Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Proszę o sprawdzenie logów FRST

GacGaco 28 Sie 2018 23:15 78 2
  • #1 28 Sie 2018 23:15
    GacGaco
    Poziom 2  

    Witam, mój komputer zaczął się buntować i programy typu adw cleaner, malwarebytes czy też właśnie FRST nie otwierają się w normalnej przeglądarce, wyłącznie w trybie awaryjnym. Jednak adw cleaner ani nic podobnego nie jest w stanie znaleźć nic w tym trybie. Poniżej zamieszczam logi i proszę o pomoc! ;)

    0 2
  • Pomocny post
    #2 28 Sie 2018 23:22
    Kolobos
    Spec od komputerów

    Nie sciagaj pirackich gier skoro nie umiesz, wtedy nie bedziesz mial takich problemow.

    Odinstaluj: McAfee WebAdvisor

    Fixlist.txt:
    CloseProcesses:
    Task: {0357FE17-078E-411B-972A-699966AB453D} - System32\Tasks\{3598E124-601F-04E4-D5F2-78AAC0BEDDC2} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" brandnewcoms.ru/cl/?guid=bhtb4vvwgqir4z9aqrcj4zoej9awbutc&prid=1&pid=4_1324_0
    Task: {AF0DAA2F-F216-4150-A1AB-41010AC607AA} - System32\Tasks\{331C7A0F-11E2-446F-B1F7-31A2E44B171D} => C:\Windows\system32\pcalua.exe -a G:\OriginSetup.exe -d G:\
    Task: {FA7C8306-2A54-4D23-AD3F-3E5C7CAE4BFD} - System32\Tasks\{1EF65F53-6762-A6ED-B70F-87630C537658} => C:\Windows\QiIY.exe [2009-07-14] (Microsoft Corporation)
    Task: {FE3A21BB-0072-4CDC-8255-404824CE3D27} - System32\Tasks\{584EFB9E-61E7-FB5D-9773-9A28693F5051} => C:\Users\Kacper\vEksvjART.exe [2009-07-14] (Microsoft Corporation)
    C:\Users\Kacper\vEksvjART.exe
    C:\Windows\QiIY.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: E - E:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: G - G:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: {596fb0b1-2ab0-11e7-a9f7-94de800874f9} - G:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: {973970e1-082b-11e8-b75c-94de800874f9} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: {a8df039e-aae3-11e8-9582-94de800874f9} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000\...\MountPoints2: {b7d23061-85b7-11e7-b19a-94de800874f9} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: E - E:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: G - G:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: {596fb0b1-2ab0-11e7-a9f7-94de800874f9} - G:\setup.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: {973970e1-082b-11e8-b75c-94de800874f9} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: {a8df039e-aae3-11e8-9582-94de800874f9} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-3176141605-582712653-222901511-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08282018230003521\...\MountPoints2: {b7d23061-85b7-11e7-b19a-94de800874f9} - F:\HTC_Sync_Manager_PC.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2018-05-21]
    ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Brak pliku)




    GroupPolicy: Ograniczenia ? <==== UWAGA
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    ration)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=D210PL91105G0&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> mcafee
    C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-07-13]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
    S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170722.001\NAVENG.SYS [X]
    S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170722.001\NAVEX15.SYS [X]
    2018-08-27 20:31 - 2018-08-27 20:32 - 000000000 ____D C:\AdwCleaner
    2018-08-27 18:16 - 2018-08-27 18:16 - 000000002 _____ C:\Users\Kacper\AppData\Local\imw.ini
    2018-08-27 18:15 - 2018-08-28 22:13 - 000003724 _____ C:\Windows\System32\Tasks\{3598E124-601F-04E4-D5F2-78AAC0BEDDC2}
    2018-08-27 18:15 - 2018-08-28 22:13 - 000003586 _____ C:\Windows\System32\Tasks\{1EF65F53-6762-A6ED-B70F-87630C537658}
    2018-08-27 18:15 - 2018-08-28 22:13 - 000003406 _____ C:\Windows\System32\Tasks\{584EFB9E-61E7-FB5D-9773-9A28693F5051}
    2018-08-28 22:13 - 2017-05-10 10:14 - 000003046 _____ C:\Windows\System32\Tasks\{331C7A0F-11E2-446F-B1F7-31A2E44B171D}
    2009-07-14 03:14 - 2009-07-14 03:14 - 000073216 ____N (Microsoft Corporation) C:\Users\Kacper\vEksvjART.exe
    2018-08-27 18:16 - 2018-08-27 18:16 - 000000002 _____ () C:\Users\Kacper\AppData\Local\imw.ini

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #3 28 Sie 2018 23:35
    GacGaco
    Poziom 2  

    Dziękuję za wsparcie i pomoc, po takich przygodach gry pirackie zmieniam na kupione!

    0