Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Otwiera mi się okno konsolowe w systemie Windows 10.

SleepyOne 31 Maj 2017 00:18 594 3
  • #1 31 Maj 2017 00:18
    SleepyOne
    Poziom 3  

    Wiem, że niedawno był podobny temat, ale wykonanie fixlist przez FRST w moim przypadku nie pomogło. Pewnie coś robię nie tak.

    Otwiera mi się okno konsolowe na ułamki sekund, kilka razy dziennie. Widać tam m.in. ...C/programfiles/roots/... (tyle udało się dojrzeć). Więcej w załącznikach. Jeśli ktoś wie, jak można to naprawić, dziękuję za wszelkie sugestie.

    0 3
  • Pomocny post
    #2 31 Maj 2017 05:19
    krzychupar
    Poziom 40  

    Odinstaluj:
    McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym
    McAfee Firewall
    Otwórz notatnik systemowy i wklej:
    Task: {03339CA8-603C-4C07-BE46-EF44F0A730B8} - \WPD\SqmUpload_S-1-5-21-3200246711-1359584119-2832385726-1001 -> Brak pliku <==== UWAGA
    Task: {03736316-BD57-4B7D-B9C8-8876DA266780} - \Microsoft\Windows\Setup\gwx\rundetector -> Brak pliku <==== UWAGA
    Task: {0C196A5D-F4FB-44DC-B1F6-7367D07885A9} - \McAfee\McAfee Idle Detection Task -> Brak pliku <==== UWAGA
    Task: {12F7B145-F040-4407-A507-724066AF6F85} - System32\Tasks\{DFBA3340-E0BB-49E1-9BB1-6C089D7CA809} => pcalua.exe -a C:\Users\Kamila\Downloads\DTLiteInstaller.exe -d C:\Users\Kamila\Downloads
    Task: {29F64E80-7CB1-4623-8793-75E22C60EFD3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {5553739B-E7D1-42C9-A026-ECB3128EDE4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {56501F9B-9866-41F7-9655-41D0E26BF683} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {69218836-AF5F-4D95-9835-4E1399A02102} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {88F3DB32-8A9F-4C67-92C3-A1E8AC33F5E2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {8A0D6D1C-CF80-40A2-BF84-0AC8B9419B9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {947ACBE6-27A5-48C0-9BC7-35BA13F98137} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {994812D7-41A6-4974-B42B-4F97B298B067} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {9ED85294-9E2A-4F71-BDCE-96ED2D577F94} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {AA3E7888-29AB-4022-8FFA-C96E1EE922EC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {CC799927-57BC-4A80-8956-BDA56D374384} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {EC5CF249-379B-4A96-8901-17E420F76D8A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {B57EB172-3398-4145-9D55-6E05DF6B9D33} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
    Task: {B73154C2-2593-41F5-876D-87BBFB17C03E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
    Task: {CFC225B5-AA55-4A26-9469-DFD58F19BA7C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-27] (Microsoft Corporation)
    ask: {EDEEA514-1181-4319-9A60-542B3A7C58B1} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA




    Task: {EE88EDCA-9048-49BB-B749-5CF1435B4E80} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {F14FED6A-266B-4BE0-85FE-F1E2AA6C55E9} - System32\Tasks\Opera scheduled Autoupdate 1442351449 => C:\Program Files (x86)\Opera\launcher.exe
    Hosts:
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {1ad6f071-1bad-11e6-beb0-8056f2b1673c} - "G:\h3_setup.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {1ad6f423-1bad-11e6-beb0-8056f2b1673c} - "H:\autorun.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {2d0b670a-1ee2-11e6-beb3-8056f2b1673c} - "E:\SETUP.EXE"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {35423dc6-325d-11e7-bf04-c45444119e78} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {a40b6900-8767-11e6-bedc-8056f2b1673c} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {bb1d9429-a38d-11e6-bee4-8056f2b1673c} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {bb1d9495-a38d-11e6-bee4-8056f2b1673c} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3200246711-1359584119-2832385726-1001\...\MountPoints2: {dd945a12-a5c6-11e6-bee5-8056f2b1673c} - "F:\HiSuiteDownLoader.exe"
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
    SearchScopes: HKU\S-1-5-21-3200246711-1359584119-2832385726-1001 -> DefaultScope {3F2E2663-0A2C-453A-A3D7-F412BAEFF833} URL =
    SearchScopes: HKU\S-1-5-21-3200246711-1359584119-2832385726-1001 -> {3F2E2663-0A2C-453A-A3D7-F412BAEFF833} URL =
    BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-11-18] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-18] (McAfee, Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-15] [Brak podpisu cyfrowego]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.istartsurf.com/?type=sc&ts=144...;uid=ST500LM000-SSHD-8GB_W371KVHXXXXXW371KVHX
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_5\McAPExe.exe [963176 2016-10-07] (McAfee, Inc.)
    S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
    R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\\McCSPServiceHost.exe [1934968 2016-10-17] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1307752 2016-10-20] (McAfee, Inc.)
    S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [242704 2016-09-08] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [384016 2016-09-08] (McAfee, Inc.)
    R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [331280 2016-09-08] (McAfee, Inc.)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1473128 2016-10-07] (McAfee, Inc.)
    S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
    R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88120 2016-09-09] (McAfee, Inc.)
    R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [477752 2016-09-09] (McAfee, Inc.)
    R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [364088 2016-09-09] (McAfee, Inc.)
    S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85656 2016-09-09] (McAfee, Inc.)
    R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [512056 2016-09-09] (McAfee, Inc.)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [884792 2016-09-09] (McAfee, Inc.)
    R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [527496 2016-09-09] (McAfee, Inc.)
    S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-09-09] (McAfee, Inc.)
    R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110136 2016-09-09] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
    R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252984 2016-09-09] (McAfee, Inc.)
    S3 mfeaack01; \Device\mfeaack01.sys [X]
    2015-09-15 21:10 - 2015-10-09 18:58 - 0010455 _____ () C:\Users\Kamila\AppData\Roaming\AbsoluteReminder.xml
    2017-02-11 18:07 - 2017-02-11 18:07 - 0000098 _____ () C:\Users\Kamila\AppData\Roaming\SDC_Path_Meihua2_U.ini
    2015-09-15 23:41 - 2015-09-15 23:41 - 0000020 ___SH () C:\Users\Kamila\AppData\Roaming\Sys11965 DataCollection.dat
    2015-09-15 23:41 - 2015-09-15 23:41 - 0000020 ___SH () C:\Users\Kamila\AppData\Roaming\System413_DataDB.ind
    2017-04-08 19:12 - 2017-04-08 19:12 - 0003584 _____ () C:\Users\Kamila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-09-15 21:10 - 2017-05-30 21:45 - 0000282 _____ () C:\Users\Kamila\AppData\Local\RegisteredPackageInformation.xml
    2016-09-18 10:44 - 2016-09-18 10:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2015-09-15 23:38 - 2015-09-15 23:38 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    2013-12-18 00:06 - 2013-12-18 00:06 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
    2013-12-18 00:02 - 2013-12-18 00:03 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2013-12-18 00:04 - 2013-12-18 00:05 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
    2013-12-18 00:05 - 2013-12-18 00:05 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #3 31 Maj 2017 07:38
    Kolobos
    Spec od komputerów

    Do Fixlist dodaj jeszcze:
    Task: {7C5F8CA7-BA2D-49F9-9081-5803F50C618E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
    Task: {B57EB172-3398-4145-9D55-6E05DF6B9D33} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()

    @krzychupar podal tylko jeden z wpisow.

    0
  • #4 01 Cze 2017 23:20
    SleepyOne
    Poziom 3  

    Dzięki Waszej pomocy problem rozwiązany. Dziękuję!

    0