Elektroda.com
Elektroda.com
X
Elektroda.com
Advanced Search
Elektroda.com

[Solved] Windows Cannot Find File Error at Startup: Post-Infection, FRST & OTL Reports Provided

over758 12924 7
This content has been translated flag-pl » flag-en View the original version here.
| New topic
  • #2
    krzychupar
    Level 43  
    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Hosts:HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia Brak pliku
    AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Truelotlam.dll => Brak pliku
    GroupPolicy: Ograniczenia - Chrome {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-194115209-380208880-8735315-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-194115209-380208880-8735315-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR Extension: (Adblocker for Youtube™) - C:\Users\Julita\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjgggkbpddjfaoiiiaidapcccbbphpn [2018-10-03] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx]
  • #3
    over758
    Level 6  
    I did as ordered, unfortunately the same problem still occurs
  • #4
    krzychupar
    Level 43  
    Post new FRST logs.
  • Helpful post
    #5
    Kolobos
    IT specialist
    Odinstaluj Avast Cleanup.

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    Task: {BD77DBA0-3A02-45D1-AE65-6BF801265847} - System32\Tasks\hYPwlYRCmhawMCp2 => rundll32 "C:\Program Files (x86)\KTxhztjwU\GNqSgF.dll",#1
    Hosts:
    () C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe
    (CloudBees, Inc.) C:\Users\Julita\AppData\Local\NtvHost\syssvc.exe
    (CloudBees, Inc.) C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe
    () C:\ProgramData\Microsoft\Windows\EventSvc\work0.exe
    HKU\S-1-5-21-194115209-380208880-8735315-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
    HKU\S-1-5-21-194115209-380208880-8735315-1001\...\Run: [AvastBrowserAutoLaunch_F23598CB540CEA70FC276E3F2A4142BB] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1704992 2018-09-17] (AVAST Software)
    AppInit_DLLs: C:\ProgramData\Voyasollam\Hotin.dll => Brak pliku
    AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Truelotlam.dll => Brak pliku
    IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-10-05]
    ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
    C:\Users\Julita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctvwdsig.lnk
    GroupPolicy: Ograniczenia - Chrome
  • #6
    over758
    Level 6  
    Hello,
    Thanks kolobos, it helped! the computer started working as it had been working sooner. Due to these viruses, I also had a problem with the video because it started to cut, for example, videos on yt, but it has also disappeared ;) I have not removed Clean Up, since it is ok, in about 50 days it will crash when the free period ends :D (Janusz of business). I'm throwing logs
    Attachments:
  • #7
    Kolobos
    IT specialist
    Make a new Fixlist.txt for FRST:
    HKLM \ SYSTEM \ CurrentControlSet \ Services \ 45830DE0C2F3430E
  • #8
    over758
    Level 6  
    Thanks, close ;)
| New topic