Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prosze o sprawdzenie logów [FRST]

lukkii 09 Lip 2018 08:38 108 2
  • #2 09 Lip 2018 09:57
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:

    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Task: {155439A1-EC11-4698-9806-908FEEB559EE} - \Adobe Flash Player NPAPI Notifier -> Brak pliku <==== UWAGA
    Task: {50CD4F35-0A8F-4491-B6AC-8A602B317D39} - System32\Tasks\{0711628A-0A6B-4DF0-9196-0C8A9FE1CB38} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator\Downloads\OTL_www.INSTALKI.pl.exe -d C:\Users\Administrator\Downloads
    Task: {AF41048F-B9CA-41BF-8975-DC94FCB06203} - System32\Tasks\{2A47925D-379F-460D-8E99-C01BFC05C593} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator\Downloads\OTL_www.INSTALKI.pl.exe -d C:\Users\Administrator\Downloads
    Task: {B3279296-6ACC-458A-B7A3-1783E5B27BDF} - \Adobe Flash Player Updater -> Brak pliku <==== UWAGA
    Task: {F8276657-DA52-4A0D-AAB8-9912512E5696} - \Adobe Flash Player PPAPI Notifier -> Brak pliku <==== UWAGA
    Task: {5002A2E2-8A49-4A52-94B0-F031BB59E6A9} - System32\Tasks\Opera scheduled Autoupdate 1529807649 => C:\Program Files\Opera\launcher.exe [2018-06-12] (Opera Software)
    Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
    AppInit_DLLs: C:\Windows\System32\ => Brak pliku
    BootExecute: autocheck autochk * tpnative
    Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Brak pliku
    Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Brak pliku
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-2143529825-1230728394-1330005217-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku]
    R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [0 2018-06-03] () <==== UWAGA (zerobajtowy plik/folder)
    R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [0 2018-06-03] () <==== UWAGA (zerobajtowy plik/folder)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
    S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
    S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
    S1 IMFCameraProtect; \??\C:\Windows\system32\drivers\IMFCameraProtect.sys [X]
    S2 MBAMDrvService; \??\C:\Windows\system32\drivers\mbam.sys [X]
    U0 Partizan; system32\drivers\Partizan.sys [X]
    2018-07-01 08:55 - 2018-07-01 08:55 - 000035503 _____ C:\ComboFix.txt
    2018-07-01 08:55 - 2018-06-06 22:20 - 000000000 ____D C:\Qoobox
    2018-07-01 08:22 - 2018-06-02 20:00 - 000000000 ____D C:\AdwCleaner
    2018-06-17 21:39 - 2018-06-17 21:39 - 000000037 ___SH () C:\Users\Administrator\AppData\Local\20986331705021ca58edc424.96250074
    C:\Windows\SysWOW64\shimeng.dll
    C:\Windows\SysWOW64\wdi.dll
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0