Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Wiersz poleceń wyskakuje przy starcie.

Siberrr 25 Lis 2018 01:26 102 3
  • #1 25 Lis 2018 01:26
    Siberrr
    Poziom 2  

    Witam, od paru dni po uruchomieniu komputera uruchamia się wiersz poleceń i po sekundzie znika i do tego nie mogę go uruchomić. Korzystam z windowsa 7 64bit. W załączniku dodaje logi z FRST.

    0 3
  • Pomocny post
    #2 25 Lis 2018 05:53
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Brak pliku
    Task: {68CC6C08-8840-46C6-8A8A-8E9FB37BC2D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-25] (AVAST Software)
    Task: {7D2B9EA1-D6F8-48B3-82C0-CB74E63309D1} - System32\Tasks\{A62BCB32-8BF3-4B97-A39F-DFB3628BC272} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
    Task: {DAD09414-F5EE-4E3E-9B4B-CE92E93599F8} - System32\Tasks\Odkurzacz => D:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2018-11-20] (FranmoSoftware) <==== UWAGA
    Hosts:
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== UWAGA
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA
    CHR HKU\S-1-5-21-1566928525-2288805150-351335652-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx <nie znaleziono>
    HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== UWAGA (Rootkit!)
    HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== UWAGA (Rootkit!)
    HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== UWAGA (Rootkit!)
    R2 Thorn; C:\Users\Łukasz\AppData\Local\THORN\Thorn.exe [62328 2016-11-18] (GGS) <==== UWAGA
    S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2018-11-25 00:58 - 2018-11-25 00:58 - 000000000 ___DC C:\Users\Łukasz\AppData\Roaming\AVAST Software
    2018-11-25 00:58 - 2018-11-25 00:58 - 000000000 ___DC C:\Users\Łukasz\AppData\Local\AVAST Software
    2018-11-25 00:57 - 2018-11-25 00:57 - 000000000 ___DC C:\Windows\System32\Tasks\Avast Software




    2018-11-25 00:57 - 2018-11-25 00:57 - 000000000 ___DC C:\Program Files\Common Files\AVAST Software
    2018-11-25 00:57 - 2018-11-25 00:56 - 001028680 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb7201a719e3f46af.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000469272 ____C (AVAST Software) C:\Windows\system32\Drivers\asw57a8da9c179ad422.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000380464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswf77ec5541dc46a8d.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000346592 ____C (AVAST Software) C:\Windows\system32\Drivers\asw8325e6b8a21732c7.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000230344 ____C (AVAST Software) C:\Windows\system32\Drivers\asw2d414d9d87b56616.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000208472 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb686cc4a9da18fd1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000201768 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb82b0caf977a4f32.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000201240 ____C (AVAST Software) C:\Windows\system32\Drivers\asw63695d28edc095b1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000185072 ____C (AVAST Software) C:\Windows\system32\Drivers\asw91a2e8185d28e424.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000163208 ____C (AVAST Software) C:\Windows\system32\Drivers\aswc9a3c6e2768bdc84.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000111800 ____C (AVAST Software) C:\Windows\system32\Drivers\asw763cb2fa271f35d1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000087432 ____C (AVAST Software) C:\Windows\system32\Drivers\aswc37bca3127322811.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000059496 ____C (AVAST Software) C:\Windows\system32\Drivers\asw3379bc91b6ed660c.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000046384 ____C (AVAST Software) C:\Windows\system32\Drivers\aswd44b291d55a5d925.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000042288 ____C (AVAST Software) C:\Windows\system32\Drivers\asw eb060339907ceea.tmp
    2018-11-25 00:55 - 2018-11-25 00:57 - 000000000 ___DC C:\ProgramData\AVAST Software
    2018-11-13 22:01 - 2018-11-13 22:20 - 000000000 __HDC C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 25 Lis 2018 09:02
    Siberrr
    Poziom 2  

    Dziękuję bardzo za pomoc.

    0
  • #4 25 Lis 2018 09:03
    Siberrr
    Poziom 2  

    Dziękuję bardzo za pomoc.

    Dodano po 1 [minuty]:

    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Brak pliku
    Task: {68CC6C08-8840-46C6-8A8A-8E9FB37BC2D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-25] (AVAST Software)
    Task: {7D2B9EA1-D6F8-48B3-82C0-CB74E63309D1} - System32\Tasks\{A62BCB32-8BF3-4B97-A39F-DFB3628BC272} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
    Task: {DAD09414-F5EE-4E3E-9B4B-CE92E93599F8} - System32\Tasks\Odkurzacz => D:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2018-11-20] (FranmoSoftware) <==== UWAGA
    Hosts:
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== UWAGA
    HKU\S-1-5-21-1566928525-2288805150-351335652-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA
    CHR HKU\S-1-5-21-1566928525-2288805150-351335652-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [efhdjkbfpoohkmfaldijcpbnmbpefpkb] - C:\Program Files (x86)\ALLPlayer\AllPlayer.crx <nie znaleziono>
    HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== UWAGA (Rootkit!)
    HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== UWAGA (Rootkit!)
    HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== UWAGA (Rootkit!)
    R2 Thorn; C:\Users\Łukasz\AppData\Local\THORN\Thorn.exe [62328 2016-11-18] (GGS) <==== UWAGA
    S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2018-11-25 00:58 - 2018-11-25 00:58 - 000000000 ___DC C:\Users\Łukasz\AppData\Roaming\AVAST Software
    2018-11-25 00:58 - 2018-11-25 00:58 - 000000000 ___DC C:\Users\Łukasz\AppData\Local\AVAST Software
    2018-11-25 00:57 - 2018-11-25 00:57 - 000000000 ___DC C:\Windows\System32\Tasks\Avast Software
    2018-11-25 00:57 - 2018-11-25 00:57 - 000000000 ___DC C:\Program Files\Common Files\AVAST Software
    2018-11-25 00:57 - 2018-11-25 00:56 - 001028680 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb7201a719e3f46af.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000469272 ____C (AVAST Software) C:\Windows\system32\Drivers\asw57a8da9c179ad422.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000380464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswf77ec5541dc46a8d.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000346592 ____C (AVAST Software) C:\Windows\system32\Drivers\asw8325e6b8a21732c7.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000230344 ____C (AVAST Software) C:\Windows\system32\Drivers\asw2d414d9d87b56616.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000208472 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb686cc4a9da18fd1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000201768 ____C (AVAST Software) C:\Windows\system32\Drivers\aswb82b0caf977a4f32.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000201240 ____C (AVAST Software) C:\Windows\system32\Drivers\asw63695d28edc095b1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000185072 ____C (AVAST Software) C:\Windows\system32\Drivers\asw91a2e8185d28e424.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000163208 ____C (AVAST Software) C:\Windows\system32\Drivers\aswc9a3c6e2768bdc84.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000111800 ____C (AVAST Software) C:\Windows\system32\Drivers\asw763cb2fa271f35d1.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000087432 ____C (AVAST Software) C:\Windows\system32\Drivers\aswc37bca3127322811.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000059496 ____C (AVAST Software) C:\Windows\system32\Drivers\asw3379bc91b6ed660c.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000046384 ____C (AVAST Software) C:\Windows\system32\Drivers\aswd44b291d55a5d925.tmp
    2018-11-25 00:57 - 2018-11-25 00:56 - 000042288 ____C (AVAST Software) C:\Windows\system32\Drivers\asw eb060339907ceea.tmp
    2018-11-25 00:55 - 2018-11-25 00:57 - 000000000 ___DC C:\ProgramData\AVAST Software
    2018-11-13 22:01 - 2018-11-13 22:20 - 000000000 __HDC C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0