Błędy przy uruchamianiu systemu SysMenu.dll

anamii91 · 14 Marzec 2015 21:56

Witam,

od kilku dni podczas uruchamiania systemu pojawia się błąd dot.SysMenu.dll. Poniżej pliki ze skanu. Z góry dzięki za pomoc w rozwiązaniu problemu.

Addition.txt http://przeklej.org/file/BHLo5T/Addition.txt

FRST.txt http://przeklej.org/file/thGmS7/FRST.txt

Atis · 14 Marzec 2015 23:11

W panelu sterowania odinstaluj StormWatch i vi-view uninstall.

Usuń szkodliwe rozszerzenia: Firefox - Chrome

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Startup: C:\Users\eje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2015-03-13 10:32 - 2014-11-17 12:11 - 00000000 ____ D () C:\Users\eje\AppData\Local\StormWatch
eTask: {0E991D47-33B6-41CC-A584-FFB0FA781354} - System32\Tasks\Systweak Support Dock => C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe [2014-01-30] (Systweak Software., (www.systweak.com))
Task: {370C3FCA-674C-4BBC-A406-FB92A6298B5C} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {412D90A8-F160-4FAB-994F-2560FD30B675} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {933AC126-872D-40AC-8CF6-1B89ECD86625} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1797473493-2411728446-3459089151-1000UA => C:\Users\eje\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-22] (Facebook Inc.)
Task: {98C3E3BA-1FA2-433D-A6CC-2B7A3B8B15C6} - System32\Tasks\1114avtUpdateInfo => C:\ProgramData\Avg_Update_1114avt\1114avt_AVG-Secure-Search-Update.exe
Task: {9C4F0EE1-5EA8-4B65-B0F0-0A4CE57BA625} - System32\Tasks\AVG_SYS_TASK_1114avi_RUN => C:\ProgramData\Avg_Update_1114avi\AVG-Secure-Search-Update_1114avi.exe [2014-10-26] ()
Task: {B1CE9E56-9A9D-4009-BF87-955254C6DC3B} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {CCC3A6A8-31CD-4C19-8C21-1F78E9ED9F48} - System32\Tasks\{35E79F31-049D-4F2E-A186-3DF9CF01CF35} => Chrome.exe http://ui.skype.com/ui/0/6.11.60.102/pl/abandoninstall?page=tsPlugin
Task: {CF5B3073-4E0D-4052-AC6A-090AE45511AF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1797473493-2411728446-3459089151-1000Core => C:\Users\eje\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-22] (Facebook Inc.)
Task: {F550FF10-2219-4B40-8EA3-C9A52DEEED21} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

anamii91 · 15 Marzec 2015 00:07

Załączam wyżej wymienione pliki. Dzięki!

Fixlog.txt

FRST.txt

Atis · 15 Marzec 2015 01:01

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKU\S-1-5-21-1797473493-2411728446-3459089151-1000\...\Run: [AVG-Secure-Search-Update_1114avi] => C:\Users\eje\AppData\Roaming\Avg_Update_1114avi\AVG-Secure-Search-Update_1114avi.exe [2778648 2014-10-26] ()
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1797473493-2411728446-3459089151-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta282.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta282\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha380.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha380\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha35.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha35\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2027.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2027\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3428.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3428\ff
C:\Program Files (x86)\MediaViewerV1
CHR HomePage: Default -> hxxp://myhome.vi-view.com/?type=hp&ts=1421103328&from=cor&uid=HitachiXHTS543232A7A384_E2P3421L0XUN9P0XUN9PX
CHR HKLM-x32\...\Chrome\Extension: [domhgehimplcgplpjlfcdopplfmchbmg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta282\ch\VideoPlayerV3beta282.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gelfonpfefhninejaipgkkaoodieeneb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3428\ch\MediaViewV1alpha3428.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [heckbhppphlokffamdbpnjikicoimbkh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2027\ch\MediaViewV1alpha2027.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lenncgeafekpjlcafdmdpnafolimaekn] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha35\ch\MediaViewerV1alpha35.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [Ä˙] - No Path Or update_url value
S2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [X]
2015-03-15 00:22 - 2015-03-15 00:33 - 00000000 ____ D () C:\AdwCleaner
2015-03-15 00:51 - 2015-03-15 00:54 - 00000526 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_1114avi_RML.job
2015-03-15 00:51 - 2015-03-15 00:51 - 00002902 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1114avi_RML
2015-03-15 00:37 - 2015-03-15 00:54 - 00000526 _____ () C:\Windows\Tasks\AVG_SYS_TASK_1114avi.job
2015-03-15 00:37 - 2015-03-15 00:54 - 00000392 _____ () C:\Windows\Tasks\AVG_SYS_TASK_1114avi_DELETE.job
2015-03-15 00:37 - 2015-03-15 00:37 - 00002894 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_1114avi_DELETE
2015-03-15 00:37 - 2015-03-15 00:37 - 00002820 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_1114avi
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 12 ActiveX

Adobe Flash Player 13 Plugin

Adobe Reader X

Adobe Shockwave Player 11.6