Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Usunięcie MPC Cleanera z Windows 7 - Log z FRST!

Bart3k91 07 Kwi 2016 22:25 576 2
  • #1 07 Kwi 2016 22:25
    Bart3k91
    Poziom 2  

    Witam.
    Jestem kolejną osobą która padła łupem tego programu, i w końcu zebrałem się aby to naprawić. Dołączam log z programu FRST i oczekuje na pomoc!
    Z góry dziękuję i pozdrawiam!

    0 2
  • Pomocny post
    #2 08 Kwi 2016 08:50
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj SafeFinder.

    Uruchom komputer zgodnie z podaną poniżej instrukcją i tam uruchom skrypt:
    http://www.fixitpc.pl/topic/4414-diagnostyka-infekcji-na-niestartuj%C4%85cych-windows/

    Cytat:

    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    HKLM-x32\...\Run: [mpck_en_005030287] => [X]
    HKLM-x32\...\Run: [sun21] => [X]
    HKLM-x32\...\Run: [rec_pl_238] => [X]
    HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe" /regrun
    S2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-03] (DotC United Inc)
    S1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-03] (DotC United Inc)
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2016-04-05 18:08 - 2016-04-05 18:14 - 00000643 _____ C:\DelFix.txt
    2016-04-05 13:55 - 2016-04-05 13:55 - 00000000 _____ C:\autoexec.bat
    2016-04-05 13:52 - 2016-04-05 13:52 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Bart3k\Downloads\sh-remover.exe
    2016-04-05 13:45 - 2016-04-07 20:58 - 00001729 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
    2016-04-03 23:18 - 2016-04-03 23:17 - 00060136 ____N (DotC United Inc) C:\Windows\System32\Drivers\MPCKpt.sys
    2016-04-03 23:17 - 2016-04-03 23:23 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
    2016-04-04 00:06 - 2015-11-03 00:47 - 00000000 ____D C:\Users\Bart3k\AppData\Roaming\MPC-HC
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, odpal go i kliknij Fix/Napraw.

    Następnie załącz nowe logi z FRST z trybu normalnego.

    0
  • Pomocny post
    #3 08 Kwi 2016 14:32
    krzychupar
    Poziom 41  

    Odistaluj:
    SafeFinder (HKLM-x32\...\{7A83390B-4554-405C-9158-42B0903476FB}) (Version: 1.0.0.0 - Linkury) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    CloseProcess:
    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe" /regrun
    2016-04-07 11:18 - 2016-04-07 11:18 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\zlib.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\sqlite.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\tinyxml.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00039776 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
    2016-04-07 11:20 - 2016-03-28 21:11 - 00070848 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
    2016-04-07 11:18 - 2016-02-28 00:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\oDayProtect.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00121184 _____ () c:\program files (x86)\tencent\qqpcmgr\11.1.16923.222\qmrtpcontroller.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00112992 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TavPedc.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\libexpatw.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\xGraphic32.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\arkGraphic.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\jgImage.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\libpng.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\libjpegturbo.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\jgIOStub.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\xImage.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00170336 _____ () c:\program files (x86)\tencent\qqpcmgr\11.1.16923.222\qmhipslogpolicy.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\MemDefrag.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00248160 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMWlanMacDll.dll




    2016-04-07 11:18 - 2016-04-07 11:18 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\DlForQd.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\zlib.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\libexpatw.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\tinyxml.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\xGraphic32.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\arkGraphic.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\jgImage.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\libpng.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\libjpegturbo.dll
    2016-04-07 11:18 - 2016-04-07 11:18 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\jgIOStub.dll
    2016-03-23 09:01 - 2016-03-23 09:01 - 00083560 _____ () C:\Users\Paweł\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\zlib.dll
    FirewallRules: [{43333440-8B54-425C-8E26-02BB330AE6E1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCmgrInstallGuide.exe
    FirewallRules: [{40FC94F7-2F82-4693-A41F-EA9C169940F4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTray.exe
    FirewallRules: [{991FD187-DD2C-475C-A548-8E3D1FF4B54F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCMgr.exe
    FirewallRules: [{64DD9213-FB26-4EC4-8631-E466D3E074B2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe
    FirewallRules: [{B9EAD06F-6959-410E-8027-C6B5319E5745}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMDL.exe
    FirewallRules: [{2ABE1100-2552-42CA-9C26-6668FF5D6996}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\bugreport.exe
    FirewallRules: [{EF29E1E8-C629-4DC8-B84B-C27015F0BE02}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCFileOpen.exe
    FirewallRules: [{C9653B6E-EA18-451F-81D5-C4C1E7B18D3E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCLeakScan.exe
    FirewallRules: [{328C7C78-B223-482D-BCF0-CA2BDF9AB6A5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPConfig.exe
    FirewallRules: [{ABC6071B-0C26-47B7-B419-492D82897131}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSoftMgr.exe
    FirewallRules: [{9949CBDB-4A9D-4701-97B5-930AFFF6C7BC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\QQPCNetFlow.exe
    FirewallRules: [{D9327E91-EA81-4653-873D-490BC7C06574}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCBTU.exe
    FirewallRules: [{F9AFA681-4A8D-4320-8D0C-8C148DAC79CA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCClinic.exe
    FirewallRules: [{B48AE5FB-A03B-4103-B767-996A48740FFC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCLaunch.exe
    FirewallRules: [{66BAEB1C-7AA2-4405-9DBC-217FDF790E92}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMUpdate\QQPCMgrUpdate.exe
    FirewallRules: [{4507E566-4360-40D1-A15D-AFD7A4B7D01A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSoftGame.exe
    FirewallRules: [{38483083-84FB-4C64-988E-F44CE04267D5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSysOptimize.exe
    FirewallRules: [{E9D9FD41-978C-4558-BEFF-899B3313ABBB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCUpdateAVLib.exe
    FirewallRules: [{ED53D829-D892-47F2-AE15-5014F492C43E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQRepair.exe
    FirewallRules: [{1DFD4076-87A8-4F1A-9AA9-8A8BD557F3E5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\Uninst.exe
    FirewallRules: [{901770B7-B3A1-43FA-9472-46C0011951E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCPatch.exe
    FirewallRules: [{D9B7228B-9AE5-4880-85F2-A595E207139E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TpkUpdate.exe
    FirewallRules: [{2DB4A12E-40FD-4EF2-B2B4-77E67C4AAE80}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMRouterMgr.exe
    FirewallRules: [{94E9C5CE-7F1E-492A-B6C2-A1CF3C776DC3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMAccountProtection.exe
    FirewallRules: [{345B7D22-AD06-4404-8F01-7AFDEF3C982B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMAdBlock.exe
    2016-04-03 23:16 - 2016-04-04 07:58 - 00000000 ____D C:\Users\Bart3k\AppData\Roaming\Ajuslacwua
    2016-04-03 23:16 - 2016-04-03 23:16 - 00000000 ____D C:\Users\Bart3k\AppData\Roaming\UgubabLufupe
    2016-04-03 23:16 - 2016-04-03 23:16 - 00000000 ____D C:\Users\Bart3k\AppData\LocalLow\Company
    2016-04-03 23:16 - 2016-04-03 23:16 - 00000000 ____D C:\Users\Bart3k\AppData\Local\Tempfolder
    2016-04-03 23:16 - 2016-04-03 23:16 - 00000000 ____D C:\uninst
    2016-04-03 23:16 - 2016-04-03 23:16 - 00000000 ____D C:\extensions
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    Log Frst.txt jest nepełny.
    Zamieść nowe logi i dlaczego zakładasz dwa posty dotyczące tego samego problemu lecz pod różnymi nazwami autorów.

    0