Logi z OTL i FRST, windows 7, 32-bit, 5-6-letni komp się muli

Mandryl · 18 Styczeń 2015 00:29

OTL:

Atis · 18 Styczeń 2015 00:49

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKU\S-1-5-21-537221967-4139708865-3416024046-1003\...\Run: [I&F Viewer toolbar] => C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe [65536 2006-10-27] (VicMan Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-12] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2015-01-12] ()
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Program Files\Enigma Software Group
C:\windows\System32\DRIVERS\EsgScanner.sys
C:\AdwCleaner
C:\Users\Ola\AppData\Roaming\Enigma Software Group
Task: {51CF0DF3-FC85-4913-9B2E-1F1529B8B6F2} - System32\Tasks\{F098FE39-248E-4944-989F-F2E26A99C801} => pcalua.exe -a "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROHYBRIDR /dll OSETUP.DLL
Task: {AE1E8A78-8E77-4C23-B030-A5C751516E07} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {B46FF53D-EC28-4FE1-B797-A0805FAF9CC0} - System32\Tasks\{43324BA7-DCDE-4135-9463-5946E2994B95} => pcalua.exe -a C:\Users\Ola\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
Task: {DAFC7731-1E74-4F04-BA32-694CC355FB1E} - System32\Tasks\VCYGUW => C:\Users\Ola\AppData\Roaming\VCYGUW.exe <==== ATTENTION
C:\Users\Ola\AppData\Roaming\*.exe
Task: C:\windows\Tasks\1014avUpdateInfo.job => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe
Task: C:\windows\Tasks\VCYGUW.job => C:\Users\Ola\AppData\Roaming\VCYGUW.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

Mandryl · 18 Styczeń 2015 01:25

http://wklej.org/id/1599166/ Pokazało mi się coś takiego.

Atis · 18 Styczeń 2015 10:20

Nie widac infekcji. Skasuj folder C:\FRST

Mandryl · 18 Styczeń 2015 13:24

I to już na tym koniec?

IPSEN · 18 Styczeń 2015 15:11

Jest poprawa ?

Mandryl · 18 Styczeń 2015 15:54

Jest :)

Mandryl · 16 Czerwiec 2015 21:00

.