wklejto.pl

Dodane przez: ~Anonim (2020-09-08 15:49) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 06-09-2020
Uruchomiony przez OEM1 (08-09-2020 17:31:14) Run:1
Uruchomiony z C:\Users\OEM1\Desktop\FRST
Załadowane profile: OEM1
Tryb startu: Normal
==============================================
 
fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [kissq] => C:\Users\OEM1\AppData\Local\Temp\kissq.exe************* <==== UWAGA
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\Run: [oiawmlye] => "C:\Users\OEM1\smmdoxoq.exe"
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\Policies\Explorer: [] 
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\MountPoints2: {4d724360-7245-11e5-beb3-0c8bfdc58e3c} - "E:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4625184 2020-08-12] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {169008FB-DB4B-4B28-83D4-25900121FBDF} - \Microsoft\Windows\Setup\EOSNotify -> Brak pliku <==== UWAGA
Tcpip\..\Interfaces\{053dd367-583b-473b-8db6-c5d315ff98cd}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{06fcaafb-4feb-4474-aa3e-01e30efd1d78}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{424d92ab-05ec-48e9-9965-3c1850745972}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{70781391-7A33-45D7-AE83-C4463FBA7033}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8233300d-9300-420c-a06e-bfe36bf52359}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C422DD51-B4DD-46E5-A97F-57367085D184}: [DhcpNameServer] 192.168.0.1
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-09-07 06:14:47&bName=
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> DefaultScope {FCC97E89-460F-4C53-B3A9-98C0F26E5419} URL = 
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002 -> {FCC97E89-460F-4C53-B3A9-98C0F26E5419} URL = 
FF NewTab: Mozilla\Firefox\Profiles\ivzczqft.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-09-07 06:14:47&bName=
FF Session Restore: Mozilla\Firefox\Profiles\ivzczqft.default -> [funkcja włączona]
FF NewTabOverride: Mozilla\Firefox\Profiles\ivzczqft.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\ivzczqft.default -> Enabled: allegro-pl@search.mozilla.org
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono
S2 Main Service; C:\Program Files (x86)\MachinerData\AudioShellApp.exe 1 [X]
R1 4A08219E0C44; C:\WINDOWS\4A08219E0C44.sys [25368 2020-09-07] (大连纵梦网络科技有限公司 -> FsFilter Network) [Brak podpisu cyfrowego]
2020-09-07 08:15 - 2020-09-07 08:15 - 000025368 _____ (FsFilter Network) C:\WINDOWS\4A08219E0C44.sys
2020-03-10 13:59 - 2020-03-10 13:59 - 000014073 _____ () C:\Users\OEM1\AppData\Roaming\asfvcxds.exe
2017-12-08 16:55 - 2017-12-08 16:55 - 000000000 _____ () C:\Users\OEM1\AppData\Roaming\gdfw.log
2017-12-08 16:55 - 2018-12-11 10:07 - 000001558 _____ () C:\Users\OEM1\AppData\Roaming\gdscan.log
2020-04-16 22:01 - 2020-09-07 08:20 - 000000000 _____ () C:\Users\OEM1\AppData\Roaming\javvtbb
2020-09-07 08:14 - 2020-09-07 08:14 - 008620544 _____ () C:\Users\OEM1\AppData\Local\agent.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000043520 _____ () C:\Users\OEM1\AppData\Local\ApplicationHosting.dat
2020-09-07 08:15 - 2020-09-07 08:15 - 000000561 _____ () C:\Users\OEM1\AppData\Local\bowsakkdestx.txt
2020-09-07 08:14 - 2020-09-07 08:14 - 000071712 _____ () C:\Users\OEM1\AppData\Local\Config.xml
2020-09-07 08:14 - 2020-09-07 08:14 - 000016464 _____ () C:\Users\OEM1\AppData\Local\InstallationConfiguration.xml
2020-09-07 08:14 - 2020-09-07 08:14 - 000141312 _____ () C:\Users\OEM1\AppData\Local\installer.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000126464 _____ () C:\Users\OEM1\AppData\Local\lobby.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 000018432 _____ () C:\Users\OEM1\AppData\Local\Main.dat
2020-09-07 08:14 - 2020-09-07 08:14 - 001134592 _____ () C:\Users\OEM1\AppData\Local\Saonix.exe
2020-09-07 08:14 - 2020-09-07 08:14 - 000068019 _____ () C:\Users\OEM1\AppData\Local\Saonix.tst
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Brak pliku
CustomCLSID: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll => Brak pliku
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
2020-09-07 12:44 - 2020-09-07 12:44 - 002298368 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\0e49e848-9f00-42f0-91ce-897d9d1184dc.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 002298368 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\3bf82f6f-9c67-45cd-bbb9-5986d7753866.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\627c1387-091c-447f-a06d-3e8596f17ac9.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\68aaa1e1-1e5a-41ac-ac2a-06a5e2007f3d.tmp.node
2020-09-07 12:44 - 2020-09-07 12:44 - 000500224 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\OEM1\AppData\Local\Temp\d0da85d2-0cff-473a-ba5f-e523749e67fa.tmp.node
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKLM\...\.scr: Icad.load.scr =>  <==== UWAGA
IE trusted site: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{C9D8AEE4-52D7-4672-AF0B-662346C601C1}] => (Allow) C:\Ross-Tech\VCDS-AKP\VCDS.EXE => Brak pliku
FirewallRules: [{0480E3D6-B594-4355-9490-A77C20F812C6}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe => Brak pliku
FirewallRules: [{B897925E-3B26-4DCD-9403-1E5E3EC77EBD}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe => Brak pliku
FirewallRules: [{7C6E8566-8FB2-401C-89B3-B93DD152A6CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Brak pliku
FirewallRules: [{657AA8A7-8182-459A-8C88-8E5249CB23CE}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => Brak pliku
FirewallRules: [{CE4B961D-2EE6-4074-BF31-685639C193AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku
FirewallRules: [{ED589E69-03EC-4D01-99AA-25F83B08465A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku
FirewallRules: [{0632209F-13AA-4F63-8769-3A8C558CC8BE}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD 2018\XXX => Brak pliku
FirewallRules: [{307C0465-B62E-498C-B2A4-BA199C6012B6}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD 2018\XXX => Brak pliku
FirewallRules: [{487A371D-1DAA-4021-9920-08E16F8BA97E}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\CineRender\CineRender 64bit.exe => Brak pliku
RemoveProxy:
HOSTS:
 
*****************
 
Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\kissq" => pomyślnie usunięto
"HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Windows\CurrentVersion\Run\\oiawmlye" => pomyślnie usunięto
"HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => pomyślnie usunięto
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d724360-7245-11e5-beb3-0c8bfdc58e3c} => pomyślnie usunięto
"HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => pomyślnie usunięto
HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{169008FB-DB4B-4B28-83D4-25900121FBDF}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{169008FB-DB4B-4B28-83D4-25900121FBDF}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{053dd367-583b-473b-8db6-c5d315ff98cd}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{06fcaafb-4feb-4474-aa3e-01e30efd1d78}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{424d92ab-05ec-48e9-9965-3c1850745972}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{70781391-7A33-45D7-AE83-C4463FBA7033}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8233300d-9300-420c-a06e-bfe36bf52359}\\DhcpNameServer" => pomyślnie usunięto
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C422DD51-B4DD-46E5-A97F-57367085D184}\\DhcpNameServer" => pomyślnie usunięto
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => Wartość pomyślnie przywrócono
"HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => pomyślnie usunięto
"HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B} => pomyślnie usunięto
HKU\S-1-5-21-3948835319-1470083923-2527900465-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCC97E89-460F-4C53-B3A9-98C0F26E5419} => pomyślnie usunięto
"Firefox newtab" => pomyślnie usunięto
"Firefox Session Restore" => pomyślnie usunięto
"Firefox NewTabOverride (admin@fastaddons.com_GroupSpeedDial) " => pomyślnie usunięto
"Firefox NewTabOverride (allegro-pl@search.mozilla.org) " => pomyślnie usunięto
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\Main Service => pomyślnie usunięto
Main Service => serwis pomyślnie usunięto
4A08219E0C44 => Nie można zatrzymać usługi.
HKLM\System\CurrentControlSet\Services\4A08219E0C44 => niepowodzenie przy usuwaniu, klucz może być zabezpieczony
 
Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 08-09-2020 17:46:12)
 
==> UWAGA: System nie został zrestartowany.
 
Rezultat usuwania kluczy przy restarcie:
 
HKLM\System\CurrentControlSet\Services\4A08219E0C44 => niepowodzenie przy usuwaniu, klucz może być zabezpieczony
 
==== Koniec  Fixlog 17:46:12 ====
Wygenerowano w 0.002s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!