Syswow64 przy uruchamianiu


(Smarek490) #1

Witam!

Tak jak w temacie, wyskakuje mi okno przy urychamianiu sysWOW64 link do OTL.txt http://wklej.to/07vKJ

link do extras.txt http://wklej.to/jxHf1.

Antywirusy nie wykryły wirusa!

Prosze o pomoc!

Pozdrawiam!


(Atis) #2

Wymagane są inne logi:

Nowy log obowiązkowy - Farbar Recovery Scan Tool

G Data powoduje ten problem:

http://www.fixitpc.pl/topic/22527-przy-starcie-pojawia-się-folder-syswow64/?p=145220


(Smarek490) #3

Witam!

Oto nowe logi z programoFarbar Recovery Scan Tool:FRST http://wklej.to/0PRlI; ADDITION http://wklej.to/Dvv6S

pozdrawiam!


(Atis) #4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1771593470-3012635902-189330645-1006\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicyUsers\S-1-5-21-1771593470-3012635902-189330645-1005\User: Group Policy restriction detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.3600.com/?src=lm&ls=n1ebfa87c8d
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Extension: BonanzaDeals - C:\Users\misiopysio\AppData\Roaming\Mozilla\Firefox\Profiles\0a4dqo9e.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2014-01-07]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
S3 NSNDIS5; \??\C:\windows\system32\NSNDIS5.SYS [X]
S4 PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [X]
C:\Users\marekgosia1\Downloads\yet_another_cleaner_sk_113834.exe
C:\Users\marekgosia1\AppData\Roaming\Elex-tech
Task: {15E7619E-D8ED-48A4-BED3-CC0575F4B53B} - System32\Tasks\Driver Booster SkipUAC (misiopysio) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {1B5FE211-8631-4E75-9F3F-277705C3382B} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
Task: {4CAAFE03-307B-4215-861B-AE8A7FD2370B} - System32\Tasks\SmartDefragUpdate => D:\programy\SmartDefrag\SmartDefragPortable\App\SmartDefrag\AutoUpdate.exe
Task: {514C0BDD-2B8A-4A34-BBA3-C444ED488689} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {5BA5CB44-7565-4887-AB98-B71A1201EF50} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe
Task: {7914A2E8-DB33-4864-A3C3-66297F3E0549} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {92EE2747-F7E4-411C-8A8F-F26FB25FF474} - \Funmoods No Task File <==== ATTENTION
Task: {EC827533-2530-49DC-AE2B-A32BE65664AE} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {ED2EBAC2-2300-4164-B6D2-60566156B353} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
Task: {F5EC83A6-7DB8-4CFE-9E36-4BD9CE62302F} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: C:\windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Smarek490) #5

Witam!

Oto nowy log FRST:http://wklej.to/J3B4H i log Shotycut:http://wklej.to/ewnL7

Pozdrawiam!


(Atis) #6

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKU\S-1-5-21-1771593470-3012635902-189330645-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.3600.com/?src=lm&ls=n1ebfa87c8d
HKU\S-1-5-21-1771593470-3012635902-189330645-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
C:\AdwCleaner
C:\Users\misiopysio\syslinux.exe
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

Język PL > Settings > General Settings > Language > Polish

Odinstaluj:

Adobe Reader X

Java 7 Update 25

Java 7 Update 67

Java SE Development Kit 7 Update 67

Zainstaluj:

Java 8 Update 25

Adobe Reader XI 11.0.9