Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o sprawdzenie logów

iceboxfire 05 Sie 2016 13:31 684 5
  • CControls
  • #2 05 Sie 2016 13:57
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj AVG Web TuneUp i WinZip.

    Cytat:

    Task: {1AA3EDDF-E2BD-43C2-B25F-ED621F125DA1} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe <==== UWAGA
    Task: {42039D62-3581-4ECC-A651-253135C3D8DC} - System32\Tasks\IHeeaWACheckTask => C:\Program Files (x86)\IHeeaWA\IHeeaWA\bin\IHeeaWA_server.exe <==== UWAGA
    Task: {4A22519D-A471-4C97-9D67-76673CDD9F84} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {4E68A9DF-E973-4C92-BE66-AFD84ED42CBF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {4F1DC180-F6AE-4F6E-9B09-6199AEE13AA4} - System32\Tasks\Opera scheduled Autoupdate 1414940196 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
    Task: {69E08F26-897B-460B-9102-A34759DFDDCD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {6A55A1DF-4122-40BC-B78A-E4D83606C531} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\378ABDE95E3ABFCCB25A990E7BC66A36\Update\BrowserUpdate.exe <==== UWAGA
    Task: {75D8FB29-D796-4F1E-AB59-6ADB120F676A} - System32\Tasks\IHeeaWABrowserUpdateCore => C:\Program Files (x86)\IHeeaWA\IHeeaWA\bin\IHeeaWA_server.exe <==== UWAGA
    Task: {7B7F9D68-EC33-4586-A8D6-9517345DF1D6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {7F8BA87E-D48F-48A5-9ACF-2F9273637E1A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {81831748-8F28-44C4-8FD8-B28B20415584} - System32\Tasks\IHeeaWABrowserUpdateUA => C:\Program Files (x86)\IHeeaWA\IHeeaWA\bin\IHeeaWA_server.exe <==== UWAGA
    Task: {902B5F76-7558-4B49-B046-67E3BBF95F1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {940E7C91-B2CB-419D-BB3E-82B438F7530A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {AD2FCC1F-CCFE-43E5-B6F4-9CF85CF98CAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {AEA3329A-462F-4392-9ABC-896210E83E87} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {BDAD30EA-AB85-4063-B3BE-2D049137FCC3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {BE223875-74A0-42C2-861D-295A4AE077F1} - System32\Tasks\{9823A99B-CF91-41B0-A5DD-4223C7E5744F} => pcalua.exe -a C:\Users\kingutttt\AppData\Local\Torpedo\unins000.exe
    Task: {BED108C9-D7ED-4608-887F-9D1C593F9901} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {E8B86674-A939-40FE-B68A-52448DE06A6F} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\kingutttt\Desktop\Originals\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.piesearch.com/?uid=b8642f2d-db98-4ca0-9e3e-db1d83f17e31




    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\...\MountPoints2: {7a6da062-a9ab-11e5-8dc3-ec0ec416e1a8} - "F:\AutoRun.exe"
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\...\MountPoints2: {7a6da331-a9ab-11e5-8dc3-ec0ec416e1a8} - "F:\AutoRun.exe"
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\...\MountPoints2: {7a6da5dc-a9ab-11e5-8dc3-ec0ec416e1a8} - "F:\AutoRun.exe"
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\...\MountPoints2: {a183e376-b203-11e5-832a-28d244c63ecf} - "F:\HTC_Sync_Manager_PC.exe"
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\...\MountPoints2: {a183e3c2-b203-11e5-832a-28d244c63ecf} - "F:\HTC_Sync_Manager_PC.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=14326511...d=WDCXWD5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=14326511...d=WDCXWD5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=14326511...d=WDCXWD5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
    HKU\S-1-5-21-503109223-3342928970-316000187-1004\Software\Microsoft\Internet Explorer\Main,DisableRequiresActiveXPrompt = webcamtoy.com
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    SearchScopes: HKLM -> {96255F28-63C0-4BB8-9C72-F37A8C71CB61} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hs...50632847%26a%3Dwncy_mlvi_15_22%26os%3DWindows 8.1 Connected&p={searchTerms}
    SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...ME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
    SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...CH001&o=APN10648&apn_ptnrs=AGI&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...ME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...CH001&o=APN10648&apn_ptnrs=AGI&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> DefaultScope {96255F28-63C0-4BB8-9C72-F37A8C71CB61} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432...D5000LPCX-24C6HT0_WD-WX51A742CNA52CNA5&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> {96255F28-63C0-4BB8-9C72-F37A8C71CB61} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...ME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-503109223-3342928970-316000187-1004 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=...CH001&o=APN10648&apn_ptnrs=AGI&q={searchTerms}
    BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll [2014-11-04] (AVG)
    BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll [2014-11-04] (AVG)
    Toolbar: HKLM - Brak nazwy - {41ca0640-a64c-4262-8540-36c33ee58961} - Brak pliku
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll [Brak pliku]
    S2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [X]
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, uruchom go i kliknij Fix/Napraw.

    Przeskanuj komputer programem ADWCleaner i usuń wszystko co znalazł.

    1
  • CControls
  • #3 05 Sie 2016 15:27
    iceboxfire
    Poziom 2  

    Oki Dzięki wielkie, pomogło :)

    0
  • #4 05 Sie 2016 20:39
    Domino_2
    Pomocny dla użytkowników

    Możesz skasować folder C:\FRST.

    0
  • #6 29 Sie 2016 19:59
    krzychupar
    Poziom 40  

    Otwórz notatnik i wklej:
    Task: {1A281605-5D7C-450E-BDAD-C0794F4DE19D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {21A1331C-EB2F-42E4-9BE1-649E2789EF84} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {26D1781A-80BD-4050-8B5C-CC83BE947D72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {6086E87F-85D8-4F50-A50A-98033806963C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {6875D484-EFEE-41E9-BF2B-2C851BC2A679} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {7AD2A78A-AFA6-4A56-9722-F2EF4A2DBD7D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {AB60BAF1-2985-40B4-AF7F-FDE2E445D8E0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {B1A097B2-B794-442A-BC2F-74152F25A2E9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {B7D30D34-6917-4E44-8EBC-96FA45A5D9AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {D9E74250-E59C-4411-ACD2-ACBDA30FA908} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {E58ABA59-5A15-4478-8301-EDE8372B87E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\SAMSUNG\Desktop\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1471701273&a=1054912&src=sh&uuid=af76b556-3dd1-464c-98b7-b6bb40357d6f"
    HKU\S-1-5-21-1379208118-4201969627-841293682-1001\...\MountPoints2: {4573deb6-0439-11e6-be8e-1867b04caf5b} - "F:\setup.exe"
    HKU\S-1-5-21-1379208118-4201969627-841293682-1001\...\MountPoints2: {fe896470-a571-11e5-8955-24fd52886b80} - "F:\HTC_Sync_Manager_PC.exe"
    CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxps://mysearch.avg.com?cid={272222D0-A86E-477F-ACAE-E4680E03918E}&mid=2df3a5d1e1be47d29d34f5b4146c8273-fcf9b863d3e8f20518bb040537394119884af133&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:14:20&v=18.1.9.786&pid=safeguard&sg=&sap=hp","hxxps://mysearch.avg.com?cid={272222D0-A86E-477F-ACAE-E4680E03918E}&mid=2df3a5d1e1be47d29d34f5b4146c8273-fcf9b863d3e8f20518bb040537394119884af133&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:14:20&v=18.1.9.799&pid=safeguard&sg=&sap=hp","hxxp://binkiland.com/?f=7&a=bnk_ir_15_11&cd=2XzuyEtN2Y1L1QzuyDyC0F0DyDtBzzyB0EtC0BtDzz0B0DtCtN0D0Tzu0StCtCyCzytN1L2XzutAtFzztFtAtFtCtN1L1CzutCyEtBzytDyD1V1BtBtN1L1G1B1V1N2Y1L1Qzu2StA0B0ByD0CtB0F0FtG0E0EtBzztGzzzztCtBtG0AyCzzyCtGyEzytC0EyDyCtCyE0D0DyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzztD0F0A0AzztAtGyCzz0EyDtGyEtDtD0FtGzy0Fzz0FtGyDtB0B0DtC0F0EyD0EyByCyE2Q&cr=1956189231&ir="
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw

    0