A może tym ? → https://support.norton.com/sp/pl/pl/home/current/solutions/kb20080710133834EN_EndUserProfile_pl_pl
Myślę, że ESET
Mężczyzna
Napisane przez
pawel315
w 28 08 2014 - 23:19
A może tym ? → https://support.norton.com/sp/pl/pl/home/current/solutions/kb20080710133834EN_EndUserProfile_pl_pl
Myślę, że ESET
Napisane przez
pawel315
w 28 08 2014 - 23:10
Najpierw tym antyvirusem się zajmiemy. W jaki sposób Ci uniemożliwia ?
Wyczyść przeglądarki tym → /Przydatne-narz%C4%99dzia-dezynfekuj%C4%85ce-i-ochronne-t51856/#entry280152/
troszkę o tym czytałem to ToopBuyER
Napisane przez
pawel315
w 28 08 2014 - 22:27
Kto to tyle razy pobierał ![]()
W Extras.txt można znaleść między innymi info na temat systemu, układu partycji, wersji IE i tak dalej.
OTL Extras logfile created on: 2014-08-27 14:20:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Amadeusz\Desktop\Logi 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.17054) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,90 Gb Total Physical Memory | 3,70 Gb Available Physical Memory | 62,71% Memory free 7,40 Gb Paging File | 5,00 Gb Available in Paging File | 67,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 418,19 Gb Total Space | 369,50 Gb Free Space | 88,36% Space Free | Partition Type: NTFS Drive D: | 16,79 Gb Total Space | 2,14 Gb Free Space | 12,74% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Amadeusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Później kikla informacji o rejestrze i lista zainstaloanych programów.
Wracając do tematu to jeszcze widziałem coś nieusuniętego.
Wykonaj taki skrypt jeszcze
:OTL O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:373E1720 :Files C:\Program Files (x86)\websaverr :Commands [reboot]
A DNS'y należą do plusa więc jest z nimi OK
Napisane przez
pawel315
w 28 08 2014 - 20:23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F5B1CA-A428-4223-920B-04B7C7D5100C}: DhcpNameServer = 212.2.96.53 212.2.96.54
DNS'y masz źle ustawione, skoryguj
Napisane przez
pawel315
w 27 08 2014 - 15:39
Witaj
No bywało gorzej ![]()
Odinstaluj:
Optimizer Pro v3.2 sweet-page uninstall Deal Keeper websaverr SupTab WindowsMangerProtect20.0.0.502
Uuruchom OTL i w oknie "Własne opcje skanowanie/skrypt" wklej:
:OTL
SRV - [2014-08-23 13:36:50 | 000,323,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe -- (Util Deal Keeper)
SRV - [2014-08-23 13:33:41 | 000,323,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe -- (Update Deal Keeper)
SRV - [2014-07-29 11:42:39 | 000,702,344 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014-07-29 11:42:29 | 000,535,936 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
DRV:64bit: - [2014-07-30 02:24:12 | 000,061,072 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys -- ({55dce8ba-9dec-4013-937e-adbf9317d990}w64)
O2:64bit: - BHO: (websaverr) - {0A04F7D6-F622-187A-78E2-48A3EA0709EB} - C:\ProgramData\websaverr\gTw8Q.x64.dll ()
O2 - BHO: (websaverr) - {0A04F7D6-F622-187A-78E2-48A3EA0709EB} - C:\ProgramData\websaverr\gTw8Q.dll ()
:Files
C:\ProgramData\websaverr
C:\ProgramData\82e54e508926562e
C:\Program Files (x86)\SupTab
C:\ProgramData\WindowsMangerProtect
C:\Users\Amadeusz\AppData\Roaming\sweet-page
C:\Windows\SysNative\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys
:Commands
[emptytemp]
Kliknij "Wykonaj Skrypt", a po wykonaniu użyj programu AdwCleaner
Napisane przez
pawel315
w 26 04 2013 - 19:27
IB Updater 2.0.0.578 Ask Toolbar IB Updater Service Ask Toolbar UpdaterUruchom OTL w okienku Własne opcje skanowania/skrypt wklej:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=e9505684-7555-11e2-8007-1c6f65dfaa8b
IE - HKLM\..\SearchScopes\{DFBC1D61-B379-4AA9-BF5F-1B0A1961D314}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-861567501-1078081533-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=e9505684-7555-11e2-8007-1c6f65dfaa8b
IE - HKU\S-1-5-21-861567501-1078081533-1801674531-1004\..\SearchScopes\{8644C302-4CFA-439F-B60B-1FA21ECE0243}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=8423E01C-2630-4503-9F9A-C90E2BC90F1F&apn_sauid=02AF6127-AB7E-46B0-BCE0-98840CD19351
IE - HKU\S-1-5-21-861567501-1078081533-1801674531-1004\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://searchab.com/?aff=7&uid=e9505684-7555-11e2-8007-1c6f65dfaa8b&q={searchTerms}
IE - HKU\S-1-5-21-861567501-1078081533-1801674531-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6Oz13G5jqj&i=26
IE - HKU\S-1-5-21-861567501-1078081533-1801674531-1004\..\SearchScopes\{DFBC1D61-B379-4AA9-BF5F-1B0A1961D314}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms}
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
CHR - homepage: http://searchab.com/?aff=7&uid=e9505684-7555-11e2-8007-1c6f65dfaa8b
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun File not found
O4 - HKU\S-1-5-21-861567501-1078081533-1801674531-1004..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - HKU\S-1-5-21-861567501-1078081533-1801674531-1004..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKU\S-1-5-21-861567501-1078081533-1801674531-1004..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-861567501-1078081533-1801674531-1004..\Run: [RGSC] D:\Gry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O20 - AppInit_DLLs: (c:\progra~1\justbr~1\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\magnipic\sprote~1.dll) - File not found
:Commands
[emptytemp]
Kliknij Wykonaj skrypt daj log z usuwania.
Napisane przez
100nka
w 26 04 2013 - 09:56
Napisane przez
Qauke
w 26 04 2013 - 00:55
Napisane przez
viris33
w 25 04 2013 - 23:23

Moja zawartość