Optimizer Pro i inne syfy - Log FRST


(Sabakuss) #1

Problem natury takiej że do już wczesniej zawalonego kompa doszedł Opitimizer Pro i przyniósł chyba 0,7 bo komp zwolniał dramatycznie i szwankuje przeglądarka.

 

FRST: http://wklej.org/id/1433052/

 

ADDITION: http://wklej.org/id/1433053/


(Acorus) #2

Odinstaluj FindRight,PutLockerDownloader,Remote Desktop Access (VuuPC),videos MediaPlay-Air,webssearches uninstall,WindowsMangerProtect20.0.0.502,WinZipper.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pokaż nowe logi z FRST.


(Sabakuss) #3

Zrobione, oto log : http://wklej.org/id/1433078/


(Acorus) #4

Odinstaluj SpyHunter.Otwórz Notatnik i wklej:

HKU\S-1-5-21-1266662392-3038367083-1115358206-1001\...\Run: [AdobeBridge] = [X]
ShortcutTarget: IMVU.lnk - C:\Users\Przemek\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {003CEEA4-4383-4463-A910-E2F49C24F930} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=kwq={searchTerms}locale=en_USapn_ptnrs=^U3apn_dtid=^OSJ000^YY^PLapn_uid=DA376BCF-A7C2-41E5-8A2F-CC5C6B9FA060apn_sauid=3891682A-4635-4BBB-9897-69791BCECBAB
SearchScopes: HKCU - {C056A9C0-B36C-4DFC-B013-74F29AB0D816} URL = http://rts.dsrlte.com/?q={searchTerms}r=368
BHO: cosstminn - {F2EE4538-DDF9-59F6-AD80-B2E4A2ECABC7} - C:\Program Files (x86)\cosstminn\LrPB.x64.dll No File
BHO-x32: cosstminn - {F2EE4538-DDF9-59F6-AD80-B2E4A2ECABC7} - C:\Program Files (x86)\cosstminn\LrPB.dll No File
FF SearchPlugin: C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\582xuniw.default\searchplugins\keepmysearch.xml
FF Extension: Browsers Apps - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\582xuniw.default\Extensions\herman.thorne45@outlook.com [2014-08-04]
FF Extension: cosstminn - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\582xuniw.default\Extensions\n_mvkv@stvstwvft.net [2014-08-04]
CHR DefaultSearchKeyword: webssearches
CHR Extension: (cosstminn) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljfmlohhlfjiffbjjgildcdlgggcmfb [2014-08-04]
CHR Extension: (No Name) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-04]
CHR Extension: (cosstminn) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljfmlohhlfjiffbjjgildcdlgggcmfb\2.0 [2014-08-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S3 PORTIO64; \\C:\Users\Przemek\AppData\Local\Temp\PIOB808.tmp [X]
S3 vserial; System32\DRIVERS\vserial.sys [X]
2014-08-05 12:44 - 2014-08-05 12:44 - 00003324 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-08-05 12:44 - 2014-08-05 12:44 - 00002262 _____ () C:\Users\Przemek\Desktop\SpyHunter.lnk
2014-08-05 12:44 - 2014-08-05 12:44 - 00000000 ____ D () C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-08-05 12:44 - 2014-08-05 12:44 - 00000000 ____ D () C:\sh4ldr
2014-08-05 12:44 - 2014-08-05 12:44 - 00000000 ____ D () C:\Program Files\Enigma Software Group
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\Users\Przemek\AppData\Local\Comodo
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Google
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Comodo
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Google
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Comodo
2014-08-04 19:53 - 2014-08-04 19:53 - 00000000 ____ D () C:\ProgramData\bed6a0941075147e
2014-08-05 14:52 - 2013-09-23 14:29 - 00000000 ____ D () C:\AdwCleaner

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Sabakuss) #5

Done, log frst http://wklej.org/id/1433112/ czy jeszcze coś zostało


(Acorus) #6

Skasuj folder C:\FRST