Okienko dll SysMenu przy starcie systemu


(Radzio997) #1

Witam serdecznie, po uruchomieniu komputera wyskakują mi okienka SysMenu.dll

 

Czy może ktoś pomóc mi to zlikwidować? :frowning:

 

Podsyłam logi ADDITION I FRST

 

http://wklej.org/id/1679716/

 

http://wklej.org/id/1679718/


(Acorus) #2

Otwórz notatnik systemowy i wklej:

Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job = C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job = C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SMupdate1.job = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ==== ATTENTION
Task: C:\WINDOWS\Tasks\SMupdate2.job = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ==== ATTENTION
Task: C:\WINDOWS\Tasks\SMupdate3.job = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ==== ATTENTION
HKLM\...\Run: [RTHDCPL] = C:\WINDOWS\RTHDCPL.EXE [16062464 2006-12-19] (Realtek Semiconductor Corp.)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-725345543-1935655697-2147238677-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-725345543-1935655697-2147238677-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={82687A99-0CAB-4C23-9560-576590F16A17}mid=Unknownlang=plds=AVGcoid=avgtbavgcmpid=0215avpr=frd=2015-03-17 17:15:54v=4.1.0.411pid=wtusg=sap=hp
URLSearchHook: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\prxtbDow0.dll (Conduit Ltd.)
HKU\S-1-5-21-725345543-1935655697-2147238677-1003\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://newtab.certified-toolbar.com/nie?si=33953tid=2958new=true" ======= ATTENTION
SearchScopes: HKLM - URL http://search.certified-toolbar.com?si=33953bs=truetid=2958q={searchTerms}
SearchScopes: HKLM - SuggestionsURL_JSON http://api.widdit.com/suggestions/?format=ffpluginua=iesrc=addonsi=33953gid=1dbCode=1command={searchTerms}
SearchScopes: HKLM - TopResultURLFallback http://search.certified-toolbar.com?si=33953bs=truetid=2958q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=147systemid=414v=n9195-110apn_uid=4455077670254040apn_dtid=BND414o=APN10649apn_ptnrs=AGAq={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=crmq={searchTerms}locale=en_USapn_ptnrs=^U3apn_dtid=^OSJ000^YY^PLapn_uid=AE5CA8D4-158B-4A14-8EF7-0D1338AA400Dapn_sauid=E4B3D8DA-0ADB-4A4F-BAD2-6A63080B4EA7
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {5C087521-AB10-4F11-A891-C0C3735FC78A} URL = http://search.certified-toolbar.com?si=33953bs=truetid=2958q={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {5E7525C5-FCD6-4669-A169-A3FA56DAE46E} URL = http://tuvaro.com/ws/?source=cbc644ddtbp=rboxtoolbarid=baseu=08c594f70000000000000019219863f2q={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={82687A99-0CAB-4C23-9560-576590F16A17}mid=Unknownlang=plds=AVGcoid=avgtbavgcmpid=0215avpr=frd=2015-03-17 17:15:54v=4.1.0.411pid=wtusg=sap=dspq={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=147systemid=414v=n9195-110apn_uid=4455077670254040apn_dtid=BND414o=APN10649apn_ptnrs=AGAq={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/webResults.html?src=iebq={searchTerms}
Toolbar: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - Download Energy Toolbar - {AD708C09-D51B-45B3-9D28-4EBA2681FEBF} - C:\Program Files\Download_Energy\prxtbDow0.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-725345543-1935655697-2147238677-1003 - No Name - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com/?cid={82687A99-0CAB-4C23-9560-576590F16A17}mid=Unknownlang=plds=AVGcoid=avgtbavgcmpid=0215avpr=frd=2015-03-17 17:15:54v=4.1.0.411pid=wtusg=sap=hp
FF SearchPlugin: C:\Documents and Settings\trach\Dane aplikacji\Mozilla\Firefox\Profiles\ir3lr9qm.default-1425678216156\searchplugins\avg-secure-search.xml [2015-03-17]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2013-09-19]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-03-17]
CHR HKLM\...\Chrome\Extension: [amhlacfinnaffmhfohbpecabbjfhkdji] - C:\DOCUME~1\trach\USTAWI~1\Temp\amhlacfinnaffmhfohbpecabbjfhkdji.crx [Not Found]
R2 vToolbarUpdater18.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-03-17] (AVG Secure Search)
S2 287; \\C:\DOCUME~1\trach\USTAWI~1\Temp\287.sys [X]
S3 APL531; System32\Drivers\ov550i.sys [X]
S3 catchme; \\C:\ComboFix\catchme.sys [X]
S1 cdrbsvsd; No ImagePath
S4 IntelIde; No ImagePath
S3 MEMSWEEP2; \\C:\WINDOWS\system32\1A6.tmp [X]
S3 rtl8139; System32\DRIVERS\RTL8139.SYS [X]
2015-03-17 18:15 - 2015-03-17 18:15 - 00000000 ____ D () C:\Program Files\Common Files\AVG Secure Search
2015-03-17 18:15 - 2015-03-17 18:15 - 00000000 ____ D () C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
2015-03-07 10:43 - 2015-03-17 18:16 - 00000000 ____ D () C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
2015-03-06 22:00 - 2015-04-01 09:51 - 00000430 _____ () C:\WINDOWS\Tasks\SMupdate2.job
2015-03-06 22:00 - 2015-04-01 09:42 - 00000430 _____ () C:\WINDOWS\Tasks\SMupdate3.job
2015-03-06 22:00 - 2015-04-01 09:42 - 00000430 _____ () C:\WINDOWS\Tasks\SMupdate1.job
2015-03-06 22:00 - 2015-03-06 22:57 - 00000000 ____ D () C:\Program Files\globalUpdate
2015-03-06 22:00 - 2015-03-06 22:00 - 00000000 ____ D () C:\Documents and Settings\trach\Ustawienia lokalne\Dane aplikacji\globalUpdate
2015-03-06 21:59 - 2015-03-06 21:59 - 00000000 ____ D () C:\Documents and Settings\trach\Ustawienia lokalne\Dane aplikacji\CrashRpt
2015-03-06 21:58 - 2015-03-06 21:58 - 00000000 ____ D () C:\Documents and Settings\All Users\Dane aplikacji\13576664041698008291
2015-03-06 21:57 - 2015-03-06 21:57 - 00000000 ____ D () C:\Documents and Settings\trach\Ustawienia lokalne\Dane aplikacji\mybestofferstoday
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Documents and Settings\trach\Dane aplikacji\VMIWHUR
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Documents and Settings\trach\Dane aplikacji\ZAODEUB
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Radzio997) #3

 

Witam serdecznie jeszcze raz, podczas uzywania “frst” , tzn w trakcie tego Fixu wyłączyli mi prąd. Komputer się wyłączył i już nie chce się uruchomic. Zatrzymuje się na oknie “Zapraszamy” :confused:

 

Pomocy :frowning:


(Acorus) #4

A w trybie awaryjnym? Użyj przywracania systemu.