Windows Cannot Find File Error at Startup: Post-Infection, FRST & OTL Reports Provided

Question

Hello,
Recently, I installed various crap and infected the computer. A window pops up at startup. Windows cannot find the file (details in the screenshot). It also adds a report from frst and otl. Can anyone help?

Kolobos · Accepted Answer

Odinstaluj Avast Cleanup.

Wykonaj Fixlist.txt dla FRST:
CloseProcesses:
Task: {BD77DBA0-3A02-45D1-AE65-6BF801265847} - System32\Tasks\hYPwlYRCmhawMCp2 => rundll32 "C:\Program Files (x86)\KTxhztjwU\GNqSgF.dll",#1
Hosts:
() C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe
(CloudBees, Inc.) C:\Users\Julita\AppData\Local\NtvHost\syssvc.exe
(CloudBees, Inc.) C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe
() C:\ProgramData\Microsoft\Windows\EventSvc\work0.exe
HKU\S-1-5-21-194115209-380208880-8735315-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
HKU\S-1-5-21-194115209-380208880-8735315-1001\...\Run: [AvastBrowserAutoLaunch_F23598CB540CEA70FC276E3F2A4142BB] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1704992 2018-09-17] (AVAST Software)
AppInit_DLLs: C:\ProgramData\Voyasollam\Hotin.dll => Brak pliku
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Truelotlam.dll => Brak pliku
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-10-05]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
C:\Users\Julita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctvwdsig.lnk
GroupPolicy: Ograniczenia - Chrome

krzychupar · Answer

Otwórz notatnik systemowy i wklej:

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
Hosts:HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia Brak pliku
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Truelotlam.dll => Brak pliku
GroupPolicy: Ograniczenia - Chrome {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-194115209-380208880-8735315-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-194115209-380208880-8735315-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblocker for Youtube™) - C:\Users\Julita\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjgggkbpddjfaoiiiaidapcccbbphpn [2018-10-03] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx]

over758 · Answer

I did as ordered, unfortunately the same problem still occurs

krzychupar · Answer

Post new FRST logs.

over758 · Answer

Hello,
Thanks kolobos, it helped! the computer started working as it had been working sooner. Due to these viruses, I also had a problem with the video because it started to cut, for example, videos on yt, but it has also disappeared

I have not removed Clean Up, since it is ok, in about 50 days it will crash when the free period ends

(Janusz of business). I'm throwing logs

Kolobos · Answer

Make a new Fixlist.txt for FRST: HKLM \ SYSTEM \ CurrentControlSet \ Services \ 45830DE0C2F3430E

over758 · Answer

Thanks, close

[Solved] Windows Cannot Find File Error at Startup: Post-Infection, FRST & OTL Reports Provided

Post #1

Post #2

Post #3

Post #4

Post #5

Post #6

Post #7

Post #8

Didn't find an answer? Ask Artificial Intelligence

Topic summary