devon
(Sbar)
#1
Witam po długiej przerwie,
Proszę sprawdźcie logi według opisu w temacie Obowiązkowe LOGI
Wolno działa system, ładują sie aplikacje itp internet również coś nie tak
OLT - http://www.wklejto.pl/218834
OLT Extra - http://www.wklejto.pl/218835
FRST - http://www.wklejto.pl/218836
Addon - http://www.wklejto.pl/218837
Dziękuje za pomoc !
devon
(Sbar)
#3
Nie, nie skanowałem … juz ściagam Malwarebytes także dam znaka jak PO… skanowaniu - dzieki
Acorus
(Acorus)
#4
Odinstaluj Adobe Reader 9.5.0.Otwórz notatnik systemowy i wklej:
Task: {06082C06-FEB1-4B1D-A318-A57FA8371B11} - System32\Tasks\SaveSense = C:\Users\Devon\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: {936D76C7-CEAE-4AAB-9AD2-0A620E396262} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-23] (SaveSense) ==== ATTENTION
Task: {E7B08B31-AD26-4605-B86B-A495466581C8} - System32\Tasks\QDQHF = C:\Users\Devon\AppData\Roaming\QDQHF.exe [2014-12-30] (end) ==== ATTENTION
Task: {ED29C4F3-02D2-4645-B8C4-8AF57FC63077} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-23] (SaveSense) ==== ATTENTION
Task: C:\Windows\Tasks\QDQHF.job = C:\Users\Devon\AppData\Roaming\QDQHF.exe ==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job = C:\Users\Devon\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe ==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe ==== ATTENTION
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKU\S-1-5-21-4158708695-1608880584-637842310-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKU\S-1-5-21-4158708695-1608880584-637842310-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=scts=1392648602from=coruid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKU\S-1-5-21-4158708695-1608880584-637842310-1000 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKU\S-1-5-21-4158708695-1608880584-637842310-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Devon\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense)
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=scts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-23] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-23] (SaveSense)
S2 Update FindRight; "C:\Program Files (x86)\FindRight\updateFindRight.exe" [X]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}w64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}w64.sys [61080 2014-08-20] (StdLib)
2014-12-30 14:20 - 2014-12-30 14:20 - 00000000 ____ D () C:\ProgramData\1887373585
2014-12-30 14:19 - 2014-12-30 14:19 - 00000000 ____ D () C:\Users\Devon\Documents\Optimizer Pro
2014-12-30 14:06 - 2014-12-30 14:19 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2014-12-30 14:06 - 2014-12-30 14:19 - 00000000 ____ D () C:\Program Files (x86)\Bench
2014-12-30 14:05 - 2014-12-30 14:17 - 00001336 _____ () C:\Windows\Tasks\QDQHF.job
2014-12-30 14:05 - 2014-12-30 14:05 - 01830376 _____ (end) C:\Users\Devon\AppData\Roaming\QDQHF.exe
2014-12-30 14:05 - 2014-12-30 14:05 - 00004374 _____ () C:\Windows\System32\Tasks\QDQHF
2014-12-30 14:05 - 2014-12-30 14:05 - 00000000 ____ D () C:\Users\Devon\AppData\Local\Cool_Mirage
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
devon
(Sbar)
#5
Dziękuje bardzo za pomoc ! - Acorus
Najlepszego w nowym roku WSZYSTKIM !
Acorus
(Acorus)
#6
devon
(Sbar)
#7
Znowu problem, tym razem nie otwierają mi się niektóre aplikacje
Proszę o pomoc
OLT - http://www.wklejto.pl/221457
FRST - http://wklejto.pl/221458
dzieki z góry!