Logi z OTL i FRST, windows 7, 32-bit, 5-6-letni komp się muli


(Olka 3004) #1

OTL:


(Atis) #2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKU\S-1-5-21-537221967-4139708865-3416024046-1003\...\Run: [I&F Viewer toolbar] => C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe [65536 2006-10-27] (VicMan Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-12] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2015-01-12] ()
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Program Files\Enigma Software Group
C:\windows\System32\DRIVERS\EsgScanner.sys
C:\AdwCleaner
C:\Users\Ola\AppData\Roaming\Enigma Software Group
Task: {51CF0DF3-FC85-4913-9B2E-1F1529B8B6F2} - System32\Tasks\{F098FE39-248E-4944-989F-F2E26A99C801} => pcalua.exe -a "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROHYBRIDR /dll OSETUP.DLL
Task: {AE1E8A78-8E77-4C23-B030-A5C751516E07} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {B46FF53D-EC28-4FE1-B797-A0805FAF9CC0} - System32\Tasks\{43324BA7-DCDE-4135-9463-5946E2994B95} => pcalua.exe -a C:\Users\Ola\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
Task: {DAFC7731-1E74-4F04-BA32-694CC355FB1E} - System32\Tasks\VCYGUW => C:\Users\Ola\AppData\Roaming\VCYGUW.exe <==== ATTENTION
C:\Users\Ola\AppData\Roaming\*.exe
Task: C:\windows\Tasks\1014avUpdateInfo.job => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe
Task: C:\windows\Tasks\VCYGUW.job => C:\Users\Ola\AppData\Roaming\VCYGUW.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Olka 3004) #3

http://wklej.org/id/1599166/ Pokazało mi się coś takiego.


(Atis) #4

Nie widac infekcji.  Skasuj folder C:\FRST


(Olka 3004) #5

I to już na tym koniec?


(IPSEN) #6

Jest poprawa ?


(Olka 3004) #7

Jest :) 


(Olka 3004) #8

.