Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Prośba o sprawdzenie logów FRST

kamiloqwe 21 Paź 2018 16:36 66 2
  • Pomocny post
    #2 21 Paź 2018 17:25
    krzychupar
    Poziom 40  

    Odinstaluj:

    YoutubeAdBlock
    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Task: {1C6F5ECB-D9AE-4E46-97E2-4188CA9870BA} - System32\Tasks\ajcJLQICCZCjeeDTE2 => rundll32 "C:\Program Files (x86)\DsFHGOAlYqKinFMZZkR\OBciTNL.dll",#1
    Task: {1D1BABB7-DA92-4290-A7E9-A93D53B7331D} - System32\Tasks\sNAZSULsxhPRrp => rundll32 "C:\Program Files (x86)\bEHpwXIAVPlU2\lxxGHaQBcOWsJ.dll",#1
    Task: {444F0ABE-F7C4-4FC2-9A38-6C24A8177C50} - System32\Tasks\pOsuDAhyJOAooJV2 => rundll32 "C:\Program Files (x86)\dgivjjGKU\xGaBOs.dll",#1
    Task: {46D66B26-6727-4F7A-9728-8E43F17AABAD} - System32\Tasks\JTfZtfxSGdEPd2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\PRdeNAJZZOXfdbVB\mxbXvbJ.wsf"
    Task: {79059D4E-4514-420B-A57E-870624914C00} - System32\Tasks\OXnKjiRHslqIIuhVVmP2 => rundll32 "C:\Program Files (x86)\KhMKnowCPbjoC\acMvtYq.dll",#1
    Task: {8440E0E2-869D-45BC-B29D-6E4966820720} - System32\Tasks\YoutubeDownloader => C:\Users\Kamil\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [2018-08-01] (Python Software Foundation) <==== UWAGA
    Task: {BE6322DC-91F6-4331-8199-7AC33304FE15} - System32\Tasks\YoutubeDownloader_upd => C:\Users\Kamil\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [2018-08-01] (Python Software Foundation) <==== UWAGA
    Task: {FADB06C2-5831-4B8E-9F8C-ECC0C7967206} - \Opera scheduled Autoupdate 2796787680 -> Brak pliku <==== UWAGA
    Hosts:
    HKU\S-1-5-21-4207031916-94627828-1079426466-1004\...\Run: [YoutubeDownloader_upd] => C:\Users\Kamil\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
    HKU\S-1-5-21-4207031916-94627828-1079426466-1004\...\Run: [YoutubeDownloader] => C:\Users\Kamil\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
    BootExecute: autocheck autochk * avgBoot.exe /M:274e0c5e6 /wow /dir:"c:\program files\avg\antivirus"
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    Hosts: 127.0.0.1 secure.prepar3d.com
    URLSearchHook: HKU\S-1-5-21-4207031916-94627828-1079426466-1004 - (Brak nazwy) - {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} - Brak pliku
    SearchScopes: HKU\S-1-5-21-4207031916-94627828-1079426466-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search-cdn.net/?e=g&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4207031916-94627828-1079426466-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search-cdn.net/?e=g&q={searchTerms}
    BHO: YoutubeAdBlock -> {DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086} -> C:\Program Files (x86)\fqwoOXcdRIE\tkSVKjeLT.dll [2018-10-12] ()




    FF Extension: (Telemetry coverage) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\2y881gxw.default\features\{da991408-c8b7-4da9-83e3-3d768c9a2de2}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-30] [Przestarzałe]
    S2 EventSvc; C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Brak podpisu cyfrowego] <==== UWAGA
    R2 PowerSvc; C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe [6406448 2018-06-25] () [Brak podpisu cyfrowego] <==== UWAGA
    S3 GPU-Z; \??\C:\Users\Kamil\AppData\Local\Temp\GPU-Z.sys [X] <==== UWAGA
    2018-10-12 21:33 - 2018-10-21 15:58 - 000003142 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
    2018-10-12 21:32 - 2018-10-12 21:32 - 000003212 _____ C:\WINDOWS\System32\Tasks\sNAZSULsxhPRrp
    2018-10-12 21:32 - 2018-10-12 21:32 - 000003044 _____ C:\WINDOWS\System32\Tasks\JTfZtfxSGdEPd2
    2018-10-12 21:32 - 2018-10-12 21:32 - 000003034 _____ C:\WINDOWS\System32\Tasks\ajcJLQICCZCjeeDTE2
    2018-10-12 21:32 - 2018-10-12 21:32 - 000003026 _____ C:\WINDOWS\System32\Tasks\OXnKjiRHslqIIuhVVmP2
    2018-10-12 21:32 - 2018-10-12 21:32 - 000000000 ____D C:\ProgramData\PRdeNAJZZOXfdbVB
    2018-10-12 21:32 - 2018-10-12 21:32 - 000000000 ____D C:\Program Files (x86)\KhMKnowCPbjoC
    2018-10-12 21:32 - 2018-10-12 21:32 - 000000000 ____D C:\Program Files (x86)\DsFHGOAlYqKinFMZZkR
    2018-10-12 21:32 - 2018-10-12 21:32 - 000000000 ____D C:\Program Files (x86)\bEHpwXIAVPlU2
    2018-10-12 21:31 - 2018-10-12 21:31 - 000003008 _____ C:\WINDOWS\System32\Tasks\pOsuDAhyJOAooJV2
    2018-10-12 21:31 - 2018-10-12 21:31 - 000000000 ____D C:\Program Files (x86)\xnENVqYvpiUn
    2018-10-12 21:31 - 2018-10-12 21:31 - 000000000 ____D C:\Program Files (x86)\fqwoOXcdRIE
    2018-10-12 21:31 - 2018-10-12 21:31 - 000000000 ____D C:\Program Files (x86)\dgivjjGKU
    2018-05-06 12:03 - 2018-08-24 21:52 - 000000189 _____ () C:\Users\Kamil\AppData\Roaming\prio.ini
    2018-07-02 10:51 - 2018-07-02 10:51 - 007631872 _____ () C:\Users\Kamil\AppData\Local\agent.dat
    2018-07-02 10:51 - 2018-07-02 10:51 - 000070896 _____ () C:\Users\Kamil\AppData\Local\Config.xml
    2017-12-16 18:15 - 2018-07-30 23:01 - 000728064 _____ () C:\Users\Kamil\AppData\Local\file__0.localstorage
    2018-07-02 10:51 - 2018-07-02 10:51 - 000140800 _____ () C:\Users\Kamil\AppData\Local\installer.dat
    2018-07-02 10:51 - 2018-07-02 10:51 - 000005568 _____ () C:\Users\Kamil\AppData\Local\md.xml
    2018-07-02 10:51 - 2018-07-02 10:51 - 000126464 _____ () C:\Users\Kamil\AppData\Local\noah.dat
    2018-09-01 21:07 - 2018-09-01 21:07 - 000011202 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel
    2018-07-29 20:53 - 2018-09-03 14:59 - 000007601 _____ () C:\Users\Kamil\AppData\Local\Resmon.ResmonCfg
    2018-07-02 10:51 - 2018-07-02 10:51 - 001990169 _____ () C:\Users\Kamil\AppData\Local\Runstring.tst
    2018-07-02 10:51 - 2018-08-19 12:25 - 000929792 _____ () C:\Users\Kamil\AppData\Local\sham.db
    2018-07-02 10:52 - 2018-07-02 10:52 - 000032038 _____ () C:\Users\Kamil\AppData\Local\uninstall_temp.ico
    2018-09-16 20:56 - 2018-09-24 20:06 - 000000015 _____ () C:\Users\Kamil\AppData\Local\X-Plane_drm_11.prf
    2018-09-16 20:55 - 2018-09-16 20:55 - 000000022 _____ () C:\Users\Kamil\AppData\Local\x-plane_install_11.txt
    C:\Users\Kamil\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe
    C:\Users\Kamil\AppData\Roaming\YoutubeDownloader\python\pythonw.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 21 Paź 2018 18:09
    kamiloqwe
    Poziom 3  

    Problem rozwiązany z pomocą użytkownika krzychupar.

    0