Gangnamgame.net proszę o pomoc


(M Romaniuk1990) #1

Witam.

 

Mam problem z uruchamiającą się stroną gangnamgame.net podczas startu systemu.

Proszę specjalistów o pomoc w tym temacie. 

 

Skany z FRST:

 

FRST - http://wklej.org/id/1799538/

 

Addition - http://wklej.org/id/1799544/

 

Shortcut - http://wklej.org/id/1799548/

 

Pozdrawiam!


(Atis) #2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://gangnamgame.org && exit
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 nvsvc; "C:\Windows\system32\nvvsvc.exe" [X]
S3 cpuz136; \??\C:\Users\Matti\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
Task: {054E3673-E4BF-48AB-8E36-61DF4BC8FA7B} - System32\Tasks\e-pity2013_kwiecien => D:\PROGRAMY\e-pity2013\Assets\signxml.exe
Task: {4F0064BC-D26A-4448-AE84-6840973DF362} - System32\Tasks\{F8612738-A89A-4ED1-A7C3-A6FA03017990} => D:\GRY\Emergency 1 PL\EMERGY.EXE
Task: {5AD288CC-BFC9-4971-ADC6-981A97557131} - System32\Tasks\{262D313B-495E-4A70-9755-133F86B69225} => pcalua.exe -a "G:\Instalki Programów\Fruity\Fruityloops.Studio.Producer.Edition.XXL.v8.0.0- GodOfWarez\setup\flstudio_8.0_install.exe" -d "G:\Instalki Programów\Fruity\Fruityloops.Studio.Producer.Edition.XXL.v8.0.0- GodOfWarez\setup"
Task: {76E653AB-DE9A-4279-B0A5-2E9872D09A43} - System32\Tasks\{D71D1387-9D17-41A5-94EA-C5E0F99C1939} => D:\GRY\Emergy\EMERGY.EXE
Task: {86613984-4BF9-4C74-ACBE-9F9935321665} - System32\Tasks\{0CDAF561-2BAD-4EFD-B287-5092B40FAAB1} => pcalua.exe -a I:\autorun.exe -d I:\
Task: {B31D7A22-88C1-4FE7-92C6-41F1717A8D1F} - System32\Tasks\{8BC3DE63-C363-4C1B-973E-DDFECDC20439} => pcalua.exe -a E:\WebCam\Setup\Setup.exe -d E:\
Task: {CC2F1D39-8EAF-4F05-9CC5-4E041814704B} - System32\Tasks\{022D5E30-C78C-4DD3-B2FB-20DEBF0A9169} => D:\GRY\Emergency 1 PL\EMERGY.EXE
Task: {F4A7939C-A830-463E-B073-4A4E98740654} - System32\Tasks\{38400138-4FE4-40BF-BACF-7C1387896EC3} => pcalua.exe -a I:\setup.exe -d I:\
Task: {F600A30A-1E2E-438F-B915-CD5458D1279F} - System32\Tasks\e-pity2013_styczen => D:\PROGRAMY\e-pity2013\Assets\signxml.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.


(M Romaniuk1990) #3

Sukces!

 

Fixlog - http://wklej.org/id/1799598/

 

FRST - http://wklej.org/id/1799603/

 

Wielkie dzięki za szybką pomoc i pozdrawiam!


(Atis) #4

Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Odinstaluj Java 7 Update 51 i Java 7 Update 67.

Zainstaluj Java 8 Update 60