troll83 utworzono 17 lutego utworzono 17 lutego Dzień dobry, Przy starcie komputera wyskakuje okno z komunikatem, jak na zdjęciu, Czy da się to usunąć?
troll83 komentarz 17 lutego Autor komentarz 17 lutego Przepraszam, gdzie? Nie jestem biegły w tych tematach.
Anawa komentarz 17 lutego komentarz 17 lutego Dodaj proszę większe zdjęcia. Nic tam niestety nie widać.
Bromidum komentarz 17 lutego komentarz 17 lutego (edytowane) @troll83 1) RogueKiller Anti Malware → https://www.adlice.com/roguekiller/#alt_download Zalecane pobranie wersji przenośnej (portable). Przed uruchomieniem pełnego skanowania należy włączyć w ustawieniach bezsygnaturowy „moduł MaIPE (BETA)”; opcjonalnie „skanuj z pełną wydajnością” (ustawienia → ustawienia skanowania). 2) Podrzuć logi FRST - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/, które wygenerujesz w programie opcją „skanuj”. Powstałe pliki tekstowe "frst.txt" oraz "addition.txt" udostępnij tutaj na forum. Edytowane 17 lutego przez Bromidum 1
troll83 komentarz 18 lutego Autor komentarz 18 lutego Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16.02.2024 Uruchomiony przez Krzysiek (18-02-2024 16:10:15) Uruchomiony z C:\Users\troll\Downloads Microsoft Windows 11 Home Wersja 23H2 22631.3155 (X64) (2024-01-06 11:42:07) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-2437054864-1887629521-834039110-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2437054864-1887629521-834039110-503 - Limited - Disabled) Gast (S-1-5-21-2437054864-1887629521-834039110-501 - Limited - Disabled) Krzysiek (S-1-5-21-2437054864-1887629521-834039110-1001 - Administrator - Enabled) => C:\Users\troll WDAGUtilityAccount (S-1-5-21-2437054864-1887629521-834039110-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Disabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE} FW: ESET Zapora (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D} FW: ESET Zapora (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Adobe Shockwave Player 12.3 (HKLM-x32\...\{4487064C-F31E-4499-A1EF-9B8E809A0358}) (Version: 12.3.5.205 - Adobe, Inc) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation) Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.24.13 - Ashampoo GmbH & Co. KG) Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Commandos 2 HD Remaster (HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\Commandos 2 HD Remaster) (Version: - HOODLUM) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) ESET Security (HKLM\...\{CE7B3B12-4E4F-4ADF-B267-2703AD3AF581}) (Version: 17.0.16.0 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.185 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) HP Color Laser 150 (HKLM-x32\...\HP Color Laser 150) (Version: 1.20 (02.05.2023) - HP Inc.) HP Easy Printer Manager (HKLM-x32\...\HP Easy Printer Manager) (Version: 2.0.1.70 - HP Inc.) Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) MediaHuman YouTube to MP3 Converter 3.9.9.87 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.87 - MediaHuman) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation) Microsoft Office Access MUI (Polish) 2007 (HKLM-x32\...\{90120000-0015-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Excel MUI (Polish) 2007 (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Polish) 2007 (HKLM-x32\...\{90120000-00BA-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2007 (HKLM-x32\...\{90120000-0044-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (HKLM-x32\...\{90120000-00A1-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2007 (HKLM-x32\...\{90120000-001A-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (HKLM-x32\...\{90120000-001F-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (HKLM-x32\...\{90120000-002C-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2007 (HKLM-x32\...\{90120000-0019-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2007 (HKLM\...\{90120000-002A-0415-1000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (HKLM-x32\...\{90120000-006E-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 122.0.1 (x64 pl)) (Version: 122.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 109.0 - Mozilla) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9147.1 - Realtek Semiconductor Corp.) Hidden Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation) WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-14] () Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation) Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2023-01-28] (Dolby Laboratories) ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-02-17] (Sparse Package) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2050.11.228.0_x64__8xx8rvfyw5nnt [2024-02-15] (Meta) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-01-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-01-28] (Microsoft Corporation) [MS Ad] Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-15] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2437054864-1887629521-834039110-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_24ab59b254c10f3d\OptaneShellExt.dll [2021-03-10] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-11-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-11-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_24ab59b254c10f3d\OptaneShellExt.dll [2021-03-10] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-2437054864-1887629521-834039110-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2023-11-26] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2023-11-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2023-11-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2023-11-26] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2437054864-1887629521-834039110-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\troll\Desktop\miki\Zapadoslavia i wschód\zapadosławia.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\Services: ComboCleaner.Guard => 2 MSCONFIG\Services: cplspcon => 2 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: DolbyDAXAPI => 2 MSCONFIG\Services: efwd => 2 MSCONFIG\Services: esifsvc => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iaStorAfsService => 3 MSCONFIG\Services: igccservice => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: ImControllerService => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: IntelAudioService => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: RstMwService => 2 MSCONFIG\Services: RtkAudioUniversalService => 2 MSCONFIG\Services: UDCService => 2 MSCONFIG\Services: WMIRegistrationService => 2 HKLM\...\StartupApproved\Run: => "Combo Cleaner" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8F023E70D28BA1CAA80CE9077FCF230D" HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{7C32BE43-9A03-4911-AE00-0598797B7EA6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{268300D5-F6A7-4600-BB67-CB21CF1CF859}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{E9B1A06B-2880-4479-A3E7-294709A34C75}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{B4B29D95-20DB-463A-B1FD-956B7F2A074E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{5A4E6E6A-912F-4031-8B0B-F2E3355739D7}] => (Allow) C:\Program Files (x86)\HP\Easy Printer Manager\CDArecovery.exe () [Brak podpisu cyfrowego] FirewallRules: [{6201937F-68B0-47ED-B643-F49DA7139A3D}] => (Allow) C:\Program Files (x86)\HP\Easy Printer Manager\EPM2Migrator.exe () [Brak podpisu cyfrowego] FirewallRules: [{186CD15B-FFE3-41AE-A910-7AF2E1B81FD9}] => (Allow) C:\Program Files (x86)\HP\Easy Printer Manager\EPM2AlertList.exe (HP) [Brak podpisu cyfrowego] FirewallRules: [{5865AF18-0229-4326-94C9-0AF470D9E8B6}] => (Allow) C:\Program Files (x86)\HP\Easy Printer Manager\OrderSupplies.exe (HP) [Brak podpisu cyfrowego] FirewallRules: [{CCB75EE4-3139-4404-BF43-B657136FB540}] => (Allow) C:\Program Files (x86)\HP\Easy Printer Manager\EasyPrinterManagerV2.exe (HP) [Brak podpisu cyfrowego] FirewallRules: [{6DC0122A-009A-4071-A1BC-1AAA878C8BF9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{D4983FAE-67BD-4040-B733-27889A21D451}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{99A141E2-0BB3-4918-9F2D-47F377A913A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C0AC3009-AAB8-49DE-8712-8DA88DAB7568}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{31EAE6B1-DAEC-4703-B4E0-104E0D6BC4FE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EDA8453D-74D1-4F49-9CD0-C41B2FE8B998}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6FA643DD-9F77-4A6E-BDA7-9E30BA36B356}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2E61F1D1-47A5-4090-B0B6-3A39BDB211F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B173C9A2-8B5B-44CE-B611-D6F4811B80BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{929B57F0-D46E-4E8F-9277-DCEB342389D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B821957F-70B6-48E5-837F-66608B5C4B22}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{54B68CD9-645F-4B1D-BA46-1D170B739932}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 06-02-2024 21:59:58 Windows Update 11-02-2024 21:07:03 Windows Update 14-02-2024 21:42:03 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/17/2024 09:45:17 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (02/17/2024 01:39:19 PM) (Source: SecurityCenter) (EventID: 19) (User: ) Description: Usługa Centrum zabezpieczeń Windows nie mogła załadować wystąpień programu AntiVirusProduct z magazynu danych. Error: (02/17/2024 01:39:19 PM) (Source: SecurityCenter) (EventID: 18) (User: ) Description: Usługa Centrum zabezpieczeń Windows nie mogła załadować wystąpień programu FirewallProduct z magazynu danych. Error: (02/16/2024 09:45:17 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (02/15/2024 09:45:17 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (02/15/2024 06:30:34 PM) (Source: SecurityCenter) (EventID: 19) (User: ) Description: Usługa Centrum zabezpieczeń Windows nie mogła załadować wystąpień programu AntiVirusProduct z magazynu danych. Error: (02/15/2024 06:30:34 PM) (Source: SecurityCenter) (EventID: 18) (User: ) Description: Usługa Centrum zabezpieczeń Windows nie mogła załadować wystąpień programu FirewallProduct z magazynu danych. Error: (02/14/2024 09:45:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Dziennik System: ============= Error: (02/18/2024 01:44:38 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Miniport: Microsoft Wi-Fi Direct Virtual Adapter #4, {f5695ba9-7369-45a9-810a-717a97d1e57a}, zdarzenie: 74 Error: (02/17/2024 09:02:02 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Miniport: Microsoft Wi-Fi Direct Virtual Adapter #4, {f5695ba9-7369-45a9-810a-717a97d1e57a}, zdarzenie: 74 Error: (02/17/2024 07:07:40 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Miniport: Microsoft Wi-Fi Direct Virtual Adapter #4, {f5695ba9-7369-45a9-810a-717a97d1e57a}, zdarzenie: 74 Error: (02/17/2024 03:13:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa GoogleUpdater InternalService 123.0.6288.0 (GoogleUpdaterInternalService123.0.6288.0) zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%45 Error: (02/17/2024 03:13:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa GoogleUpdater Service 123.0.6288.0 (GoogleUpdaterService123.0.6288.0) zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%45 Error: (02/17/2024 03:13:01 PM) (Source: DCOM) (EventID: 10010) (User: KOMPUTER-DOM) Description: Serwer {69B7FE84-6361-4423-B948-1D64820B1E96} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/17/2024 03:09:07 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/17/2024 01:39:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. CodeIntegrity: =============== Date: 2024-02-18 15:45:22 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2024-02-18 14:45:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: LENOVO O5AKT22A 04/22/2021 Płyta główna: LENOVO 3749 Procesor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz Procent pamięci w użyciu: 33% Całkowita pamięć fizyczna: 16159.36 MB Dostępna pamięć fizyczna: 10703.83 MB Całkowita pamięć wirtualna: 18591.36 MB Dostępna pamięć wirtualna: 12896.71 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:475.49 GB) (Free:387.38 GB) (Model: NVMe WDC PC SN530 SDBPMPZ-512G-1001) NTFS \\?\Volume{f73b1701-9836-4dfb-acb4-eedac1448b07}\ () (Fixed) (Total:1.18 GB) (Free:0.06 GB) NTFS \\?\Volume{d560847b-feb2-40bb-ae20-62e97dcee4b9}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: EDCDC39D) Partition: GPT. ==================== Koniec Addition.txt =======================
Bromidum komentarz 18 lutego komentarz 18 lutego Załącz FRST.txt i Addition.txt jako załącznik tutaj na forum. Będzie czytelniej. 1
Ten post jest popularny. Bromidum komentarz 18 lutego Ten post jest popularny. komentarz 18 lutego (edytowane) @troll83 1) Odinstaluj: - Adobe Shockwave Player, Java 8 Update 251, Microsoft Silverlight - Combo Cleaner (adware, jeśli już program do czyszczenia to BleachBit) - DAEMON Tools Lite (opcjonalnie, Win 10/11 ma funkcję montowania obrazów) 2) Uruchom FRST/FRST64.exe, wciśnij kombinację klawiszy ctrl + y. Otworzy się notatnik, do którego wklej zawartość skryptu. Zamknij i zapisz. W FRST kliknij „napraw” → CloseProcesses: CreateRestorePoint: GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\Run: [ProductAuthenticationService] => C:\Users\troll\AppData\Roaming\ProductAuthenticationService\pas.exe [1003024 2023-03-16] (DVJ LIMITED -> DVJ LIMITED) <==== UWAGA Task: {2956EB5A-A81D-4DBF-AD21-58B39E1DB7B8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{6A632754-AF70-4162-9E04-D0990C46C58A} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== UWAGA S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== UWAGA S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== UWAGA U4 Sense; Brak ImagePath S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] HKLM\...\Run: [Combo Cleaner] => C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe [2024064 2021-11-05] (RCS LT, UAB -> RCS LT) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\Run: [MicrosoftEdgeAutoLaunch_8F023E70D28BA1CAA80CE9077FCF230D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2437054864-1887629521-834039110-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-11-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Task: {CB0362E2-DC9E-4269-8311-A2BAAA8CD112} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {F564E7C6-BD1A-4677-B23F-7908C3903B91} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (Brak pliku) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Brak pliku) Task: {E5DC7FD6-74E1-43F2-821A-4B784974FD91} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Brak pliku) Task: {E04E79E4-9151-48E1-8D97-E2D3B38F2EAD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Brak pliku) Task: {7D500A73-0422-46A8-B804-3EFD0389B368} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Brak pliku) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) Task: {251B60A9-4029-4EF5-8EED-D1B26DCCF2B7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {FA7580E8-D3D1-4075-B9C4-C0BCFD24CA01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-06] (Mozilla Corporation -> Mozilla Foundation) Task: {EB097344-4802-4DB0-9D64-9F1D5F7204D5} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2437054864-1887629521-834039110-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {286918EC-55C5-4631-9816-81029F93B41C} - System32\Tasks\Window Update => C:\Users\troll\AppData\Local\Updates\Run.vbs (Brak pliku) Task: {E9D097B0-0176-49F9-B530-E814FA16FA34} - System32\Tasks\Windows Service Task => C:\Users\troll\AppData\Local\Updates\WindowsService.exe (Brak pliku) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3bd2963b-3753-460c-ba6c-d759fce049a9}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3bd2963b-3753-460c-ba6c-d759fce049a9}\05C414950296E6475627E6564702537484A7F514442343: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3bd2963b-3753-460c-ba6c-d759fce049a9}\05C41495F53577961647C6F677F646F564647324F55374: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3bd2963b-3753-460c-ba6c-d759fce049a9}\8405D23556475707C32403E3C41637562702135303E677: [DhcpDomain] DOMAIN Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku 2024-01-19 12:05 - 2024-01-19 12:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe C:\Users\troll\AppData\Roaming\ProductAuthenticationService\pas.exe C:\Program Files (x86)\Google\GoogleUpdater C:\Program Files\McAfee EmptyEventLogs: CMD: DISM.exe /Online /Cleanup-image /Restorehealth CMD: sfc /scannow EmptyTemp: Plik naprawczy przeznaczony jest tylko dla autora wątku! Po wykonaniu skryptu i ponownym uruchomieniu załącz utworzony fixlog.txt 3) Wykonałeś skan RogueKiller? Odnalazł jakieś zagrożenie? Edytowane 18 lutego przez Bromidum 1 1
troll83 komentarz 18 lutego Autor komentarz 18 lutego Usunięcie Daemon toolsa jest konieczne? Nie uruchomię Comandosów jak go wywalę.
troll83 komentarz 18 lutego Autor komentarz 18 lutego zrobiłem skan w RogueKiller. Co i jak przesłać?
Bromidum komentarz 18 lutego komentarz 18 lutego Fixlog.txt jako załącznik na forum RogueKiller wystarczy zrzut ekranu (screen). 1
troll83 komentarz 18 lutego Autor komentarz 18 lutego plik fixlog Fixlog.txt Jak zrestartowałem kompa, to już nie było tego komunikatu, więc chyba się udało. zrzut z tego na R
Bromidum komentarz 18 lutego komentarz 18 lutego (edytowane) Mogłeś pokazać bezpośrednio wykrycia w RK. To wszystko. Temat można zamknąć. By usunąć wszystkie pliki/foldery utworzone przez FRST oraz narzędzie jako takie, zmień nazwę pliku FRST/FRST64.exe na uninstall.exe i uruchom ten plik. Procedura wymaga ponownego uruchomienia urządzenia. Edytowane 18 lutego przez Bromidum 1
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.