Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów FRST

Nito8 18 Lut 2018 22:34 180 1
  • Pomocny post
    #2 18 Lut 2018 22:46
    Kolobos
    Spec od komputerów

    Fixlist.txt:
    Task: {0B1D8876-83B8-45A3-98FF-D42193DF7E1C} - System32\Tasks\{3FB00F52-69E9-4C2D-A2DE-0C461D80FB77} => C:\Windows\system32\pcalua.exe -a C:\Users\Damian\Desktop\DiagnosticAllin1(2.0.2.8)_20141112_General\EXE_Diagnostic\WIN7\64\EXE\RtlStartInstall.exe -d C:\Users\Damian\Desktop\DiagnosticAllin1(2.0.2.8)_20141112_General\EXE_Diagnostic\WIN7\64\EXE
    Task: {0E7AC13D-37D8-4A5C-8DAC-14CCF26E09B4} - System32\Tasks\Damian => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Damian /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== UWAGA
    Task: {B05DCB9D-BA50-45A8-80EF-5EBC43C34642} - System32\Tasks\{F0086D67-2E44-46B5-BA1A-E2BFB6085151} => C:\Windows\system32\pcalua.exe -a "F:\Twin USB Gamepad-2.exe" -d F:\
    HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
    HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\Run: [Damian] => explorer.exe hxxp://exinariuminix.info <==== UWAGA
    HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\MountPoints2: {6ad648a8-438c-11e7-a9b9-4ccc6a6b1220} - H:\LG_PC_Programs.exe
    HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\MountPoints2: {6cb6a147-c188-11e6-a334-806e6f6e6963} - F:\Autorun.exe
    BHO: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku
    BHO-x32: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku
    FF HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Damian\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
    C:\Users\Damian\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
    FF Extension: (__MSG_extName__) - C:\Users\Damian\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-11-09]
    C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo
    CHR Extension: (Ace Script) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-01-08]
    CHR HKU\S-1-5-21-2159542564-1721052023-1537055382-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    S3 MSICDSetup; \??\D:\CDriver64.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\EX64.SYS [X]
    S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
    2017-11-11 19:32 - 2017-11-11 19:32 - 000148736 _____ (Avanquest Software) C:\ProgramData\hpeEBCA.dll

    0