Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Logi FRST - Usunięcie wyskakujących reklam

milosz998 18 Sty 2018 17:07 279 1
  • #1 18 Sty 2018 17:07
    milosz998
    Poziom 10  

    Witam.

    Zawsze pomagaliście moi drodzy, mam nadzieję że teraz też pomożecie.

    Proszę was o sprawdzenie logów z FRST i usunięcie reklam, które wyskakują mi notorycznie. Przed chwilą zainstalowałem jakieś g**** które sprawiło że ciągle wyskakują mi reklamy, odpalając przeglądarke samoczynnie, plus gdzie bym nie wszedł mam reklamy.


    POMOCY!

    0 1
  • #2 18 Sty 2018 18:26
    krzychupar
    Poziom 40  

    Odinstaluj:
    Ace Stream Media 3.1.1 (HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\AceStream) (Version: 3.1.1 - Ace Stream Media) <==== UWAGA
    Main Services (HKLM-x32\...\{7C10D314-58A5-4CB6-9E3C-1ADDA652ED0C}) (Version: 1.2.10 - System Native) Hidden <==== UWAGA
    Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== UWAGA
    YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.425 - Company Inc.) <==== UWAGA

    Otwórz notatnik systemowy i wklej:

    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {14454CD4-EF79-4C62-8F22-9130C9C64BAB} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {26D35D39-152B-40E7-A70B-FA9BBC63A058} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {2BFC1360-00A4-401E-9A51-B12F7F6EA94A} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== UWAGA
    Task: {5176ADC2-C235-40CE-BBBB-3578352247F8} - System32\Tasks\Time City Page Control => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Time City Page Control\Time City Page Control.dll",VCLrENlTeD <==== UWAGA
    Task: {7939FD90-B589-4D7D-AC24-E2C1768A3BE2} - System32\Tasks\updater => C:\Program Files (x86)\System Native\Main Services\updater.exe [2018-01-16] (System Native) <==== UWAGA
    Task: {865977F5-2819-43A4-97D1-F45BAA0E616B} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {8F8D72E5-6F8B-4778-8A0E-5BA51A0EB2B1} - System32\Tasks\{6E8B97C5-4E3E-4DD2-A2D1-C7BA26E381F7} => C:\WINDOWS\system32\pcalua.exe -a E:\cda_menu.exe -d E:\
    Task: {92DAA99B-9F02-45AC-B2B4-14F3785D5EAD} - System32\Tasks\BcyoMZkjXMgFaPP => rundll32 "C:\Program Files (x86)\umkISPBbU\VZoTiN.dll",#1
    Task: {9C37B5F0-D88B-4FAD-BC69-A7B6E3529A53} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {A75C5797-7D18-4982-BD7A-017B42FE7273} - System32\Tasks\Guard => C:\Program Files (x86)\System Native\Main Services\Guard.exe [2018-01-16] () <==== UWAGA
    Task: {B6903029-6B1D-4BFA-96FE-AD53DE0DE2B7} - System32\Tasks\saKXaLnxQURzlMgex => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\sGqPFtb.dll",#1
    Task: {C396F8C6-7DE8-4D6A-89CC-28855F3EE99E} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA




    Task: {CF8DD8E3-97C9-4225-8423-D52820433D24} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {DE1AE091-D1A4-4D97-9775-EBBF75DE87DB} - System32\Tasks\BcyoMZkjXMgFaPP2 => rundll32 "C:\Program Files (x86)\umkISPBbU\VZoTiN.dll",#1
    Task: {F13F999A-0759-42EC-98A6-E8F9DB55CBAC} - System32\Tasks\saKXaLnxQURzlMgex2 => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\sGqPFtb.dll",#1
    Task: {FF174978-858E-4D4D-B261-985E00AC9EDD} - System32\Tasks\plaAVjRQXWCDePSecyr => rundll32 "C:\Program Files (x86)\aohGTEheqdnWC\mtwKetn.dll",#1
    Task: C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\VZoTiN.dll
    Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\mtwKetn.dll
    Task: C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job => C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\sGqPFtb.dll
    Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\stańcio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/
    ShortcutWithArgument: C:\Users\stańcio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://pop.yeawindows.com/
    ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://pop.yeawindows.com/
    Hosts:HKLM\...\Run: [SERVICE] => [X]
    HKLM\...\Run: [gplyra] => C:\Users\stańcio\AppData\Roaming\gplyra\gplyra\start.cmd [216 2017-01-10] () <==== UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\Run: [msiql] => C:\Users\stańcio\AppData\Local\Temp\00023220\msiql.exe [2072576 2018-01-18] () <==== UWAGA
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\Run: [2532400] => C:\Users\stańcio\AppData\Roaming\ssks21f4m5x\1534ijxpa0n.exe [664992 2018-01-18] (Solos )
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {0e61b73f-5e49-11e7-b693-54271ee76738} - "D:\setup_the_witcher_enhanced_edition_2.0.0.12.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {0e61b754-5e49-11e7-b693-54271ee76738} - "F:\setup.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {0e61b776-5e49-11e7-b693-54271ee76738} - "G:\autorun.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {2016d5dc-93ad-11e7-b6a9-54271ee76738} - "I:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {dfc1ccc4-0f57-11e5-8285-54a0506318a2} - "I:\DPFMate.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {e6faaac5-1c4e-11e5-8289-54a0506318a2} - "I:\DPFMate.exe"
    HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\...\MountPoints2: {f862dd30-0c95-11e7-8368-54271ee76738} - "I:\DPFMate.exe"
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    Tcpip\..\Interfaces\{096ac924-1a87-4d61-9f3c-dd1547e3f2d3}: [NameServer] 82.163.142.8,95.211.158.136
    SearchScopes: HKU\S-1-5-21-4060978095-3377081907-1478406957-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart...__1_0__ya__ch_WCYID10285__170703__yaie&p={searchTerms}
    FF NewTab: Mozilla\Firefox\Profiles\4zlp3irq.default -> hxxps://pl.search.yahoo.com/yhs/web?hspart=lv...ebcompa__1_0__ya__hp_WCYID10285__170703__yaff
    FF NetworkProxy: Mozilla\Firefox\Profiles\4zlp3irq.default -> ftp", "87.103.130.156"
    CHR HKU\S-1-5-21-4060978095-3377081907-1478406957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
    R2 service_box.exe; C:\Program Files (x86)\System Native\Main Services\service.exe [10699264 2018-01-16] () [Brak podpisu cyfrowego] <==== UWAGA
    S3 updater; C:\Program Files (x86)\System Native\Main Services\updater.exe [564224 2018-01-16] (System Native) [Brak podpisu cyfrowego] <==== UWAGA
    S2 ylDfc2GCKVau Updater; C:\Program Files (x86)\ylDfc2GCKVau Updater\ylDfc2GCKVau Updater.exe [X]
    018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\umkISPBbU
    2018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\TwPufLOWyrxU2
    2018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\RrHYXuUpocPTIXdsppR
    2018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\qTTaaczyWvUn
    2018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\GBeMZXQZBIE
    2018-01-18 17:00 - 2018-01-18 17:00 - 000000000 ____D C:\Program Files (x86)\aohGTEheqdnWC
    2018-01-18 16:30 - 2018-01-18 17:00 - 000003214 _____ C:\WINDOWS\System32\Tasks\pnIxobGIUDXdNt
    2018-01-18 16:30 - 2018-01-18 17:00 - 000002864 _____ C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP2
    2018-01-18 16:29 - 2018-01-18 17:00 - 000002890 _____ C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex2
    2018-01-18 16:29 - 2018-01-18 17:00 - 000002882 _____ C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr2
    2018-01-18 16:29 - 2018-01-18 17:00 - 000002652 _____ C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex
    2018-01-18 16:29 - 2018-01-18 17:00 - 000002644 _____ C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr
    2018-01-18 16:29 - 2018-01-18 17:00 - 000002626 _____ C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP
    2018-01-18 16:29 - 2018-01-18 17:00 - 000000328 _____ C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job
    2018-01-18 16:29 - 2018-01-18 17:00 - 000000316 _____ C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job
    2018-01-18 16:29 - 2018-01-18 17:00 - 000000306 _____ C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job
    2018-01-18 16:28 - 2017-12-06 13:27 - 002308096 ___SH () C:\Users\stańcio\AppData\Roaming\tmp546.dat
    2018-01-18 16:27 - 2018-01-18 16:27 - 000011568 _____ () C:\Users\stańcio\AppData\Local\InstallationConfiguration.xml
    2018-01-18 16:27 - 2018-01-18 16:27 - 000140800 _____ () C:\Users\stańcio\AppData\Local\installer.dat
    2018-01-18 16:27 - 2018-01-18 16:28 - 000930816 _____ () C:\Users\stańcio\AppData\Local\po.db
    C:\Users\stańcio\AppData\Roaming\gplyra\gplyra\start.cmd
    C:\Users\stańcio\AppData\Local\Temp\00023220\msiql.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0