Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o sprawdzenie logów FRST - Windows 7.

jaxsg 29 Maj 2016 09:48 345 4
  • #2 29 Maj 2016 10:29
    Acorus 20
    Spec od komputerów

    Odinstaluj SpyHunter 4. Otwórz notatnik systemowy i wklej:

    Cytat:
    CustomCLSID: HKU\S-1-5-21-1725432974-2272486698-2666474222-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Szymon\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    Task: {707AB8EC-5924-4965-9F93-EF275A7B6294} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-05-28] (Enigma Software Group USA, LLC.)
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\Run: [BingSvc] => C:\Users\Szymon\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\MountPoints2: H - H:\SISetup.exe
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\MountPoints2: {18442cc0-8069-11e4-81f7-806e6f6e6963} - G:\setup.exe
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\MountPoints2: {a9aae130-a5d7-11e2-99d1-50465dac8ca8} - G:\Startme.exe
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\MountPoints2: {c8ddddcb-851f-11e2-a035-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
    HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\...\MountPoints2: {d85ba1a7-8956-11e2-aad6-50465dac8ca8} - N:\setup.exe
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=144...id=WDCXWD1002FAEX-00Z3A0_WD-WCATRA53618536185
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1725432974-2272486698-2666474222-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-05-28] (Enigma Software Group USA, LLC.)
    R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-05-28] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-28] ()
    U3 ao3wtfu9; C:\Windows\System32\Drivers\ao3wtfu9.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 ALSysIO; \??\C:\Users\Szymon\AppData\Local\Temp\ALSysIO64.sys [X]
    S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
    2016-05-28 20:20 - 2016-05-28 20:20 - 00000000 _____ C:\autoexec.bat
    2016-05-28 20:19 - 2016-05-28 20:19 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    2016-05-28 20:19 - 2016-05-28 20:19 - 00003344 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
    2016-05-28 20:19 - 2016-05-28 20:19 - 00001087 _____ C:\Users\Szymon\Desktop\SpyHunter.lnk
    2016-05-28 20:19 - 2016-05-28 20:19 - 00000000 ____D C:\Users\Szymon\AppData\Roaming\Enigma Software Group
    2016-05-28 20:19 - 2016-05-28 20:19 - 00000000 ____D C:\sh4ldr
    2016-05-28 20:19 - 2016-05-28 20:19 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-05-28 20:18 - 2016-05-28 20:18 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Szymon\Downloads\SpyHunter-Installer.exe
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    W pasek adresu wpisz: about:support Kliknij Odśwież program Firefox.

    0
  • #3 29 Maj 2016 11:12
    jaxsg
    Poziom 15  

    Zrobione. Coś dalej?

    0
  • #5 29 Maj 2016 12:32
    jaxsg
    Poziom 15  

    OK. Zrobione.
    Proszę o sprawdzenie logów FRST - Windows 7.

    0