Prośba o analizę logów


(Jakub Kuc) #1

Chciałbym sprawdzić kompa.

WklejkI:

http://wklej.org/id/1627487/

http://wklej.org/id/1627488/


(Acorus) #2

Odinstaluj WindowsMangerProtect20.0.0.722.Otwórz notatnik systemowy i wklej:

Task: {C1119FE5-72BA-4772-8C2A-5E4064B11030} - System32\Tasks\YTDownloader = C:\Program Files (x86)\YTDownloader\YTDownloader.exe ==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1409771847from=coruid=ST500DM002-1BD142_Z6E0RRTAXXXXZ6E0RRTAq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1409771847from=coruid=ST500DM002-1BD142_Z6E0RRTAXXXXZ6E0RRTAq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1409771847from=coruid=ST500DM002-1BD142_Z6E0RRTAXXXXZ6E0RRTAq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1409771847from=coruid=ST500DM002-1BD142_Z6E0RRTAXXXXZ6E0RRTAq={searchTerms}
HKU\S-1-5-21-965541942-1898341838-2402343780-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={1BD066F6-B4D8-478E-A6EF-3A82F002D02D}mid=6fb9c7c865ab47d2b0a26619d544e743-4e1135efebbf5494d4e9948ea4065471d5ae644elang=plds=AVGcoid=avgtbavgcmpid=pr=frd=2014-11-06 20:39:49v=4.0.6.10pid=wtusg=sap=hp
SearchScopes: HKU\S-1-5-21-965541942-1898341838-2402343780-1000 - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={1BD066F6-B4D8-478E-A6EF-3A82F002D02D}mid=6fb9c7c865ab47d2b0a26619d544e743-4e1135efebbf5494d4e9948ea4065471d5ae644elang=plds=AVGcoid=avgtbavgcmpid=pr=frd=2014-11-06 20:39:49v=4.0.0.19pid=wtusg=sap=dspq={searchTerms}
SearchScopes: HKU\S-1-5-21-965541942-1898341838-2402343780-1000 - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.mystart.com/results.php?gen=mspr=vmnid=mystarttbv=5_4ent=ch_5224q={searchTerms}
SearchScopes: HKU\S-1-5-21-965541942-1898341838-2402343780-1000 - {58CE3555-6E60-43cd-8653-387BCC3D0D73} URL = http://search.yahoo.com/search?p={searchTerms}fr=chr-devicevmtype=STDVM
SearchScopes: HKU\S-1-5-21-965541942-1898341838-2402343780-1000 - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={1BD066F6-B4D8-478E-A6EF-3A82F002D02D}mid=6fb9c7c865ab47d2b0a26619d544e743-4e1135efebbf5494d4e9948ea4065471d5ae644elang=plds=AVGcoid=avgtbavgcmpid=pr=frd=2014-11-06
BHO: No Name - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - No File
BHO-x32: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll ()
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll ()
Toolbar: HKLM-x32 - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll ()
CHR DefaultSuggestURL: Default - http://toolbar.avg.com/acp?q={searchTerms}o=1
CHR Extension: (AVG Secure Search) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-06]
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx [2014-06-25]
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-01-29] (AVG Secure Search)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S3 gdrv; \\C:\Windows\gdrv.sys [X]
2014-10-04 07:58 - 2014-10-04 07:58 - 0301608 _____ (VuuPC Limited) C:\Users\Kuba\AppData\Local\nsj7A4F.tmp
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Jakub Kuc) #3

Faktycznie pomogło, dziękuję.

Fixlog: http://wklej.org/id/1627594/


(Acorus) #4

Skasuj folder C:\FRST


(Jakub Kuc) #5

Ok. Jeszcze raz dziękuję.