Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów z FRST - BSoD na youtube

hadoken731 03 Mar 2018 09:42 222 5
  • #1 03 Mar 2018 09:42
    hadoken731
    Poziom 2  

    Witam, wczoraj skanowałem komputer Malwarebytesem i wypluło całkiem sporo adware'ów i innego syfu, dlatego bardzo też bym prosił o pomoc w sprawdzeniu logów z FRST w celu usunięcia złośliwego softu/przywrócenia do stanu używalności, dodam że głównym problemem jest Blue Screen w serwisie YouTube

    Odnośnie BSoDów

    Code:
    On Fri 2018-03-02 11:31:12 your computer crashed or a problem was reported
    
    crash dump file: C:\Windows\Minidump\030218-125066-01.dmp
    This was probably caused by the following module: hal.dll (hal+0x12A3B)
    Bugcheck code: 0x124 (0x0, 0xFFFFFA800B214028, 0xB6002000, 0xC0000135)
    Error: WHEA_UNCORRECTABLE_ERROR
    file path: C:\Windows\system32\hal.dll
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: Hardware Abstraction Layer DLL
    Bug check description: This bug check indicates that a fatal hardware error has occurred. This bug check uses the error data that is provided by the Windows Hardware Error Architecture (WHEA).
    This is likely to be caused by a hardware problem.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.


    Code:
    On Wed 2018-02-28 21:04:34 your computer crashed or a problem was reported
    
    crash dump file: C:\Windows\Minidump\022818-20966-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x4ACE0C)
    Bugcheck code: 0x124 (0x0, 0xFFFFFA800B027038, 0x0, 0x0)
    Error: WHEA_UNCORRECTABLE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that a fatal hardware error has occurred. This bug check uses the error data that is provided by the Windows Hardware Error Architecture (WHEA).
    This is likely to be caused by a hardware problem.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    0 5
  • #2 03 Mar 2018 09:53
    Kolobos
    Spec od komputerów

    BS pojawia sie we wszystkich przegladarkach? Podczas gier tez sie pojawia?
    Po odinstalowaniu Kasperskiego cos sie zmienia?

    Wykonaj Fixlist.txt dla FRST:
    Task: {1B1354AC-7645-47E1-BD90-2FBAEF094B3E} - System32\Tasks\Opera scheduled Autoupdate 1484400306 => C:\Program Files (x86)\Opera\launcher.exe [2017-12-18] (Opera Software)
    Task: {1FF2785E-2291-4528-BF99-9A9CF2643C89} - System32\Tasks\{70584C15-4A34-4750-BBB8-5F35726A9CAF} => C:\Windows\system32\pcalua.exe
    Task: {366832BE-9581-49F1-A433-6936ACCC9C2C} - System32\Tasks\{0AB92190-9E57-4E0A-AEE1-BF342F1E0463} => C:\Users\Hadouken\AppData\Local\dSUQUWys.exe [2009-07-14] (Microsoft Corporation)
    Task: {751D9DFE-FF02-4F98-B2DB-8201AF62A017} - System32\Tasks\{273F5714-4A69-4783-9253-8A283192A5F3} => C:\Windows\DRLgeIoy.exe [2009-07-14] (Microsoft Corporation)
    Task: {E24BB21A-B876-4081-B337-9EEDF2A189E1} - System32\Tasks\{1BA36763-60E4-405B-8925-DD5B42FE3C51} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.38.0.101/pl/aband...tall?source=lightinstaller&page=tsInstall
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [432]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [432]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
    AlternateDataStreams: C:\Users\Hadouken\Application Data:NT [40]
    AlternateDataStreams: C:\Users\Hadouken\Application Data:NT2 [432]
    AlternateDataStreams: C:\Users\Hadouken\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\Hadouken\AppData\Roaming:NT2 [432]
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {00cdeb4b-6af3-11e5-80c9-bcaec5bea255} - E:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {028a1417-aa9d-11e6-b097-dbc2db13d611} - E:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {028a1430-aa9d-11e6-b097-dbc2db13d611} - E:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {028a143e-aa9d-11e6-b097-dbc2db13d611} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {1d6e8881-75b7-11e5-8a7b-bcaec5bea255} - E:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {350340e9-6eb2-11e7-a832-bcaec5bea255} - E:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {47ed88a6-742f-11e6-8c67-dfb7fd478355} - E:\AutoRun.exe




    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {4ef8029b-509d-11e5-b412-a4c821fb6454} - G:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {514d19be-5024-11e5-bfac-806e6f6e6963} - D:\SETUP.EXE
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {57c65b75-e7fe-11e7-8675-bcaec5bea255} - F:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {57c65b81-e7fe-11e7-8675-bcaec5bea255} - F:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {57c65b8b-e7fe-11e7-8675-bcaec5bea255} - F:\autorun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {5b32e9a6-feca-11e7-9dec-bcaec5bea255} - F:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {66687ba7-0ce4-11e8-9abc-bcaec5bea255} - H:\Setup.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {7288a4c1-6ee1-11e6-a532-b9679de5375e} - E:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {7561107d-950e-11e5-8e8f-bcaec5bea255} - E:\setup.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {75611080-950e-11e5-8e8f-bcaec5bea255} - I:\setup.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {95b33808-743c-11e6-8d0a-bcaec5bea255} - F:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {95b33825-743c-11e6-8d0a-bcaec5bea255} - E:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {b2b4ce05-5f8c-11e6-b42f-e732f9680630} - E:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {bc21784c-24c2-11e6-b6d5-bcaec5bea255} - J:\SETUP.EXE
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {c074444a-f87e-11e6-b9b1-b34a6e05f0ee} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {e8134dc3-5024-11e5-81c8-f3294f0dda27} - H:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {e8134de8-5024-11e5-81c8-f3294f0dda27} - G:\AutoRun.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {f1a4b31e-ce45-11e7-8561-bcaec5bea255} - K:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-1371549040-4094710216-3684405423-1000\...\MountPoints2: {f52c903d-5eee-11e6-9e51-838715d33bef} - E:\AutoRun.exe
    CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...rxiPvsNvSez-hUfbIEW5fzV_Zc85x4oyKRGNO7VsIBu7_
    CHR StartupUrls: Default -> "hxxp://hxxps://www.google.com//?affID=110823&tt=120912_pcp_3812_1&babsrc=HP_ss&mntrId=1c310cbc00000000000000ff7eb45de5","hxxps://www.google.com/","hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
    C:\Users\Hadouken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjdhoikoppfngdpngepakeogdnlcilm
    CHR Extension: (Anti-Adblock Popup Blocker) - C:\Users\Hadouken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjdhoikoppfngdpngepakeogdnlcilm [2017-06-03]
    CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
    S3 BstHdDrv; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [X]
    S3 BstkDrv; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [X]
    S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2018-02-27 11:33 - 2018-02-27 11:35 - 000000000 ____D C:\ProgramData\Mail.Ru
    2009-07-14 02:14 - 2009-07-14 02:14 - 000186368 ____N (Microsoft Corporation) C:\Users\Hadouken\qvoAywJI.exe
    2016-02-25 02:36 - 2015-11-21 16:01 - 000407042 ___SH () C:\Users\Hadouken\AppData\Local\CSIDL_
    2009-07-14 02:14 - 2009-07-14 02:14 - 000073216 ____N (Microsoft Corporation) C:\Users\Hadouken\AppData\Local\dSUQUWys.exe
    2018-02-27 11:34 - 2018-02-27 11:34 - 000000002 _____ () C:\Users\Hadouken\AppData\Local\WMI.ini

    0
  • #3 03 Mar 2018 10:11
    hadoken731
    Poziom 2  

    Wysyłam Fixlog, usunąłem Kasperskiego po czym wykonałem Fixlist

    Sprawdzę na innych przeglądarkach i w grach jeżeli problem będzie pojawiał się na Chrome to dam znać

    0
  • #4 04 Mar 2018 12:24
    hadoken731
    Poziom 2  

    Przepraszam za double post, ale zauważyłem że owszem, problem pojawia się tylko na chrome ( i przeglądarkach opartych na chromium ), na Firefoxie wszystko działa elegancko (7 godzin puszczonego autoplaya i nic)
    Co w takiej sytuacji zrobić?

    0