Windows 7 HP, użycie 100% CPU po uruchomieniu przeglądarki


(Amkkrzysztof) #1

Witam,

 

do tego Norton wyrzuca co chwilę monity- System Infected:Fake Plugin Activity 2. Proszę o pomoc.

 

FRST: http://www.wklej.org/id/1728037/ 

Shortcut: http://www.wklej.org/id/1728014/

Addition: http://www.wklej.org/id/1728023/


(Acorus) #2

Odinstaluj LinkMonitor,McAfee Security Scan Plus.Otwórz notatnik systemowy i wklej:

Task: {24F69967-FA97-4BF6-9698-0B72AE40B636} - System32\Tasks\{1602FAD7-8D7F-42FB-B215-3230C55C29B5} = pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {2D77A61C-9C49-4D49-BBDC-49C8BDD16EB0} - \SPDriver No Task File ==== ATTENTION
Task: {40CB9D43-DAFB-4224-8B49-A90490CD36E7} - \ShopperPro No Task File ==== ATTENTION
Task: {60EEC538-32D1-49D1-B170-4AA29ACD6CF8} - \SPBIW_UpdateTask_Time_323338393933363334362d45372a5a506c41324a345741 No Task File ==== ATTENTION
Task: {8A27CE93-10AF-4D3F-A6ED-DBDF7BC1CBE8} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 ==== ATTENTION
Task: {9F34FD58-6D1F-400D-903D-B0E98C41D3C2} - System32\Tasks\{B1FBA69E-6619-40DB-A2BD-DA20D67A7DC4} = pcalua.exe -a C:\Users\1\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor ==== ATTENTION
Task: {A862C866-4310-47E1-93C8-9432B8F7B1AF} - System32\Tasks\{F7C00BD1-1F31-414F-93CE-654ADC760081} = pcalua.exe -a c:\users\1\appdata\local\lollipop\lollipop.bat
Task: {B0D06074-BAE5-457E-8C70-6D897F3B8517} - System32\Tasks\Bidaily Synchronize Task[973b] = c:\programdata\{74910816-7f11-a9fb-7491-108167f12059}\metin2mod_2012sf_08022015.exe [2014-05-30] () ==== ATTENTION
Task: {DC296891-4567-41E0-B7C9-E22DB1E83A9C} - \ShopperProJSUpd No Task File ==== ATTENTION
Task: {DFB211E2-B071-489F-B941-A5A00BA751AA} - System32\Tasks\SMupdate1 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 ==== ATTENTION
Task: {F9A1F4E5-1F9F-4950-9A08-89B9E8A0EF85} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 ==== ATTENTION
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job = c:\programdata\{74910816-7f11-a9fb-7491-108167f12059}\metin2mod_2012sf_08022015.exe ==== ATTENTION
HKLM-x32\...\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-1630618315-184258093-2792662394-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-1630618315-184258093-2792662394-1000\...\MountPoints2: G - G:\Startme.exe
HKU\S-1-5-21-1630618315-184258093-2792662394-1000\...\MountPoints2: {7fcd9c9e-d83e-11e3-8e02-e0cb4e90a29f} - G:\Startme.exe
HKU\S-1-5-21-1630618315-184258093-2792662394-1000\...\MountPoints2: {d4d6797c-1e50-11e4-8daf-e0cb4e90a29f} - E:\Startme.exe
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL = "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File not found
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1630618315-184258093-2792662394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: PriCeMInus - {4F5C414C-9BCF-4345-B76B-8B21F2285311} - C:\Program Files (x86)\PriCeMInus\KSVlOsvUqBmdFs.x64.dll [2015-06-01] ()
BHO: PriceMinUUs - {5371B458-A2C5-48CB-9215-A7BD97914AE2} - C:\Program Files (x86)\PriceMinUUs\330WrSTdzpyaxV.x64.dll [2015-06-01] ()
BHO: PriceMinus - {6EC81191-729A-415F-9DEF-1DBC85285D13} - C:\Program Files (x86)\PriceMinus\BW67tXEBPz52xe.x64.dll [2015-05-30] ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: PriCeMInus - {4F5C414C-9BCF-4345-B76B-8B21F2285311} - C:\Program Files (x86)\PriCeMInus\KSVlOsvUqBmdFs.dll [2015-06-01] ()
BHO-x32: PriceMinUUs - {5371B458-A2C5-48CB-9215-A7BD97914AE2} - C:\Program Files (x86)\PriceMinUUs\330WrSTdzpyaxV.dll [2015-06-01] ()
Toolbar: HKU\S-1-5-21-1630618315-184258093-2792662394-1000 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
OPR Extension: (Internet Program) - C:\Users\1\AppData\Roaming\Opera Software\Opera Stable\Extensions\eikblmboicijoghbnbejcbogihpddgop [2015-05-01]
S2 YTDUpdt; C:\PROGRA~2\YTDOWN~1\YTDUPD~1.EXE [X]
S2 SPDRIVER_1361.0.0.0; \\C:\Program Files (x86)\ShopperPro\JSDriver\1361.0.0.0\jsdrv.sys [X]
2015-06-01 21:52 - 2015-06-01 21:52 - 00000000 ____ D () C:\ProgramData\ajfhbjfpfceaicnnmongaamipgngknkl
2015-06-01 21:52 - 2015-06-01 21:52 - 00000000 ____ D () C:\Program Files (x86)\PriceMinUUs
2015-05-30 09:24 - 2015-06-02 07:28 - 00000000 ____ D () C:\Program Files (x86)\PriceMinus
2015-05-30 09:24 - 2015-06-02 06:50 - 00000000 ____ D () C:\Program Files (x86)\PriceMinues
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Odinstaluj Chrome zaznaczając usunięcie danych przeglądania.


(Amkkrzysztof) #3

Witam ponownie. Nie mogę poradzić sobie z odinstalowaniem LinkMonitor- Wystąpił problem podczas uruchamiania pliku C:\PROGRA~2\LIGHTE~1\LIGHTE~1.DLL Nie można odnaleźć określonego modułu. Mimo to wykonałem dalsze zalecenia.


(Acorus) #4

Pokaż nowy log z FRST bez Addition.


(Amkkrzysztof) #5

FRST: http://wklej.org/id/1729079/ 

Schortcut: http://wklej.org/id/1729080/ 


(Acorus) #6

Otwórz notatnik systemowy i wklej:

C:\Users\1\fixlist.exe

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Amkkrzysztof) #7

Zrobione. To już pełen sukces?