Problem sysmenu.dll

Dla specjalistów Bezpieczeństwo
#1

Po właczeniu komputera wyskakuje coś takiego post-270706-0-64395900-1419284996_thumb., nawet po kilka razy w 1 momencie.

#2

W panelu sterowania odinstaluj:

FilesFrog Update Checker

iWebar

Plus-HD-4.9

Show-Password

Shared C Run-time for x64

Utility Chest Internet Explorer Toolbar

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2013-12-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2013-12-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2013-12-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2013-12-14] (Mindspark)
HKU\S-1-5-21-279266288-4094194976-3816069494-1001\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Grzegorz\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
ShellIconOverlayIdentifiers: [SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF HKU\S-1-5-21-279266288-4094194976-3816069494-1001\...\Firefox\Extensions: [speedtestanalysis@SpeedAnalysis.com] - C:\Users\Grzegorz\AppData\Roaming\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com
FF HKU\S-1-5-21-279266288-4094194976-3816069494-1001\...\Firefox\Extensions: [{706e45e2-c991-4d02-a9df-d4e7e8557cc4}] - C:\Program Files (x86)\Show-Password\150.xpi
FF Extension: Show-Password - C:\Program Files (x86)\Show-Password\150.xpi [2014-01-05]
CHR Extension: (No Name) - C:\Users\Grzegorz\AppData\Local\Google\Chrome\User Data\default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\150.crx [2014-01-05]
CHR Extension: (No Name) - C:\Users\Grzegorz\AppData\Local\Google\Chrome\User Data\default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-12-14]
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2013-12-14] (COMPANYVERS_NAME)
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Program Files (x86)\UtilityChest_49
Task: {3726C647-5ABC-4ABE-B4A8-622FB8B3090F} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {380BC517-517D-4453-8E41-F2C8271D2D87} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {39B85B87-871C-46D4-AC06-4BE7100C139C} - System32\Tasks\Plus-HD-4.9-codedownloader => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-codedownloader.exe [2013-12-14] (Plus HD) <==== ATTENTION
Task: {7040C5FF-E69B-4A6A-8BF7-0A1955F26603} - System32\Tasks\iWebar-enabler => C:\Program Files (x86)\iWebar\iWebar-enabler.exe [2013-12-14] (iWebar) <==== ATTENTION
Task: {9EBB4FBB-93C0-4F98-9A78-4E76B3803B94} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Grzegorz\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17] (Somoto) <==== ATTENTION
Task: {BDD99064-49E1-4B27-BCFC-449E7A27FB6E} - System32\Tasks\iWebar-chromeinstaller => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe [2013-12-14] (iWebar) <==== ATTENTION
Task: {BE593B7D-0643-410E-AE1C-7B701BF78F70} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {C1E8E5E3-6154-4569-8FD7-DDF08F8777DD} - System32\Tasks\Plus-HD-4.9-enabler => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-enabler.exe [2013-12-14] (Plus HD) <==== ATTENTION
Task: {C32130F6-4B9C-4CF3-BBD6-AF918CA09693} - System32\Tasks\iWebar-codedownloader => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [2013-12-14] (iWebar) <==== ATTENTION
Task: {CF7AB72F-448E-4723-A6C3-557CCD0F5B50} - System32\Tasks\Plus-HD-4.9-updater => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-updater.exe [2013-12-14] (Plus HD) <==== ATTENTION
Task: {D601725E-0F18-458E-8F68-1C1B87C90C32} - System32\Tasks\Plus-HD-4.9-chromeinstaller => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-chromeinstaller.exe [2013-12-14] (Plus HD) <==== ATTENTION
Task: {F1FE19DA-BD5E-48FC-8BB2-409934AC2A50} - System32\Tasks\iWebar-updater => C:\Program Files (x86)\iWebar\iWebar-updater.exe [2013-12-14] (iWebar) <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-chromeinstaller.job => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-codedownloader.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-enabler.job => C:\Program Files (x86)\iWebar\iWebar-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-updater.job => C:\Program Files (x86)\iWebar\iWebar-updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-4.9-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-4.9-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-4.9-enabler.job => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-4.9-updater.job => C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password\Show_Password.exe <==== ATTENTION
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

#3

Fixlog - http://wklej.org/id/1565672/

FSRT - http://wklej.org/id/1565674/

 

a ten plik fixlist gdzieś wkleić w dany folder?

#4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

URLSearchHook: HKLM-x32 - (No Name) - {e1514faa-0f36-4330-8590-ea8c9c0a903f} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-279266288-4094194976-3816069494-1001 -> No Name - {E1514FAA-0F36-4330-8590-EA8C9C0A903F} - No File
C:\AdwCleaner
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Usuń stare punkty przywracania: Przywracanie systemu i kopie w tle

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 15 Plugin

Adobe Reader X

Java 7 Update 67

Zainstaluj:

Flash Player 16.0.0.235 Plugin

Adobe Reader XI 11.0.10

Java 8 Update 25

#5

Dzięki mistrzu :slight_smile: