Elektroda.pl
Elektroda.pl
X
Servizza
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS nie moge sobie z tym poradzić

nanowaty 04 Gru 2015 19:23 795 4
  • Servizza
  • Pomocny post
    #2 04 Gru 2015 19:32
    Kolobos
    Spec od komputerów

    Odinstaluj:
    GPU Monitor
    McAfee Security Scan Plus

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: C:\Windows\Tasks\NHJYLMM.job => C:\Users\Rafaý˙\AppData\Roaming\NHJYLMM.exe <==== UWAGA
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-2365841404-1564159112-231404478-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Hosts: 0.0.0.1 mssplus.mcafee.com
    FF NetworkProxy: "backup.ftp", "200.142.99.14"
    FF NetworkProxy: "backup.ftp_port", 8080
    FF NetworkProxy: "backup.socks", "200.142.99.14"
    FF NetworkProxy: "backup.socks_port", 8080
    FF NetworkProxy: "backup.ssl", "200.142.99.14"
    FF NetworkProxy: "backup.ssl_port", 8080
    FF NetworkProxy: "ftp", "213.180.131.135 "
    FF NetworkProxy: "ftp_port", 80
    FF NetworkProxy: "http", "213.180.131.135 "
    FF NetworkProxy: "http_port", 80
    FF NetworkProxy: "no_proxies_on", ""
    FF NetworkProxy: "share_proxy_settings", true
    FF NetworkProxy: "socks", "213.180.131.135 "
    FF NetworkProxy: "socks_port", 80
    FF NetworkProxy: "ssl", "213.180.131.135 "
    FF NetworkProxy: "ssl_port", 80
    FF NetworkProxy: "type", 1
    FF Extension: BranderApp - C:\Users\Rafał\AppData\Roaming\Mozilla\Firefox\Profiles\m0ze5790.default\extensions\zgbgaho__msa@_fudkhitjszdgbfu.edu [2015-08-11] [Brak podpisu cyfrowego]
    FF Extension: BranderApp - C:\Users\Rafał\AppData\Roaming\Mozilla\Firefox\Profiles\m0ze5790.default\extensions\oozzzbofx_izg_@erauytafiwgwgh.org [2015-08-11] [Brak podpisu cyfrowego]
    CHR Extension: (Prezentacje Google) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA




    CHR Extension: (Dokumenty Google) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Dysk Google) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (YouTube) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-12] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Google Search) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Arkusze Google) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Google Wallet) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Gmail) - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (SaveerExtoenseioN) - C:\ProgramData\hnjmingfmameccjgdlcbghbebolpchpe\ []
    CHR HKLM-x32\...\Chrome\Extension: [dopemniaeocfenlpnoannaefnhfcjcgi] - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\Extensions\searchswitch.crx <nie znaleziono>
    S2 29850aa3; "C:\Windows\system32\rundll32.exe" "c:\progra~2\so_boo~1\AssistantSvc.dll",service
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    2015-12-04 18:57 - 2015-12-04 19:11 - 00000000 ____D C:\AdwCleaner
    2015-12-04 18:56 - 2015-12-04 18:56 - 01736704 _____ C:\Users\Rafał\Downloads\adwcleaner_5.023 (1).exe
    2015-12-04 18:11 - 2013-12-12 16:38 - 00000000 ____D C:\Program Files (x86)\Torntv V6.0
    2015-12-04 17:18 - 2015-08-07 07:54 - 00000000 ____D C:\Program Files (x86)\Print Friendly PDF
    2015-12-04 17:18 - 2015-08-07 07:34 - 00000000 ____D C:\Program Files (x86)\NewTab Connect Homepage
    2015-12-04 17:18 - 2015-07-30 19:23 - 00000000 ____D C:\Program Files (x86)\Quick Maps
    2015-12-04 17:18 - 2015-07-30 19:03 - 00000000 ____D C:\Program Files (x86)\PHP Console
    2015-12-04 17:18 - 2015-07-27 17:09 - 00000000 ____D C:\Program Files (x86)\Oweb Voice Input
    2015-12-04 17:18 - 2015-07-13 19:36 - 00000000 ____D C:\Program Files (x86)\Pinner for Pinterest
    2015-12-04 17:18 - 2015-07-01 20:32 - 00000000 ____D C:\Program Files (x86)\TickTick Todo Task List
    2015-12-04 17:18 - 2015-06-29 18:43 - 00000000 ____D C:\Program Files (x86)\Spanish translator for the web
    2015-12-04 17:18 - 2015-06-29 10:24 - 00000000 ____D C:\Program Files (x86)\Validity
    2015-12-04 17:18 - 2015-06-05 09:40 - 00000000 ____D C:\Program Files (x86)\World Clocks
    2015-12-04 17:18 - 2015-04-26 10:02 - 00000000 ____D C:\Program Files (x86)\Yammer
    2015-12-04 17:15 - 2015-07-28 11:26 - 00000000 ____D C:\Program Files (x86)\Kaboom
    2015-12-04 17:15 - 2015-07-27 17:29 - 00000000 ____D C:\Program Files (x86)\Larry Filter for Twitter
    2015-12-04 17:15 - 2015-07-09 10:52 - 00000000 ____D C:\Program Files (x86)\Hover Zoom
    2015-12-04 17:15 - 2015-04-28 09:05 - 00000000 ____D C:\Program Files (x86)\HostCabinet Who is hosting that website
    2015-12-04 17:13 - 2015-07-09 18:52 - 00000000 ____D C:\Program Files (x86)\Do Share
    2015-12-04 17:13 - 2015-06-27 10:09 - 00000000 ____D C:\Program Files (x86)\eShield
    2015-12-04 17:13 - 2015-06-07 10:20 - 00000000 ____D C:\Program Files (x86)\Flickr Reference
    2015-12-04 17:08 - 2015-07-13 19:16 - 00000000 ____D C:\Program Files (x86)\Clean Up Music DeInstant MixRadio
    2015-12-04 17:08 - 2015-07-09 18:52 - 00000000 ____D C:\Program Files (x86)\buuyyandbarowse
    2015-12-04 17:08 - 2015-07-01 20:12 - 00000000 ____D C:\Program Files (x86)\Assistantto Scheduling Assistant
    2015-12-04 17:08 - 2015-06-29 10:04 - 00000000 ____D C:\Program Files (x86)\Alarm
    2015-12-04 17:08 - 2015-06-25 16:36 - 00000000 ____D C:\Program Files (x86)\Browse Faster
    2013-10-27 12:37 - 2015-11-02 18:54 - 0000080 _____ () C:\Users\Rafał\AppData\Roaming\mBot.ini
    2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Rafał\AppData\Roaming\NHJYLMM
    EmptyTemp:

    W FRST wybierz Napraw.

    Do tego widze, ze brakuje pliku:
    S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
    Wpisz w oknie frst:
    TrustedInstaller.exe
    wybierz wyszukiwanie plikow i wrzuc w zalaczniku log, ktory sie utworzy.

    0
  • Servizza
  • Pomocny post
    #4 04 Gru 2015 20:11
    Kolobos
    Spec od komputerów

    Przejmij na wlasnosc katalog C:\Windows\servicing\ i nadaj sobie prawa do zapisu w tym katalogu.

    Nastepnie przegraj tam plik:
    C:\Windows\winsxs\amd64_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7600.16385_none_ed02252b66d7bca2\TrustedInstaller.exe

    0
  • #5 04 Gru 2015 22:00
    nanowaty
    Poziom 2  

    dzięki, wszystko gra.

    0