Dziwne reklamy w Chrome. Laptop wolno chodzi

DjStanley · 23 Września 2014

WItam. Posiadam laptopa marki HP ProBook 4740s wraz z Windowsem 8.0 64-bit. Od wczoraj chodzi tragicznie. Uruchamia się ponad 5 minut, tak samo wolne są reakcje na każdy uruchomiony program. Przeskanowałem go programem FRST. Załączam logi dzięki z góry za pomoc pozdrawiam.

Shortcut.txt

Addition.txt

FRST.txt

picasso · 23 Września 2014

W systemie działa multum obiektów adware uruchamianych metodą via Harmonogram zadań oraz usługi. Potencjalne drogi nabycia: KLIK.

Wstępne działania:

1. Otwórz Notatnik i wklej w nim:

CloseProcesses:
Task: {18E0AA83-9D50-4E58-8C2B-76BF566C781F} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.exe [2014-09-22] (Object Browser) 
Task: {26094FD8-6F3F-4DA2-B611-487470B5E673} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5_user => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5.exe [2014-09-23] (iWebar) 
Task: {373728B0-2F33-4F59-B064-02D86318CB55} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [2014-09-23] (iWebar) 
Task: {389AC3E9-A34B-47FB-96F9-3C0993BAF0F2} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe [2014-09-23] (Object Browser) 
Task: {488ED5A6-6C96-45D7-A2FD-1DE9B6EC005F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-23] (globalUpdate) 
Task: {5E604E49-DF69-4A9C-A46E-B39999CB961E} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.exe [2014-09-22] (Object Browser) 
Task: {6D14C6C5-DFBD-4C06-ABF3-447366756CDF} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-11 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-11.exe [2014-09-23] (iWebar) 
Task: {6D30713F-C0DB-48E7-9743-248957F37E55} - System32\Tasks\Installer_shopperpro => C:\Users\Renatka\AppData\Local\Installer\Installshopperpro_16485\delay.exe 
Task: {6E05C858-A9AB-4CE8-8E88-C7AC1C92ECE6} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.exe [2014-09-23] (Object Browser) 
Task: {8B999ED4-F985-4923-883B-51599762A2DE} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe [2014-09-23] (Object Browser) 
Task: {8E60512F-DB10-4859-AB77-6664F62173BC} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-7 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-7.exe [2014-09-23] (iWebar) 
Task: {8E790712-870D-4E99-A17B-FB5B1099DB77} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-5_user => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-5.exe [2014-09-22] (iWebar) 
Task: {97EA4F6B-52A9-4A30-96CE-9DFC0C895A58} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [2014-09-23] (iWebar) 
Task: {9803EED5-82B4-4B32-A28E-46716F6E80D0} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-6 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-6.exe [2014-09-22] (iWebar) 
Task: {98A3D03F-5A64-4AA0-9A0E-4E9CC501B44D} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-7 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-7.exe [2014-09-22] (iWebar) 
Task: {A92A7E55-0326-41B1-B877-47186AEF3554} - System32\Tasks\VH => C:\Users\Renatka\AppData\Roaming\VH.exe [2014-09-23] (Object Browser)
Task: {B29FD627-E159-46B3-B441-8F458FF2CA4E} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-2 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-2.exe [2014-09-22] (iWebar) 
Task: {B98CA832-24E5-46B8-A8A1-048FE0FAAD50} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-2 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-2.exe [2014-09-23] (iWebar) 
Task: {BC0055D1-D40B-4798-9023-AABC6476EDE7} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.exe [2014-09-23] (Object Browser) 
Task: {C6E1FD08-AFA4-474D-8AAD-334C6FB3E893} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.exe [2014-09-23] (Object Browser) 
Task: {C802258C-D91A-43D7-9D91-770923255559} - System32\Tasks\IXXI => C:\Users\Renatka\AppData\Roaming\IXXI.exe [2014-09-23] (Object Browser)
Task: {CE3758DC-40A4-4ED5-8B53-702E0D5C2B32} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-4 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-4.exe [2014-09-22] (iWebar) 
Task: {D6A8B3D7-34B0-49CD-A8A1-241E33753CFD} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11 => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.exe [2014-09-23] (Object Browser) 
Task: {D8522199-68ED-4587-A8D7-377418B4EB76} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1 => C:\Program Files (x86)\Senses\Senses-codedownloader.exe [2014-09-23] (Object Browser) 
Task: {D8FC6862-4944-408F-95CD-BE2178DE1572} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-6 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-6.exe [2014-09-23] (iWebar) 
Task: {DA1FC8F0-A6AF-4D11-BBA0-4963E1623BF2} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-4 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-4.exe [2014-09-23] (iWebar) 
Task: {DAF530C1-529C-4573-A5D1-861492AD92E2} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-23] (globalUpdate) 
Task: {E37B73FB-7AF4-4F16-AE6B-9B854CA38EC4} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-11 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-11.exe [2014-09-22] (iWebar) 
Task: {E3AA1EE5-58BB-43DB-A2B1-52D9158FB44D} - System32\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5 => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5.exe [2014-09-23] (iWebar) 
Task: {FA7E1153-16DE-44A7-9351-576500A1A013} - System32\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-5 => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-5.exe [2014-09-22] (iWebar) 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-11.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-11.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-2.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-2.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-4.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-4.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5_user.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-5.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-6.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-6.exe 
Task: C:\Windows\Tasks\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-7.job => C:\Program Files (x86)\iWebar\00a46f62-8f6a-4f75-899b-9a82c3ee6a4b-7.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-11.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-11.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-2.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-2.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-4.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-4.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-5.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-5.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-5_user.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-5.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-6.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-6.exe 
Task: C:\Windows\Tasks\a9027b17-e2f1-4381-8382-728f2f90d7e8-7.job => C:\Program Files (x86)\iWebar\a9027b17-e2f1-4381-8382-728f2f90d7e8-7.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1.job => C:\Program Files (x86)\Senses\Senses-codedownloader.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.exe 
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.job => C:\Program Files (x86)\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.exe 
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe 
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe 
Task: C:\Windows\Tasks\IXXI.job => C:\Users\Renatka\AppData\Roaming\IXXI.exe
Task: C:\Windows\Tasks\VH.job => C:\Users\Renatka\AppData\Roaming\VH.exe
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-23] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-23] (globalUpdate) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-22] (Cherished Technololgy LIMITED)
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys [44624 2014-09-22] (StdLib)
S3 JMCR; \SystemRoot\System32\drivers\jmcr.sys [X]
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1411391917&from=smt&uid=HitachiXHTS547575A9E384_J1140021G1BNZJG1BNZJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411391917&from=smt&uid=HitachiXHTS547575A9E384_J1140021G1BNZJG1BNZJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1411391917&from=smt&uid=HitachiXHTS547575A9E384_J1140021G1BNZJG1BNZJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411391917&from=smt&uid=HitachiXHTS547575A9E384_J1140021G1BNZJG1BNZJX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1411391917&from=smt&uid=HitachiXHTS547575A9E384_J1140021G1BNZJG1BNZJX
BHO: iWebar -> {11111111-1111-1111-1111-110611191113} -> C:\Program Files (x86)\iWebar\iWebar-bho64.dll (iWebar)
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Senses\Senses-bho64.dll (Object Browser)
BHO: iWebar -> {11111111-1111-1111-1111-110611511123} -> C:\Program Files (x86)\iWebar\iWebar-bho64.dll (iWebar)
BHO-x32: iWebar -> {11111111-1111-1111-1111-110611191113} -> C:\Program Files (x86)\iWebar\iWebar-bho.dll (iWebar)
BHO-x32: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Senses\Senses-bho.dll (Object Browser)
BHO-x32: iWebar -> {11111111-1111-1111-1111-110611511123} -> C:\Program Files (x86)\iWebar\iWebar-bho.dll (iWebar)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\SupTab
C:\Program Files (x86)\YouTube Accelerator
C:\ProgramData\374311380
C:\ProgramData\IePluginServices
C:\ProgramData\WindowsMangerProtect
C:\ProgramData\Temp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
C:\Users\Public\Documents\YTAHelper
C:\Users\Renatka\AppData\Local\globalUpdate
C:\Users\Renatka\AppData\Local\Installer
C:\Users\Renatka\AppData\Roaming\IXXI
C:\Users\Renatka\AppData\Roaming\IXXI.exe
C:\Users\Renatka\AppData\Roaming\VH
C:\Users\Renatka\AppData\Roaming\VH.exe
C:\Users\Renatka\Documents\Optimizer Pro
C:\Users\Renatka\Downloads\Niepotwierdzony*.crdownload
C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
Folder: C:\Users\Renatka\AppData\Roaming\IDT

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix. System zostanie zresetowany. W tym samym katalogu skąd uruchamiano FRST powstanie plik fixlog.txt.

2. Przez Panel sterowania odinstaluj adware iWebar, Senses.

3. Zrób nowy log FRST z opcji Scan, zaznacz ponownie pole Addition. Dołącz też plik fixlog.txt.

.

Zaloguj się

Dziwne reklamy w Chrome. Laptop wolno chodzi

Rekomendowane odpowiedzi

DjStanley

Odnośnik do komentarza

picasso

Odnośnik do komentarza

Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto

Zarejestruj nowe konto

Zaloguj się

Ostatnio przeglądający 0 użytkowników

Przeglądaj

Cała aktywność