Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

MPC Cleaner jak go usunąć?

kakashi1912 02 Lip 2016 22:59 381 3
  • #1 02 Lip 2016 22:59
    kakashi1912
    Poziom 1  

    Witam, mam problem z usunięciem tego draństwa - MPC Cleaner. Nawet po usunięciu go za pomocą IObit Uninstaller po ponownym uruchomieniu komputera wraca. Usunąłem przeglądarki: Chrome i Opere a zainstalowałem Maxthon, przez to nie pojawiają się reklamy ale sam program daje o sobie znać i zwalnia komputer. Proszę o rady jak pozbyć się tego programu(krok po kroku) raz na zawsze. Dziękuję za wszelką pomoc. Dodaje poniżej pliki FRST i Addition.

    0 3
  • #4 03 Lip 2016 00:14
    krzychupar
    Poziom 40  

    Odinstaluj:
    SafeFinder (HKLM-x32\...\{6BA37F5F-65BD-4240-9159-61950723D344}) (Version: 1.0.0.0 - Linkury)

    Następnie przejdź do katalogu C:\Program Files (x86)\MPC Cleaner\ i uruchom uninstall z prawami administratora.

    Otwórz notatnik i wklej:
    Hosts:
    Task: {247AFA31-C7D8-4D71-B676-570D63E44B28} - System32\Tasks\{C6307507-1D1E-487F-9FF5-3852386C23D2} => N:\SETUP.EXE
    Task: {3BFFBDD8-AB24-46C7-B76E-10F9451C59BC} - System32\Tasks\Opera scheduled Autoupdate 1426338646 => C:\Program Files (x86)\Opera\launcher.exe [2016-06-13] (Opera Software)
    Task: {50F7E296-B7EE-4198-A46D-72F89B3D879A} - System32\Tasks\{513A0CED-9EFE-4DB1-B7BD-A1D010B6438B} => N:\SETUP.EXE
    Task: {513F27D0-078B-47EE-A871-2503C834E66D} - System32\Tasks\{E6A695B5-392E-43D9-A078-D2928C3169D7} => pcalua.exe -a "F:\Program Files\Divinity Original Sin Enhanced Edition\language_setup.exe" -d "F:\Program Files\Divinity Original Sin Enhanced Edition"
    Task: {5974ED61-0052-4949-9DBB-56BB13D82FB8} - System32\Tasks\{EA3C18D1-E1FF-445A-9323-59C495AFC6E1} => pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=17
    Task: {5D794FF8-333C-445E-89FF-6884E6EBF51F} - System32\Tasks\{DF83D8FD-D85E-4156-ABB4-B82B8F1B53C5} => pcalua.exe -a I:\eauninstall.exe -d I:\
    Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1426338646.job => C:\Program Files (x86)\Opera\launcher.exe
    HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: J - J:\Autorun.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: K - K:\setup.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: L - L:\setup\rsrc\Autorun.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: N - N:\setup_homm5.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: P - P:\setup.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: {aa6e1ee4-2fdd-11e6-8a48-806e6f6e6963} - I:\Autorun.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: {dfefeba0-5afb-11e5-9415-02026d6d3437} - J:\LG_PC_Programs.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\MountPoints2: {e8e0a849-062d-11e5-81a1-0023541a6936} - J:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-4091490760-4216760891-2126678314-1001\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3231232 2016-04-09] (Microsoft Corporation) <==== UWAGA
    ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Brak pliku [ ]
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => Brak pliku




    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    URLSearchHook: [S-1-5-21-4091490760-4216760891-2126678314-1001] UWAGA => Brak domyślnego URLSearchHook
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Brak pliku
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [Brak pliku]
    OPR StartupUrls: "hxxp://www.viceice.com/"
    S2 ArhCntservice; "C:\Program Files (x86)\Arahick\ArhCntservice.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
    S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X]
    R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-06-26] (DotC United Inc)
    S3 cpuz137; Brak ImagePath
    R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-06-26] (DotC United Inc)
    S3 digitalpower; system32\drivers\digitalpower.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-06-28 03:54 - 2016-07-03 04:18 - 00001729 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
    2016-06-27 01:16 - 2016-06-27 01:16 - 00000000 ____D C:\Users\Michał\AppData\Roaming\MCorp
    2016-06-27 00:47 - 2016-06-27 01:04 - 00000000 ____D C:\AdwCleaner
    2016-06-26 19:46 - 2016-07-03 04:15 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
    2016-06-26 19:46 - 2016-06-26 19:46 - 00060136 ____N (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
    2016-06-26 19:45 - 2016-06-26 19:46 - 00018288 _____ C:\Users\Michał\AppData\Roaming\InstallationConfiguration.xml
    2016-06-26 19:45 - 2016-06-26 19:45 - 00128512 _____ C:\Users\Michał\AppData\Roaming\Installer.dat
    2016-06-26 19:47 - 2016-06-26 19:47 - 6867456 _____ () C:\Users\Michał\AppData\Roaming\agent.dat
    2016-06-26 19:47 - 2016-06-26 19:47 - 0054272 _____ () C:\Users\Michał\AppData\Roaming\ApplicationHosting.dat
    2015-09-30 23:58 - 2015-09-30 23:58 - 1233136 _____ () C:\Users\Michał\AppData\Roaming\AvidApplicationManager_Install.log
    2016-06-26 19:47 - 2016-06-26 19:47 - 0069024 _____ () C:\Users\Michał\AppData\Roaming\Config.xml
    2016-06-26 19:47 - 2016-06-26 19:45 - 0964096 _____ () C:\Users\Michał\AppData\Roaming\Dancom.exe
    2016-06-26 19:47 - 2016-06-26 19:47 - 1759888 _____ () C:\Users\Michał\AppData\Roaming\Dancom.tst
    2016-06-26 19:46 - 2016-06-26 19:46 - 0848437 _____ () C:\Users\Michał\AppData\Roaming\Geomatstock.bin
    2016-06-26 19:47 - 2016-06-26 19:47 - 2279413 _____ () C:\Users\Michał\AppData\Roaming\Indigocof.bin
    2016-06-26 19:45 - 2016-06-26 19:46 - 0018288 _____ () C:\Users\Michał\AppData\Roaming\InstallationConfiguration.xml
    2016-06-26 19:45 - 2016-06-26 19:45 - 0128512 _____ () C:\Users\Michał\AppData\Roaming\Installer.dat
    2016-04-07 03:05 - 2016-04-07 03:05 - 240397312 _____ () C:\Users\Michał\AppData\Roaming\Launcher.dat
    2016-06-26 19:47 - 2016-06-26 19:47 - 0126464 _____ () C:\Users\Michał\AppData\Roaming\lobby.dat
    2016-06-26 19:47 - 2016-06-26 19:47 - 0018432 _____ () C:\Users\Michał\AppData\Roaming\Main.dat
    2016-06-26 19:47 - 2016-06-26 19:47 - 0005568 _____ () C:\Users\Michał\AppData\Roaming\md.xml
    2016-06-26 19:47 - 2016-06-26 19:47 - 0126464 _____ () C:\Users\Michał\AppData\Roaming\noah.dat
    2016-06-26 19:47 - 2016-06-26 19:45 - 0964096 _____ () C:\Users\Michał\AppData\Roaming\Spantech.exe
    2016-06-26 19:47 - 2016-06-26 19:47 - 0072704 _____ () C:\Users\Michał\AppData\Roaming\Spantech.tst
    2016-06-26 19:47 - 2016-06-26 19:47 - 0032038 _____ () C:\Users\Michał\AppData\Roaming\uninstall_temp.ico
    2016-04-07 03:05 - 2016-04-07 03:05 - 0000009 _____ () C:\Users\Michał\AppData\Roaming\update.dat
    2015-03-17 03:18 - 2015-03-17 03:18 - 0000000 _____ () C:\Users\Michał\AppData\Local\{2FD36FD2-A739-4E82-AFB6-99FF6B63C494}
    2015-03-17 20:18 - 2015-03-17 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.
    Po wykonaniu skryptu zamieść nowe logi z Frst.

    0