Wolne działanie systemu, ładowanie aplikacji, internet


(Sbar) #1

Witam po długiej przerwie,

Proszę sprawdźcie logi według opisu w temacie Obowiązkowe LOGI

Wolno działa system, ładują sie aplikacje itp internet również coś nie tak :frowning:

 

 

 

OLT - http://www.wklejto.pl/218834

OLT Extra - http://www.wklejto.pl/218835

 

FRST - http://www.wklejto.pl/218836

Addon - http://www.wklejto.pl/218837

 

Dziękuje za pomoc !


(MrBeckham666) #2

skanowałeś MBAM i adwcleaner warto i jakimś antywirusem warto to wykonać na początek.

 

przy wiekszych infekcjach przydaje się rescue disc dr web

 

http://www.freedrweb.com/livedisk/

 

http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html

 

http://www.dobreprogramy.pl/AdwCleaner,Program,Windows,38865.html


(Sbar) #3

Nie, nie skanowałem … :slight_smile: juz ściagam Malwarebytes także dam znaka jak PO… skanowaniu :slight_smile: - dzieki


(Acorus) #4

Odinstaluj Adobe Reader 9.5.0.Otwórz notatnik systemowy i wklej:

Task: {06082C06-FEB1-4B1D-A318-A57FA8371B11} - System32\Tasks\SaveSense = C:\Users\Devon\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: {936D76C7-CEAE-4AAB-9AD2-0A620E396262} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-23] (SaveSense) ==== ATTENTION
Task: {E7B08B31-AD26-4605-B86B-A495466581C8} - System32\Tasks\QDQHF = C:\Users\Devon\AppData\Roaming\QDQHF.exe [2014-12-30] (end) ==== ATTENTION
Task: {ED29C4F3-02D2-4645-B8C4-8AF57FC63077} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-23] (SaveSense) ==== ATTENTION
Task: C:\Windows\Tasks\QDQHF.job = C:\Users\Devon\AppData\Roaming\QDQHF.exe ==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job = C:\Users\Devon\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe ==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job = C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe ==== ATTENTION
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
HKU\S-1-5-21-4158708695-1608880584-637842310-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
HKU\S-1-5-21-4158708695-1608880584-637842310-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=scts=1392648602from=coruid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKU\S-1-5-21-4158708695-1608880584-637842310-1000 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
SearchScopes: HKU\S-1-5-21-4158708695-1608880584-637842310-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUSq={searchTerms}
BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Devon\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense)
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=scts=1419944821from=ilduid=TOSHIBAXMK2046GSX_48QEF0EUSXX48QEF0EUS
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-23] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-23] (SaveSense)
S2 Update FindRight; "C:\Program Files (x86)\FindRight\updateFindRight.exe" [X]
R1 {fef7f75c-f985-4250-96f9-8183cd04238b}w64; C:\Windows\System32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}w64.sys [61080 2014-08-20] (StdLib)
2014-12-30 14:20 - 2014-12-30 14:20 - 00000000 ____ D () C:\ProgramData\1887373585
2014-12-30 14:19 - 2014-12-30 14:19 - 00000000 ____ D () C:\Users\Devon\Documents\Optimizer Pro
2014-12-30 14:06 - 2014-12-30 14:19 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2014-12-30 14:06 - 2014-12-30 14:19 - 00000000 ____ D () C:\Program Files (x86)\Bench
2014-12-30 14:05 - 2014-12-30 14:17 - 00001336 _____ () C:\Windows\Tasks\QDQHF.job
2014-12-30 14:05 - 2014-12-30 14:05 - 01830376 _____ (end) C:\Users\Devon\AppData\Roaming\QDQHF.exe
2014-12-30 14:05 - 2014-12-30 14:05 - 00004374 _____ () C:\Windows\System32\Tasks\QDQHF
2014-12-30 14:05 - 2014-12-30 14:05 - 00000000 ____ D () C:\Users\Devon\AppData\Local\Cool_Mirage
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Sbar) #5

Dziękuje bardzo za pomoc ! - Acorus

 

Najlepszego w nowym roku WSZYSTKIM !


(Acorus) #6

Skasuj folder C:\FRST.Zainstaluj Adobe Reader XI 11.0.10 http://download.adobe.com/pub/adobe/reader/win/11.x/11.0.00/pl_PL/AdbeRdr11000_pl_PL.exe


(Sbar) #7

Znowu problem, tym razem nie otwierają mi się niektóre aplikacje

Proszę o pomoc 

 

OLT - http://www.wklejto.pl/221457

FRST - http://wklejto.pl/221458

 

dzieki z góry!