Gangnamgame.net

DEXTER-X · 20 Wrzesień 2015 11:02

Witam jak w temacie co mam zrobić żeby się pozbyć : Przy uruchomieniu systyemu strona o podanej nazwie wyskakuje.

drobok · 20 Wrzesień 2015 11:03

Kliknij skanuj, a później usuń w AdwCleaner

A następnie daj log wg instrukcji http://forum.dobreprogramy.pl/farbar-recovery-scan-tool-raport-obowiązkowy-t478727/

DEXTER-X · 20 Wrzesień 2015 11:49

Mam nadzieję że dobrze zrobiłem tym razem

http://www.wklej.org/id/1800212/

Atis · 20 Wrzesień 2015 11:56

Acorus · 20 Wrzesień 2015 11:57

Brak loga Addition.txt

DEXTER-X · 20 Wrzesień 2015 13:40

FRST.txt :http://www.wklej.org/id/1800310/

Addition.txt :http://www.wklej.org/id/1800312/

Atis · 20 Wrzesień 2015 13:41

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://gangnamgame.org && exit
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
SearchScopes: HKU\S-1-5-21-3894492087-3404142252-399205782-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 Synth3dVsc; Brak ImagePath
S3 tsusbhub; Brak ImagePath
S3 VGPU; Brak ImagePath
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\BIOS Code Unlocked Technology\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
2015-09-20 12:40 - 2015-09-20 12:40 - 00000000 ____ D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-09-19 22:58 - 2015-09-19 22:59 - 00000308 _____ C:\spyhunter.fix
2015-09-19 22:37 - 2015-09-19 22:37 - 00000000 ____ D C:\Program Files (x86)\Enigma Software Group
2015-09-19 20:58 - 2015-09-19 20:58 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\DEXTER\Downloads\SpyHunter-Installer.exe
2015-09-19 20:37 - 2015-09-20 13:39 - 00000000 ____ D C:\AdwCleaner
2015-09-19 20:36 - 2015-09-19 20:36 - 01662976 _____ C:\Users\DEXTER\Downloads\AdwCleaner.exe
2015-09-19 20:22 - 2015-09-19 20:22 - 00932440 _____ (Application ) C:\Users\DEXTER\Downloads\CCleaner-13061-dp.exe
2015-09-20 13:05 - 2015-09-20 13:06 - 01662976 _____ C:\Users\DEXTER\Downloads\AdwCleaner5.exe
Task: {0282F331-4432-425D-A94F-CC68CE949B27} - System32\Tasks\1214aviUpdateInfo => C:\ProgramData\Avg_Update_1214avi\1214avi_AVG-Secure-Search-Update.exe
Task: {24AA6888-3031-4337-BAA6-F24513C01285} - System32\Tasks\{6B147104-28B5-4896-9086-DEC475E5D370} => pcalua.exe -a C:\Users\DEXTER\Downloads\jre-8u51-windows-i586-iftw.exe -d C:\Users\DEXTER\Downloads
Task: {2D374160-466C-4783-BA84-02FF07CC3186} - System32\Tasks\{3F81DDD2-1C20-43B4-A17F-B79199048854} => pcalua.exe -a C:\Users\DEXTER\Downloads\LCCM_0530_PCDRV_LA_1_02_02.exe -d C:\Users\DEXTER\Downloads
Task: {592FB4CB-14E7-430B-A559-0B676B93F244} - System32\Tasks\{64A7A03F-F87E-4532-91AA-1EEDB6620C3A} => pcalua.exe -a "C:\Program Files (x86)\The Sims 4\__Installer\vp6\vp6install.exe" -d "C:\Program Files (x86)\The Sims 4\__Installer\vp6"
Task: {8D07B005-AF34-47F2-B2B8-A876A17E2DE0} - System32\Tasks\{32FF3192-F0B9-4649-8CB1-5FBA55FF0B1F} => pcalua.exe -a F:\OriginInstaller.exe -d F:\
Task: {9C55BE69-F125-4A5F-A7C8-14EDCED8EE84} - System32\Tasks\{D9BF8D3D-E5DD-4F0F-BBD5-3702BF4BCEBD} => pcalua.exe -a "D:\Programy\Nero 11 Lite [Zlotopolsky]\Nero 11 [Lite Installer].exe" -d "D:\Programy\Nero 11 Lite [Zlotopolsky]"
Task: {E36635DD-E734-4877-A5F7-5EA2ACEDB9EE} - System32\Tasks\{B2CC9837-2CDD-4D05-8C3C-2AD69E9D0059} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -c -runfromtemp -l0x0009 -removeonly
Task: C:\Windows\Tasks\1214aviUpdateInfo.job => C:\ProgramData\Avg_Update_1214avi\1214avi_AVG-Secure-Search-Update.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
Hosts:
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.