GG 10 się nie uruchamia

[pawelg441]

Witam
Od kilku dni mam problem z uruchomieniem gg 10. Nic się dzieje dzieje tylko rośnie zużycie pamięci RAM i procesora 50%, przeinstalowałem, czyściłem rejestr Cclenaer lecz nic to nie dało. Zużycie pamięci ram gg dochodzi nawet do 180 MB

Malwerbytes Antymalware nic nie wykrył, Kaspesky Virus Removal także nic

OTL [strona nie jest już dostępna]
EXTRAS [strona nie jest już dostępna]


Proszę o pomoc
Pozdrawiam

[mateo8898]

Czysto, kosmetyka. Odinstaluj: Facemoods Toolbar, free-downloads.net Toolbar, Wincore MediaBar oraz Kaspesky Virus Removal Tool. Następnie:

Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110820&user_guid=4920492054814A8D81509C3B161A2B9A&machine_id=e47ad259a55400ec15b16f29e4657bcd&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110820&user_guid=4920492054814A8D81509C3B161A2B9A&machine_id=e47ad259a55400ec15b16f29e4657bcd&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012-03-02 13:05:44 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\t7i3p0pw.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2012-03-15 19:14:28 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\t7i3p0pw.default\extensions\[email protected]
[2012-03-15 19:14:30 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_S1370.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_S1370.tmp" /EF "HKCU" File not found
O4 - Startup: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_81805383.lnk = C:\Users\Ja\AppData\Local\Temp\_uninst_81805383.bat ()
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
[2012-02-02 14:21:31 | 007,987,953 | ---- | C] (CCCP Project ) -- C:\Users\Ja\AppData\Local\Codecs.exe
[2012-06-05 15:07:05 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2300352179-1094955935-2089883553-1000UA.job
[2012-06-04 22:07:00 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2300352179-1094955935-2089883553-1000Core.job

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"=-
"B2C_AGENT"=-
"DivXUpdate"=-
"SwitchBoard"=-
"WinampAgent"=-

:Commands
[emptytemp]

Klikasz [b]Wykonaj skrypt[/b. Dajesz log z usuwania + nowe logi z OTL.

Co do problemu, spróbuj zainstalować najnowszą wersję GG http://www.instalki.pl/programy/download/Windows/komunikatory/GG.html

[pawelg441]

skrypt po wklejeniu [strona nie jest już dostępna]
otl [strona nie jest już dostępna]
extras [strona nie jest już dostępna]

[kominekl]

Odinstaluj Unity Web Player (wtyczka ala vShare).

Następnie uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

Kod: Zaznacz wszystko

:OTL

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - No CLSID value found
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2300352179-1094955935-2089883553-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ja\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ja\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

:Files
C:\Users\Ja\AppData\Local\Google\Update
C:\Users\Ja\AppData\LocalLow\Unity
C:\Users\Ja\Desktop\ggbkiller2v3_01-[www.programosy.pl].exe
C:\Users\Ja\Desktop\odk12.6.0.9setup(dobreprogramy.pl).exe
C:\TDSSKiller_Quarantine
C:\Users\Ja\Desktop\tdsskiller.exe
C:\Users\Ja\DoctorWeb
C:\ProgramData\Kaspersky Lab
C:\Users\Ja\Desktop\mbam-setup-1.61.0.1400.exe
C:\Users\Ja\Desktop\Total-Uninstall-Setup-6.1.0.exe
C:\Windows\tasks\*.job
C:\Users\Ja\Desktop\RegCleaner(dobreprogramy.pl).exe
C:\Users\Ja\Desktop\launch.exe
C:\Users\Ja\Desktop\adwcleaner.exe
C:\Users\Ja\Desktop\setup_11.0.0.1245.x01_2012_06_05_14_20.exe
C:\Users\Ja\Desktop\ggsetup.exe
C:\Users\Ja\Desktop\gg10,5.exe
C:\Users\Ja\AppData\Local\jushed.exe
C:\Users\Ja\AppData\Roaming\ESET
C:\Users\Ja\AppData\Roaming\Unity
C:\Users\Ja\AppData\Roaming\Wise Registry Cleaner

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podajesz nowe logi z OTL + log z Autoruns otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p138589.

[pawelg441]

Log z usuwania: [strona nie jest już dostępna]
nowy otl [strona nie jest już dostępna]
extras [strona nie jest już dostępna]
autoruns http://www62.zippyshare.com/v/13230113/file.html

[kominekl]

W Autoruns odznacz, a następnie usuń (co się będzie dało) kolejno wpisy rdpclip, Microsoft Windows, Microsoft Windows, DAEMON Tools Lite, Odkurzacz-MCD, NeroMobileAd, Windows Live ID Sign-in Helper, Adobe PDF Link Helper, Groove GFS Browser Helper, Java(tm) Plug-In 2 SSV Helper, Java(tm) Plug-In SSV Helper, Skype Browser Helper, Windows Live ID Sign-in Helper, wszystko z zakładki Task Scheduler, AdobeARMservice, nvsvc, nvUpdatusService, Stereo Service, WinDefend, cpuz130, dgderdrv, IntcAzAudAddService, LgBttPort, lgbusenum, LGVMODEM, PQNTDrv i StarOpen.

Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL

:Files
C:\Users\Ja\Desktop\avast_free_antivirus_setup.exe

:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podajesz nowe logi z OTL.