Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów i utworzenie fixlist.

wojtek1234321 26 Mar 2016 19:40 495 4
  • #1 26 Mar 2016 19:40
    wojtek1234321
    Poziom 31  

    Witam. Nawet nie wiem kiedy (nie tylko ja korzystam z komputera) i mnie też dopadły jakieś chińskie programy. Proszę o sprawdzenie logów i utworzenie fixlist oraz ogólne podpowiedzi jak się pozbyć niechcianych "gości".

    0 4
  • Pomocny post
    #2 26 Mar 2016 20:10
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    CloseProcess:
    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    Task: {5D33A8C6-A3D3-42FB-AD6C-703D162B7555} - \{797F0F47-047A-040B-0F11-7F7E0C7E110E} -> Brak pliku <==== UWAGA
    Task: {C57A4704-34EA-4B5B-A020-5585FB151FBF} - System32\Tasks\{69E541CA-419F-4884-93C3-D7629DDECC05} => pcalua.exe -a "C:\Users\XXX\Desktop\My Shared Folder\windirstat1_1_2_setup.exe" -d "C:\Users\XXX\Desktop\My Shared Folder"
    Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
    2016-03-26 19:19 - 2016-03-26 19:19 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\zlib.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00110064 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00482800 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00040944 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
    2016-03-26 19:19 - 2016-02-19 17:36 - 00065008 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
    2016-03-26 19:19 - 2016-02-27 23:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00122352 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroller.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\GF.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libpng.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xImage.dll




    2016-03-26 19:19 - 2016-03-26 19:19 - 00163312 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmhipslogpolicy.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00077296 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00261616 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00245232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\zlib.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libexpatw.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\tinyxml.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\GF.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\xGraphic32.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\arkGraphic.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgImage.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libpng.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libjpegturbo.dll
    2016-03-26 19:19 - 2016-03-26 19:19 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgIOStub.dll
    Hosts:
    FirewallRules: [{8510C7D8-D677-4725-AAA4-0288BF81E715}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstallGuide.exe
    FirewallRules: [{57E4C33F-84C2-45C3-B3F3-8E3952E471C2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
    FirewallRules: [{2BB2D412-F71B-469B-B562-28E0B09AC18E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe
    FirewallRules: [{1A019BB8-54B6-4E92-B835-5C9C084DBDE1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe
    FirewallRules: [{24520776-41C5-4250-8A66-9D1E5F4C089C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe
    FirewallRules: [{B0145129-EAB3-43DF-8EA3-8EACBB2D9F3E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe
    FirewallRules: [{77200026-E0BF-418A-A5BC-FD20548E2347}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen.exe
    FirewallRules: [{4BB83756-499B-4825-87C6-586047BBD0A6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan.exe
    FirewallRules: [{33486F56-6F7F-407E-BD5D-C959871CEB30}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe
    FirewallRules: [{AE16BD58-DF4F-4697-B52E-78067BE8B268}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.exe
    FirewallRules: [{334C5175-CF94-4E35-8468-4B0A6BFABAAE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\QQPCNetFlow.exe
    FirewallRules: [{2B82EEAC-C39E-46B1-B3AF-A9DE670241B9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe
    FirewallRules: [{0C7D2E38-7BB3-4D29-9839-E43B794BB508}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.exe
    FirewallRules: [{8226636C-2A19-437E-ACE0-9F9CB86DEBB4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.exe
    FirewallRules: [{F5B336E1-81FA-4AC5-AC06-A3B5C559F37C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPCMgrUpdate.exe
    FirewallRules: [{F58B5B6E-D48C-4312-8480-E9884DBFE8FC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame.exe
    FirewallRules: [{E49412EE-62C1-40F5-89BB-595B0EED1ABA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimize.exe
    FirewallRules: [{2189873D-2186-4CE4-B9F9-3F0DBB6F036C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVLib.exe
    FirewallRules: [{EEA4CA05-0F22-44DC-AA1E-5DEA172BA6F1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe
    FirewallRules: [{120FAAE3-3F2B-452B-BDFC-B800B20A3F45}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe
    FirewallRules: [{50567076-B665-4E50-8391-B40675C21AC7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe
    FirewallRules: [{36DDE761-A069-4CA0-BBDF-65FB6F605324}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe
    FirewallRules: [{4C1EEB1F-349E-47E2-A809-382964B0E360}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.exe
    FirewallRules: [{6CC176BC-93E0-4D2D-981E-B03F9CEC6729}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAccountProtection.exe
    FirewallRules: [{71AA012F-FDC3-4110-A3BA-EB3C2C72D0C6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
    (Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\QQPCNetFlow.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRealTimeSpeedup.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUsbGuard.exe
    (Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
    HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe [356464 2016-03-26] (Tencent)
    HKU\S-1-5-21-1632675229-1670435537-2224629965-1000\...\MountPoints2: {359e1a3a-8f8b-11e5-bd45-f46d0436dec0} - F:\HiSuiteDownLoader.exe
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMGCShellExt64.dll [2016-03-26] (Tencent)
    GroupPolicyScripts: Ograniczenia <======= UWAGA
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=94742424_hao_pg
    HKU\S-1-5-21-1632675229-1670435537-2224629965-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=94742424_hao_pg
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1632675229-1670435537-2224629965-1000 -> {DB9C71C1-B495-48A9-82FD-E33969A1B483} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
    BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.dat [2016-03-26] (Tencent)
    FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\npQMExtensionsMozilla.dll [2016-03-26] (Tencent Technology (Shenzhen) Company Limited)
    R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe [301656 2016-03-26] (Tencent)
    R2 bojodygizbt; C:\Program Files (x86)\8F6CC8E0-1459016537-11E0-B69C-F46D0436DEC0\knse42B4.tmpfs [X]
    S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
    R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [184536 2016-03-02] (Tencent)
    R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQSysMonX64.sys [138488 2016-03-26] (电脑管家)
    R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [35064 2016-03-26] (Tencent)
    R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [89880 2016-03-26] (Tencent)
    R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [137976 2016-03-26] (Tencent Technology(Shenzhen) Company Limited)
    R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87800 2016-03-26] (电脑管家)
    R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSDefenseBT64.sys [28984 2016-03-26] (Tencent)
    R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [48376 2016-03-26] ()
    R3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [45304 2016-03-26] (电脑管家)
    R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSSysKit64.sys [87288 2016-03-26] (电脑管家)
    S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-26 19:20 - 2016-03-26 19:20 - 00000000 ____D C:\ProgramData\TXQMPC
    2016-03-26 19:20 - 2016-03-26 19:20 - 00000000 ____D C:\Program Files\Common Files\Tencent
    2016-03-26 19:20 - 2016-03-26 19:19 - 00137976 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
    2016-03-26 19:20 - 2016-03-26 19:19 - 00089880 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
    2016-03-26 19:20 - 2016-03-26 19:19 - 00087800 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
    2016-03-26 19:20 - 2016-03-26 19:19 - 00045304 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
    2016-03-26 19:19 - 2016-03-26 19:25 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Tencent
    2016-03-26 19:19 - 2016-03-26 19:22 - 00000000 ____D C:\ProgramData\Tencent
    2016-03-26 19:19 - 2016-03-26 19:19 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-03-26 19:19 - 2016-03-26 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
    2016-03-26 19:17 - 2016-03-26 19:24 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
    2016-03-26 19:16 - 2016-03-26 19:16 - 00000660 __RSH C:\ProgramData\ntuser.pol
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 26 Mar 2016 20:36
    wojtek1234321
    Poziom 31  

    Dzięki.
    Naprawa się dokonała i mam nadzieję że będzie dobrze, a tak a'propo to chciałbym się dowiedzieć co należy umieszczać w fixlist, i na jakich zasadach tworzyć taką listę
    Pozdrawiam.

    0
  • #4 26 Mar 2016 20:39
    krzychupar
    Poziom 40  

    Na podstawie Tutorialu obsługi Farbar Recovery Scan Tool.

    0