-d3cb-11e5-be7a-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {858cef2c-c84e-11e6-bf96-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {858cef5c-c84e-11e6-bf96-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {908ed3b3-f209-11e6-bfc5-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {ce771b50-d33f-11e5-be78-0cd292a985f2} - "F:\Autorun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {ec61cb4f-dca3-11e6-bfaa-0cd292a985f2} - "G:\AutoRun.exe"
    HKU\S-1-5-21-667180924-1909731582-1038896506-1002\...\MountPoints2: {f8e03fa5-d967-11e5-be82-0cd292a985f2} - "G:\AutoRun.exe"
    URLSearchHook: [S-1-5-21-667180924-1909731582-1038896506-1001] UWAGA => Brak domyślnego URLSearchHook
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
    S2 vstor2; \??\C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [X]
    2016-02-24 18:09 - 2016-02-24 18:09 - 8003072 _____ () C:\Users\Krzysiek\AppData\Roaming\agent.dat
    2016-02-24 17:58 - 2016-02-24 17:58 - 0127488 _____ () C:\Users\Krzysiek\AppData\Roaming\Installer.dat
    2016-02-24 18:09 - 2016-02-24 18:09 - 0018432 _____ () C:\Users\Krzysiek\AppData\Roaming\Main.dat
    2016-02-24 18:09 - 2016-02-24 18:09 - 1894447 _____ () C:\Users\Krzysiek\AppData\Roaming\Nimex.tst
    EmptyTemp:



    nie rozumiem

    0
  • #4 16 Lut 2017 22:00
    Kolobos
    Spec od komputerów

    Tez nie rozumiem, po co zamiesciles te logi.

    Co do Fixlist, to chyba potrafisz przeczytac inne watki i zrozumiec co masz zrobic?

    0