Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sparwdzenie logów

MrZet555 04 Sie 2016 14:04 816 9
  • #1 04 Sie 2016 14:04
    MrZet555
    Poziom 5  

    Witam od paru dni borykam się ze spowolnionym internetem oraz wyskakującymi reklamami..bardzo proszę fachowców o pomoc poniżej zamieszczam logi..z góry bardzo dziękuję i pozdrawiam

    0 9
  • Pomocny post
    #3 04 Sie 2016 14:13
    djarta
    Poziom 9  

    Jednak dałbym najpierw do usuwania w skrypcie ten Java Skrypt:

    Cytat:

    HKU\S-1-5-21-3219549266-2120432267-499511546-1000\...\Run: [Host Service] => wscript "C:\Users\Sylwiuncia\AppData\Local\Host Service\launchall.js" <===== ATTENTION

    Który przy każdym restarcie instaluje na nowo Adware.

    0
  • #4 04 Sie 2016 14:17
    MrZet555
    Poziom 5  

    ok dziekuję przeskanuje i ponownie zamieszcze logi

    0
  • Pomocny post
    #5 04 Sie 2016 14:34
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj Host Service.

    Cytat:

    Task: {03E31ECF-7969-44FF-A087-D7C9CCBC7B1F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {07491EF3-F330-4CD6-8AD7-9B57FB83B888} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {098FE4E9-B8C6-4AD2-8870-1DCA2614B4FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {16FF5A4D-8D35-4A48-B860-3C930FFC4334} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
    Task: {1E43EB30-FF9D-4E2F-ACA3-3C06DBDABE01} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
    Task: {408AAB32-6D7E-4088-B885-FAF8036E2026} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {53E9B609-15F4-43E3-96B5-3BA65853C9F8} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
    Task: {5C000914-9277-4AB2-BCB9-C6BB5359FDC2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {5EB35905-A4A8-4C1E-AB96-51ED43964726} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {73602E2B-E5BB-4800-AE79-4F2130397764} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {76D58F51-317B-42DF-88BE-1376D0B7A170} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {922B2D07-83CB-49B3-AC8D-3AC4801D61DE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {A7188C33-6D71-417B-B56D-B661E8AC74BE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {C56764FB-9444-46D5-90FF-E1BF8446C765} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {EEC39A6D-D454-475C-A8CF-B5C06609D9AE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {FB31B093-2C15-4764-9D96-9D887131C9D2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\Sylwiuncia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome RDP for Google Cloud Platform.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mpbbnannobiobpnfblimoapbephgifkm
    ShortcutWithArgument: C:\Users\Sylwiuncia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome RDP.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cbkkbcmdlboombapidmoeolnmdacpkch
    ShortcutWithArgument: C:\Users\Sylwiuncia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pulpit zdalny Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp




    ShortcutWithArgument: C:\Users\Sylwiuncia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\VNC® Viewer for Google Chrome™.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=iabmpiboiopbgfabjmgeedhcmjenhbla
    ShortcutWithArgument: C:\Users\Sylwiuncia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8e5c0db72600a899\Witek - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ghifackarapulyfinck
    HKU\S-1-5-21-3219549266-2120432267-499511546-1000\...\Run: [Host Service] => wscript "C:\Users\Sylwiuncia\AppData\Local\Host Service\launchall.js" <===== ATTENTION
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts: Restriction <======= ATTENTION
    FF Keyword.URL: undefined://undefined/
    CHR HomePage: ghifackarapulyfinck -> hxxp://www.my-online-search.com/?babsrc=HP_of...t=delta&dlb=2&affID=119357&tt=gc_
    CHR StartupUrls: ghifackarapulyfinck -> "search.mpc.am","hxxp://www.trotux.com/?z=1ca446c62f3a758c3d80f42g8zaqbt7bcq1w8w3c5o&from=isr&uid=ST9320423AS_5VJBJQD6XXXX5VJBJQD6&type=hp"
    S3 AIDA64Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme\kerneld.x32 [X]
    U3 idsvc; no ImagePath
    U3 wpcsvc; no ImagePath
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, uruchom go i kliknij Fix/Napraw.

    0
  • Pomocny post
    #7 04 Sie 2016 15:08
    Kolobos
    Spec od komputerów

    Zachcialo sie aktywatorow...

    Fixlist.txt dla FRST:
    CloseProcesses:
    2016-07-30 16:09 - 2016-07-30 16:09 - 00141312 ____H () C:\Users\Sylwiuncia\AppData\Local\Temp\local32spl.dll
    2016-07-30 16:09 - 2016-07-30 16:09 - 00141312 ____H () C:\WINDOWS\Temp\local32spl.dll
    2016-07-30 16:09 - 2016-07-30 16:09 - 00141312 ____H () C:\Users\Sylwiuncia\AppData\Roaming\Mozilla\Firefox\Profiles\6g98iw1f.default\local32spl.dll
    2016-07-30 16:09 - 2016-07-30 16:09 - 00141312 ____H () C:\Users\Sylwiuncia\AppData\Local\Google\Chrome\User Data\local32spl.dll
    2014-08-31 17:34 - 2014-08-31 17:34 - 00294912 _____ () C:\Users\Sylwiuncia\AppData\Local\Host Service\nssm.exe
    2016-01-22 06:45 - 2016-01-22 06:45 - 00086528 _____ () C:\Users\Sylwiuncia\AppData\Local\Host Service\mgwz.dll
    2016-04-08 07:36 - 2016-04-08 07:36 - 00230019 _____ () C:\Users\Sylwiuncia\AppData\Local\Host Service\dofilterHost.exe
    2016-08-04 14:46 - 2016-08-04 14:46 - 00010752 _____ () C:\Users\Sylwiuncia\AppData\Local\Temp\nsrA57F.tmp\System.dll
    Hosts:
    C:\Users\Sylwiuncia\AppData\Local\Host Service\
    () C:\Users\Sylwiuncia\AppData\Local\Host Service\nssm.exe
    (The Privoxy team - www.privoxy.org) C:\Users\Sylwiuncia\AppData\Local\Host Service\dofilter.exe
    () C:\Users\Sylwiuncia\AppData\Local\Host Service\dofilterHost.exe
    HKU\S-1-5-21-3219549266-2120432267-499511546-1000\...\Run: [Host Service] => wscript "C:\Users\Sylwiuncia\AppData\Local\Host Service\launchall.js" <===== ATTENTION
    C:\Users\Sylwiuncia\AppData\Local\Host Service\launchall.js
    HKU\S-1-5-21-3219549266-2120432267-499511546-1000\...\Run: [DUP] => "C:\Program Files\DriverUpdaterPro\DriverUpdaterPro.exe" /ot /as /ss
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts: Restriction <======= ATTENTION
    FF Homepage: hxxp://www.startbook.com/
    FF Keyword.URL: undefined://undefined/
    CHR HomePage: ghifackarapulyfinck -> hxxp://www.my-online-search.com/?babsrc=HP_of...t=delta&dlb=2&affID=119357&tt=gc_
    CHR StartupUrls: ghifackarapulyfinck -> "search.mpc.am","hxxp://www.trotux.com/?z=1ca446c62f3a758c3d80f42g8zaqbt7bcq1w8w3c5o&from=isr&uid=ST9320423AS_5VJBJQD6XXXX5VJBJQD6&type=hp"
    R2 dofilter; C:\Users\Sylwiuncia\AppData\Local\Host Service\nssm.exe [294912 2014-08-31] () [File not signed]
    S3 AIDA64Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme\kerneld.x32 [X]
    2016-08-04 12:43 - 2016-08-04 12:43 - 01743872 _____ (Farbar) C:\Users\Sylwiuncia\Downloads\FRST (5).exe
    2016-08-04 12:42 - 2016-08-04 12:43 - 01743872 _____ (Farbar) C:\Users\Sylwiuncia\Downloads\FRST (4).exe
    2016-08-04 12:42 - 2016-08-04 12:42 - 01743872 _____ (Farbar) C:\Users\Sylwiuncia\Downloads\FRST (3).exe
    2016-08-04 12:35 - 2016-08-04 12:36 - 01743872 _____ (Farbar) C:\Users\Sylwiuncia\Downloads\FRST (2).exe
    2016-08-04 12:35 - 2016-08-04 12:35 - 01743872 _____ (Farbar) C:\Users\Sylwiuncia\Downloads\FRST (1).exe
    2016-07-30 09:59 - 2016-07-30 17:32 - 00000000 ___HD C:\Program Files\ruq2CE8
    2016-07-30 09:49 - 2016-08-04 03:54 - 00000000 ____D C:\Users\Sylwiuncia\AppData\Roaming\HPReyos
    2016-07-30 09:47 - 2016-07-30 09:48 - 00000000 ____D C:\Users\Sylwiuncia\AppData\Local\Host Service
    2016-07-30 09:46 - 2016-07-30 09:47 - 18698056 _____ (Torrentex Inc. ) C:\Users\Sylwiuncia\Downloads\Re_loader Activator 1.3_ For Windows 10 Full Version
    2016-07-30 17:44 - 2016-07-30 17:45 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794 (5).exe
    2016-07-29 23:34 - 2016-07-29 23:34 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794 (4).exe
    2016-07-29 23:34 - 2016-07-29 23:34 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794 (3).exe
    2016-07-29 23:34 - 2016-07-29 23:34 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794 (2).exe
    2016-07-29 23:33 - 2016-07-29 23:33 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794.exe
    2016-07-29 23:33 - 2016-07-29 23:33 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sylwiuncia\Downloads\driveragent-setup-794 (1).exe
    EmptyTemp:

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • Pomocny post
    #9 04 Sie 2016 16:02
    Kolobos
    Spec od komputerów

    Odinstaluj Host Service, odinstaluj tez Firefox, usun katalog profilu %APPDATA%\Mozilla\Firefox\Profiles\ i zainstaluj FF ponownie. Wczesniej zgraj zakladki.

    0
  • #10 04 Sie 2016 17:06
    MrZet555
    Poziom 5  

    Super komputer teraz chodzi jak nowy..Bardzo dziękuję za pomoc.
    Prośba o sparwdzenie logów

    0