Witam.
Mam problem ponieważ chodzi o to że antywirusy (żadne) nie działają. Podczas instalacji pojawia się okienko z cmd… po instalacji przy próbie uruchomienia także się pojawia a sam antywirus się nie uruchamia… Nawet windows defender nie działa.
Niżej macie 2 pliki ze skanu FRST.
Otwórz notatnik systemowy i wklej:
CloseProcesses:
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2
AlternateDataStreams: C:\Users\Rysiagg\Dane aplikacji:NT
AlternateDataStreams: C:\Users\Rysiagg\Dane aplikacji:NT2
AlternateDataStreams: C:\Users\Rysiagg\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Rysiagg\AppData\Roaming:NT2
IFEO\AvastSvc.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\AvastUI.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avcenter.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avconfig.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgidsagent.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgnt.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgrsx.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avguard.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgui.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avp.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\avscan.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\bdagent.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\blindman.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\ccuac.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\ComboFix.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\egui.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\hijackthis.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\instup.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\keyscrambler.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\mbam.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\mbamgui.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\mbampt.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\mbamservice.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\MSASCui.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\MsMpEng.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\msseces.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\rstrui.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\SDFiles.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\SDMain.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\SDWinSec.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\spybotsd.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\wireshark.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
IFEO\zlclient.exe: [Debugger] C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
Startup: C:\Users\Rysiagg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeme.vbs [2015-08-19] ()
ShellIconOverlayIdentifiers: [AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => Brak pliku
ShellIconOverlayIdentifiers: [AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => Brak pliku
ShellIconOverlayIdentifiers: [AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => Brak pliku
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Brak nazwy -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Brak pliku
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 MBAMSwissArmy; \\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 vm332avs; System32\Drivers\vm332avs.sys [X]
2015-08-20 13:50 - 2015-08-20 13:50 - 00003158 _____ C:\Windows\System32\Tasks\{B0E61778-24B2-4C3D-8284-1AD05F8F03EA}
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Otwórz notatnik systemowy i wklej:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO-x32: Brak nazwy - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Brak pliku
CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx
2015-08-30 03:55 - 2015-08-30 03:56 - 00000000 ____ D C:\AdwCleaner
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Odinstaluj Chrome zaznaczając usunięcie danych przeglądania.