Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Komputer się wyłącza - Logi FRST -

lol2plxd 25 Gru 2016 21:13 306 2
  • Pomocny post
    #2 25 Gru 2016 21:29
    Kolobos
    Spec od komputerów

    Nie pobieraj programow z dobrychprogramow przy pomocy ich menadzera pobierania, ktory instaluje szkodliwe dodatki!

    Odinstaluj:
    Amazon 1Button App
    Amazon Assistant
    PRO PC Cleaner
    WarThunder

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    CustomCLSID: HKU\S-1-5-21-3961851625-2195373958-3067014580-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\WIKTOR\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Brak pliku
    Task: {0AC8C116-8B8F-49D9-B35A-14442DFAD8E1} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-02] (NVIDIA Corporation)
    Task: {0F6511A6-5775-4591-9455-08B2EED2C92B} - System32\Tasks\Opera scheduled Autoupdate 1450810303 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
    Task: {94BB9873-0E0D-4EED-B5F8-B04398672B21} - System32\Tasks\PROPCCleaner_Popup => C:\Program Files (x86)\PRO PC Cleaner\Splash.exe [2016-07-15] () <==== UWAGA
    Task: {C6D6C81E-0D12-4009-B454-C795073D86E1} - System32\Tasks\PROPCCleaner_Start => C:\Program Files (x86)\PRO PC Cleaner\PROPCCleaner.exe [2016-07-15] (PRO PC Cleaner) <==== UWAGA
    C:\Users\WIKTOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
    C:\Users\WIKTOR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk
    ShortcutWithArgument: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.so-v.com/?type=ll&uid=2fa4e128-95ec-4e59-a49c-f320553bece9
    AlternateDataStreams: C:\Users\WIKTOR:Heroes & Generals [38]
    Hosts:
    (MustangService) C:\ProgramData\TempMoudleSet\MustangSer1211.exe
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {341ecee9-f5cf-11e5-9d86-000e2e7ac2e4} - "F:\LG_PC_Programs.exe"
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {5a1c9f74-d70a-11e5-9d0c-c83a35c95d91} - "F:\HTC_Sync_Manager_PC.exe"
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {6f7c5ece-3074-11e6-9eee-d8cb8a77d0d7} - "I:\setup.exe"
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {95098915-a8e3-11e5-9bc9-d8cb8a77d0d7} - "G:\setup.exe"
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {967b28c5-a859-11e5-9bc1-806e6f6e6963} - "E:\Setup.exe"
    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {a70ef6c3-fc2e-11e5-9dc3-d8cb8a77d0d7} - "F:\HTC_Sync_Manager_PC.exe"




    HKU\S-1-5-21-3961851625-2195373958-3067014580-1002\...\MountPoints2: {db323dad-c06d-11e5-9c4a-d8cb8a77d0d7} - "I:\setup.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKU\S-1-5-21-3961851625-2195373958-3067014580-1002 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=..._ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=2fa4e128-95ec-4e59-a49c-f320553bece9
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [460472 2016-12-12] (Amazon Inc.)
    R2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer1211.exe [235776 2015-12-15] (MustangService)
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
    2016-12-25 20:44 - 2016-12-25 20:44 - 00189786 _____ C:\Users\WIKTOR\Downloads\OTL.Txt
    2016-12-25 12:57 - 2016-12-25 12:57 - 00003548 _____ C:\Windows\System32\Tasks\PROPCCleaner_Popup
    2016-12-25 09:16 - 2016-12-25 20:13 - 00000000 ____D C:\Users\WIKTOR\Documents\PROPCCleaner
    2016-12-25 09:16 - 2016-12-25 09:16 - 00003326 _____ C:\Windows\System32\Tasks\PROPCCleaner_Start
    2016-12-25 09:16 - 2016-12-25 09:16 - 00001142 _____ C:\Users\WIKTOR\Desktop\PRO PC Cleaner.lnk
    2016-12-25 09:16 - 2016-12-25 09:16 - 00000000 ____D C:\Users\WIKTOR\AppData\Roaming\PRO PC Cleaner
    2016-12-25 09:16 - 2016-12-25 09:16 - 00000000 ____D C:\Users\WIKTOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRO PC Cleaner
    2016-12-25 09:16 - 2016-12-25 09:16 - 00000000 ____D C:\Users\WIKTOR\AppData\Local\PRO_PC_Cleaner
    2016-12-25 09:16 - 2016-12-25 09:16 - 00000000 ____D C:\Program Files (x86)\PRO PC Cleaner
    2016-12-14 20:17 - 2016-12-14 20:17 - 01398744 _____ (Hododaho ) C:\Users\WIKTOR\Desktop\CPUZ-13047-dp.exe
    2016-12-22 21:14 - 2016-08-01 11:56 - 00000080 _____ C:\Users\WIKTOR\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
    2016-06-20 16:32 - 2016-06-20 16:32 - 0000768 _____ () C:\Users\WIKTOR\AppData\Roaming\Microsoft\Obrazy — skrót.lnk
    EmptyTemp:

    W FRST wybierz Napraw.

    > Komputer się wyłącza

    Sprawdziles temperatury?

    0