Pomoc-logi
#1
Witajcie po niezwykle długiej przerwie, proszę o sprawdzenie logów,ponieważ coś mi tu nie gra... a może jestem przewrażliwiony


Załączone pliki
.txt   Addition.txt (Rozmiar: 40,23 KB / Pobrań: 2)
.txt   FRST.txt (Rozmiar: 85,22 KB / Pobrań: 1)

Odpowiedz
#2
No chyba za dużo programów antywirusowych było w tym systemie. Nadmiar może doprowadzić do nieoczekiwanych konsekwencji (zostały niepoprawnie odinstalowane).

Użyj najpierw dych deinstalatorów:
https://www.avast.com/pl-pl/uninstall-utility
https://www.avg.com/pl-pl/avg-remover

Uruchom FRST. Z klawiatury CTRL+Y, zostanie otworzony plik fixlist.txt. Wklej do pliku następującą treść:

Kod:
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader] => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader_upd] => C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Ant Download Manager BHO -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
BHO-x32: Brak nazwy -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO-x32: Brak nazwy -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Brak pliku
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  Brak pliku
CHR StartupUrls: Default -> "","hxxps://www.google.pl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.google.pl/","hxxps://www.google.com/","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.google.pl/search?source=hp&ei=vOHxWtqWIIS6kwXXkbGICA&btnG=Szukaj&q={searchTerms}&oq=radeon+hd+7670m+g&gs_l=psy-ab.1.2.0i19k1l2j0i22i30i19k1l8.3284.47660.0.51235.27.21.6.0.0.0.185.1646.19j2.21.0....0...1.1.64.psy-ab..0.27.1680...0j0i131k1j0i13k1j0i22i30k1.0.wZVIgz_-KEs
FF DefaultProfile: tpnr0vue.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\cbl6evg5.dev-edition-default [2018-10-09]
FF ProfilePath: C:\Users\user\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\tpnr0vue.default [2018-06-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2017-05-08]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-10-05] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - <Brak Path/update_url>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <Brak Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
HKLM\SYSTEM\CurrentControlSet\Services\avgSP
HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt
HKLM\SYSTEM\CurrentControlSet\Services\avgSnx
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [54888 2018-03-16] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\DRIVERS\tap0901cn.sys [36224 2018-03-20] (The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [35696 2018-04-09] (The OpenVPN Project)
R4 apmwin; system32\DRIVERS\apmwin.sys [X]
R2 HfsplusRec; system32\DRIVERS\hfsplusrec.sys [X]
S2 memudrv; \??\C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X]
C:\Windows\system32\Drivers\aswd41f66544d0d1d2c.tmp
C:\Windows\system32\Drivers\aswf290dfa4f85f03eb.tmp
C:\Windows\system32\Drivers\aswf92b82cfb751fc3b.tmp
C:\Windows\system32\Drivers\asw68327e3e3033149c.tmp
C:\Windows\system32\Drivers\asw4f6d5e8265949143.tmp
C:\Windows\system32\Drivers\asw f2fcf97d51d0f0b.tmp
C:\Windows\system32\Drivers\aswc1e3b330c8c6ae5f.tmp
C:\Windows\system32\Drivers\asw7057a6507913fb99.tmp
C:\Windows\system32\Drivers\asw 282d4efb980fcb5.tmp
C:\Windows\system32\Drivers\asw30684b847bb18f3e.tmp
C:\Windows\system32\Drivers\aswa200dfa4a85daccb.tmp
C:\Windows\system32\Drivers\aswa569f644df7052a1.tmp
C:\Windows\system32\Drivers\asw184ade843be8110b.tmp
C:\Windows\system32\Drivers\asw930d40a885eaa958.tmp
C:\Windows\system32\Drivers\asw a3840de0e0a00fe.tmp
C:\Users\user\AppData\Local\TempCheckUpdate
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd
C:\Users\user\AppData\Roaming\YoutubeDownloader
C:\Users\user\AppData\Local\ExpressVPN
C:\Users\user\AppData\Local\F-Secure
C:\Windows\system32\Drivers\fsfreedometap.sys
C:\Users\user\AppData\Roaming\Panda Security
C:\Program Files (x86)\AVG
C:\Users\user\AppData\Roaming\AVG
C:\Users\user\AppData\Local\AVG
C:\Program Files\Common Files\AVG
C:\ProgramData\AVG
C:\Program Files\AVG
C:\ProgramData\AVAST Software
C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
Task: {1BBEB0F3-D816-4F3A-B43E-3392735A704E} - \user -> Brak pliku <==== UWAGA
Task: {45568FDE-69C8-4B4B-8FAC-8D2810D10E37} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {5FD354D6-2FAF-49BB-8422-C1CF5BEC88D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {6198F37E-11C7-4E27-9391-F01A66E793E9} - Brak sciezki do pliku
Task: {641B8E3F-7F54-4B29-9E80-E4331C70D794} - System32\Tasks\{8CA3A438-38F4-4407-86F0-D47126AAA82C} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Desktop\FacebookGameroom.exe -d C:\Users\user\AppData\Roaming\IDM
Task: {673E6037-3635-44CC-AC37-52CC48CF43B0} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {70EE4AFB-729C-400A-B292-A52924FD0C88} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-18] (AVG Technologies CZ, s.r.o.)
Task: {803AF0D9-E783-490F-B0D4-60CECFA920AF} - System32\Tasks\YoutubeDownloader => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [2018-08-01] (Python Software Foundation) <==== UWAGA
Task: {B99AED09-ACF4-4CBF-89DF-8FE42D06F7B6} - Brak sciezki do pliku
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
RemoveDirectory: C:\AdwCleaner
C:\ProgramData\*.bdinstall.bin
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:

Z klawiatury CTRL+S, by zapisać zmiany. Następnie w oknie FRST klik w Napraw (Fix). Czekaj cierpliwie, nie przerywaj działania. Gdy Fix ukończy pracę, nastąpi restart systemu. W tym samym katalogu skąd uruchamiano FRST powstanie plik fixlog.txt przedstaw go.

Zrób nowe logi i przedstaw z FRST.txt > Addition.txt > Shortcut.txt
Odpowiedz
#3

.txt   Fixlog.txt (Rozmiar: 25,17 KB / Pobrań: 0)

.txt   Fixlog.txt (Rozmiar: 25,17 KB / Pobrań: 0)
.txt   Fixlog.txt (Rozmiar: 25,17 KB / Pobrań: 0)
(11.10.2018, 19:31)tachion napisał(a): No chyba za dużo programów antywirusowych było w tym systemie. Nadmiar może doprowadzić do nieoczekiwanych konsekwencji (zostały niepoprawnie odinstalowane).

Użyj najpierw dych deinstalatorów:
https://www.avast.com/pl-pl/uninstall-utility
https://www.avg.com/pl-pl/avg-remover

Uruchom FRST. Z klawiatury CTRL+Y, zostanie otworzony plik fixlist.txt. Wklej do pliku następującą treść:

Kod:
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader] => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader_upd] => C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Ant Download Manager BHO -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
BHO-x32: Brak nazwy -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO-x32: Brak nazwy -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Brak pliku
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  Brak pliku
CHR StartupUrls: Default -> "","hxxps://www.google.pl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.google.pl/","hxxps://www.google.com/","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.google.pl/search?source=hp&ei=vOHxWtqWIIS6kwXXkbGICA&btnG=Szukaj&q={searchTerms}&oq=radeon+hd+7670m+g&gs_l=psy-ab.1.2.0i19k1l2j0i22i30i19k1l8.3284.47660.0.51235.27.21.6.0.0.0.185.1646.19j2.21.0....0...1.1.64.psy-ab..0.27.1680...0j0i131k1j0i13k1j0i22i30k1.0.wZVIgz_-KEs
FF DefaultProfile: tpnr0vue.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\cbl6evg5.dev-edition-default [2018-10-09]
FF ProfilePath: C:\Users\user\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\tpnr0vue.default [2018-06-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2017-05-08]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-10-05] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - <Brak Path/update_url>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <Brak Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
HKLM\SYSTEM\CurrentControlSet\Services\avgSP
HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt
HKLM\SYSTEM\CurrentControlSet\Services\avgSnx
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [54888 2018-03-16] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\DRIVERS\tap0901cn.sys [36224 2018-03-20] (The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [35696 2018-04-09] (The OpenVPN Project)
R4 apmwin; system32\DRIVERS\apmwin.sys [X]
R2 HfsplusRec; system32\DRIVERS\hfsplusrec.sys [X]
S2 memudrv; \??\C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X]
C:\Windows\system32\Drivers\aswd41f66544d0d1d2c.tmp
C:\Windows\system32\Drivers\aswf290dfa4f85f03eb.tmp
C:\Windows\system32\Drivers\aswf92b82cfb751fc3b.tmp
C:\Windows\system32\Drivers\asw68327e3e3033149c.tmp
C:\Windows\system32\Drivers\asw4f6d5e8265949143.tmp
C:\Windows\system32\Drivers\asw f2fcf97d51d0f0b.tmp
C:\Windows\system32\Drivers\aswc1e3b330c8c6ae5f.tmp
C:\Windows\system32\Drivers\asw7057a6507913fb99.tmp
C:\Windows\system32\Drivers\asw 282d4efb980fcb5.tmp
C:\Windows\system32\Drivers\asw30684b847bb18f3e.tmp
C:\Windows\system32\Drivers\aswa200dfa4a85daccb.tmp
C:\Windows\system32\Drivers\aswa569f644df7052a1.tmp
C:\Windows\system32\Drivers\asw184ade843be8110b.tmp
C:\Windows\system32\Drivers\asw930d40a885eaa958.tmp
C:\Windows\system32\Drivers\asw a3840de0e0a00fe.tmp
C:\Users\user\AppData\Local\TempCheckUpdate
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd
C:\Users\user\AppData\Roaming\YoutubeDownloader
C:\Users\user\AppData\Local\ExpressVPN
C:\Users\user\AppData\Local\F-Secure
C:\Windows\system32\Drivers\fsfreedometap.sys
C:\Users\user\AppData\Roaming\Panda Security
C:\Program Files (x86)\AVG
C:\Users\user\AppData\Roaming\AVG
C:\Users\user\AppData\Local\AVG
C:\Program Files\Common Files\AVG
C:\ProgramData\AVG
C:\Program Files\AVG
C:\ProgramData\AVAST Software
C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
Task: {1BBEB0F3-D816-4F3A-B43E-3392735A704E} - \user -> Brak pliku <==== UWAGA
Task: {45568FDE-69C8-4B4B-8FAC-8D2810D10E37} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {5FD354D6-2FAF-49BB-8422-C1CF5BEC88D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {6198F37E-11C7-4E27-9391-F01A66E793E9} - Brak sciezki do pliku
Task: {641B8E3F-7F54-4B29-9E80-E4331C70D794} - System32\Tasks\{8CA3A438-38F4-4407-86F0-D47126AAA82C} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Desktop\FacebookGameroom.exe -d C:\Users\user\AppData\Roaming\IDM
Task: {673E6037-3635-44CC-AC37-52CC48CF43B0} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {70EE4AFB-729C-400A-B292-A52924FD0C88} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-18] (AVG Technologies CZ, s.r.o.)
Task: {803AF0D9-E783-490F-B0D4-60CECFA920AF} - System32\Tasks\YoutubeDownloader => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [2018-08-01] (Python Software Foundation) <==== UWAGA
Task: {B99AED09-ACF4-4CBF-89DF-8FE42D06F7B6} - Brak sciezki do pliku
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
RemoveDirectory: C:\AdwCleaner
C:\ProgramData\*.bdinstall.bin
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:

Z klawiatury CTRL+S, by zapisać zmiany. Następnie w oknie FRST klik w Napraw (Fix). Czekaj cierpliwie, nie przerywaj działania. Gdy Fix ukończy pracę, nastąpi restart systemu. W tym samym katalogu skąd uruchamiano FRST powstanie plik fixlog.txt przedstaw go.

Zrób nowe logi i przedstaw z FRST.txt > Addition.txt > Shortcut.txt

(12.10.2018, 14:05)Arkovianin napisał(a):
(11.10.2018, 19:31)tachion napisał(a): No chyba za dużo programów antywirusowych było w tym systemie. Nadmiar może doprowadzić do nieoczekiwanych konsekwencji (zostały niepoprawnie odinstalowane).

Użyj najpierw dych deinstalatorów:
https://www.avast.com/pl-pl/uninstall-utility
https://www.avg.com/pl-pl/avg-remover

Uruchom FRST. Z klawiatury CTRL+Y, zostanie otworzony plik fixlist.txt. Wklej do pliku następującą treść:

Kod:
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader] => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKU\S-1-5-21-2482533948-148477843-1070189167-1001\...\Run: [YoutubeDownloader_upd] => C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Ant Download Manager BHO -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
BHO-x32: Brak nazwy -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> Brak pliku
BHO-x32: Brak nazwy -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Brak pliku
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
Toolbar: HKU\S-1-5-21-2482533948-148477843-1070189167-1001 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Brak pliku
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  Brak pliku
CHR StartupUrls: Default -> "","hxxps://www.google.pl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.google.pl/","hxxps://www.google.com/","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.google.pl/search?source=hp&ei=vOHxWtqWIIS6kwXXkbGICA&btnG=Szukaj&q={searchTerms}&oq=radeon+hd+7670m+g&gs_l=psy-ab.1.2.0i19k1l2j0i22i30i19k1l8.3284.47660.0.51235.27.21.6.0.0.0.185.1646.19j2.21.0....0...1.1.64.psy-ab..0.27.1680...0j0i131k1j0i13k1j0i22i30k1.0.wZVIgz_-KEs
FF DefaultProfile: tpnr0vue.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\cbl6evg5.dev-edition-default [2018-10-09]
FF ProfilePath: C:\Users\user\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\tpnr0vue.default [2018-06-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2017-05-08]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-10-05] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - <Brak Path/update_url>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <Brak Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
HKLM\SYSTEM\CurrentControlSet\Services\avgSP
HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt
HKLM\SYSTEM\CurrentControlSet\Services\avgSnx
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [X]
S2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [X]
S3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [54888 2018-03-16] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\DRIVERS\tap0901cn.sys [36224 2018-03-20] (The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [35696 2018-04-09] (The OpenVPN Project)
R4 apmwin; system32\DRIVERS\apmwin.sys [X]
R2 HfsplusRec; system32\DRIVERS\hfsplusrec.sys [X]
S2 memudrv; \??\C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X]
C:\Windows\system32\Drivers\aswd41f66544d0d1d2c.tmp
C:\Windows\system32\Drivers\aswf290dfa4f85f03eb.tmp
C:\Windows\system32\Drivers\aswf92b82cfb751fc3b.tmp
C:\Windows\system32\Drivers\asw68327e3e3033149c.tmp
C:\Windows\system32\Drivers\asw4f6d5e8265949143.tmp
C:\Windows\system32\Drivers\asw f2fcf97d51d0f0b.tmp
C:\Windows\system32\Drivers\aswc1e3b330c8c6ae5f.tmp
C:\Windows\system32\Drivers\asw7057a6507913fb99.tmp
C:\Windows\system32\Drivers\asw 282d4efb980fcb5.tmp
C:\Windows\system32\Drivers\asw30684b847bb18f3e.tmp
C:\Windows\system32\Drivers\aswa200dfa4a85daccb.tmp
C:\Windows\system32\Drivers\aswa569f644df7052a1.tmp
C:\Windows\system32\Drivers\asw184ade843be8110b.tmp
C:\Windows\system32\Drivers\asw930d40a885eaa958.tmp
C:\Windows\system32\Drivers\asw a3840de0e0a00fe.tmp
C:\Users\user\AppData\Local\TempCheckUpdate
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd
C:\Users\user\AppData\Roaming\YoutubeDownloader
C:\Users\user\AppData\Local\ExpressVPN
C:\Users\user\AppData\Local\F-Secure
C:\Windows\system32\Drivers\fsfreedometap.sys
C:\Users\user\AppData\Roaming\Panda Security
C:\Program Files (x86)\AVG
C:\Users\user\AppData\Roaming\AVG
C:\Users\user\AppData\Local\AVG
C:\Program Files\Common Files\AVG
C:\ProgramData\AVG
C:\Program Files\AVG
C:\ProgramData\AVAST Software
C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe
C:\Users\user\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
Task: {1BBEB0F3-D816-4F3A-B43E-3392735A704E} - \user -> Brak pliku <==== UWAGA
Task: {45568FDE-69C8-4B4B-8FAC-8D2810D10E37} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {5FD354D6-2FAF-49BB-8422-C1CF5BEC88D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {6198F37E-11C7-4E27-9391-F01A66E793E9} - Brak sciezki do pliku
Task: {641B8E3F-7F54-4B29-9E80-E4331C70D794} - System32\Tasks\{8CA3A438-38F4-4407-86F0-D47126AAA82C} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Desktop\FacebookGameroom.exe -d C:\Users\user\AppData\Roaming\IDM
Task: {673E6037-3635-44CC-AC37-52CC48CF43B0} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {70EE4AFB-729C-400A-B292-A52924FD0C88} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-18] (AVG Technologies CZ, s.r.o.)
Task: {803AF0D9-E783-490F-B0D4-60CECFA920AF} - System32\Tasks\YoutubeDownloader => C:\Users\user\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [2018-08-01] (Python Software Foundation) <==== UWAGA
Task: {B99AED09-ACF4-4CBF-89DF-8FE42D06F7B6} - Brak sciezki do pliku
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
RemoveDirectory: C:\AdwCleaner
C:\ProgramData\*.bdinstall.bin
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:

Z klawiatury CTRL+S, by zapisać zmiany. Następnie w oknie FRST klik w Napraw (Fix). Czekaj cierpliwie, nie przerywaj działania. Gdy Fix ukończy pracę, nastąpi restart systemu. W tym samym katalogu skąd uruchamiano FRST powstanie plik fixlog.txt przedstaw go.

Zrób nowe logi i przedstaw z FRST.txt > Addition.txt > Shortcut.txt


Załączone pliki
.txt   FRST.txt (Rozmiar: 71,58 KB / Pobrań: 1)
.txt   Addition.txt (Rozmiar: 38,12 KB / Pobrań: 1)
.txt   Fixlog.txt (Rozmiar: 25,17 KB / Pobrań: 1)

Odpowiedz




Użytkownicy przeglądający ten wątek: 1 gości