szymgor Opublikowano Czwartek o 14:10 Zgłoś Udostępnij Opublikowano Czwartek o 14:10 Cześć, Czy byłaby możliwość przejrzenia logów w poszukiwaniu złośliwego oprogramowania? Wczoraj windows defender wykrył Trojana na moim urządzeniu. Był on powiązany z przeglądarką opera gx (poniżej skrin): Od razu usunąłem dane przeglądania oraz ciasteczka przeglądarki z 7 dni. Wykonany został długi skan za pomocą windows defender, po którym nie znaleziony żadnych zagrożeń. Pobralem dodatkowo program malwarebytes. Po krótkim skanie znalazł on dodatkowe zagrożenie które poddał kwarantannie (raport w załączniku). Wykonany został rownież całkowiny skan urządzenia po którym nic nie znalziono (raport również załączony). Dla samej pewności prosiłbym o sprawdzenie logów komputera i ewentualne porady odnośnie następnych działań. Z góry wielkie dzięki :D Odnośnik do komentarza
Illidan Opublikowano Czwartek o 20:39 Zgłoś Udostępnij Opublikowano Czwartek o 20:39 Cześć, Ogólnie dużo pozostałości w Windows po nieistniejących już programach, masa śmieci. Uruchom FRST. Skopiuj zawartość podaną niżej i nigdzie nie wklejaj-FRST sam znajdzie "fixlist" w schowku systemowym. Spoiler Start:: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo Immortal\Diablo Immortal.lnk C:\ProgramData\Microsoft\Windows\GameExplorer\{00000000-0000-0000-0000-000000000000}\PlayTasks\0\Launch.lnk C:\Users\Szymon\Desktop\winzip\WinZip Duplicate File Finder.lnk C:\Users\Szymon\Desktop\winzip\WinZip Image Manager.lnk C:\Users\Szymon\Desktop\winzip\WinZip PDF Express.lnk C:\Users\Szymon\Desktop\winzip\WinZip SafeShare.lnk C:\Users\Szymon\Desktop\winzip\WinZip Secure Backup.lnk C:\Users\Szymon\Desktop\winzip\WinZip.lnk C:\Users\Szymon\Desktop\aplikacje\EA.lnk C:\Users\Szymon\Desktop\aplikacje\Przeglądarka Opera GX.lnk AlternateDataStreams: C:\Windows\tracing:? [16] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype dla firm.lnk:475F79A635 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk:3DF0A9C0EF [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk:954E53D7F9 [3434] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [3434] AlternateDataStreams: C:\Users\Szymon\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Szymon\Downloads\FRST64.exe:MBAM.Zone.Identifier [225] AlternateDataStreams: C:\Users\Szymon\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Szymon\AppData\Local\Microsoft:ISBD [130] AlternateDataStreams: C:\Users\Szymon\AppData\Local\Microsoft:ISBD1 [33] AlternateDataStreams: C:\Users\Szymon\AppData\Local\Microsoft:ISBD2 [33] HKLM\...\.scr: => <==== UWAGA FirewallRules: [TCP Query User{700C1C55-C174-4044-A0A7-1FB63145D649}C:\users\szymon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\szymon\appdata\local\discord\app-1.0.9004\discord.exe => Brak pliku FirewallRules: [UDP Query User{912605C2-F4C7-40DB-8E59-ED7A57546380}C:\users\szymon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\szymon\appdata\local\discord\app-1.0.9004\discord.exe => Brak pliku FirewallRules: [TCP Query User{66D0A594-E902-4B56-9B09-0BB40608D9FC}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{240D05BB-681E-4FD4-806E-7B51480AB552}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{FE14C28B-AA34-433F-B119-7F553F25FD81}C:\program files (x86)\origin games\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Block) C:\program files (x86)\origin games\pvz battle for neighborville\pvzbattleforneighborville.exe => Brak pliku FirewallRules: [UDP Query User{319DF408-A0C8-4CF4-B94A-84AC5FF3032C}C:\program files (x86)\origin games\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Block) C:\program files (x86)\origin games\pvz battle for neighborville\pvzbattleforneighborville.exe => Brak pliku FirewallRules: [TCP Query User{225BD454-20DE-40C0-A8C5-0B2951964E24}C:\program files\epic games\xcom2\binaries\win64\xcom2.exe] => (Block) C:\program files\epic games\xcom2\binaries\win64\xcom2.exe => Brak pliku FirewallRules: [UDP Query User{D985C591-C5CA-4B48-8E53-4454031B11BE}C:\program files\epic games\xcom2\binaries\win64\xcom2.exe] => (Block) C:\program files\epic games\xcom2\binaries\win64\xcom2.exe => Brak pliku FirewallRules: [TCP Query User{973F91FA-83B5-4B6F-9CE0-2B5C7E28BFCF}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Brak pliku FirewallRules: [UDP Query User{D678C1A7-05A9-4F09-A503-133D9517B682}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Brak pliku FirewallRules: [{A3960787-5E7B-4101-BE26-FA9C02A71504}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Brak pliku FirewallRules: [{562D9424-006A-44A7-8F51-CBEE95326C36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Brak pliku FirewallRules: [{28D2C56C-D836-4DF3-B6A2-35B74E9F23DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => Brak pliku FirewallRules: [{C1A7F196-16CD-4345-963E-ADF56EF3F604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => Brak pliku FirewallRules: [TCP Query User{956E9799-9DC6-4296-A804-C616AD129BA1}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => Brak pliku FirewallRules: [UDP Query User{BF9F1249-342C-4C8D-9D4E-1BDF60810DAE}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => Brak pliku FirewallRules: [TCP Query User{0C35D864-600C-42C4-AA69-D066FB1927CF}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Block) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Brak pliku FirewallRules: [UDP Query User{8C8E314F-97A7-4244-8E71-DF65600B45F0}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Block) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Brak pliku FirewallRules: [{31F39A7E-4819-4626-89B4-5CDA3781DDA4}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => Brak pliku FirewallRules: [TCP Query User{EBD7BAE9-D510-44A5-909F-EDEC460E15DE}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Block) C:\program files (x86)\call of duty\_retail_\cod.exe => Brak pliku FirewallRules: [UDP Query User{56320D7A-1103-40FF-AC65-A8DC9D2DF580}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Block) C:\program files (x86)\call of duty\_retail_\cod.exe => Brak pliku FirewallRules: [{CB069255-2ABD-46B2-AF53-5D56BDB51435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Two of Us\The Two of Us\The Two of Us.exe => Brak pliku FirewallRules: [{DC86B913-4312-47EF-8E86-409029C6D6F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Two of Us\The Two of Us\The Two of Us.exe => Brak pliku FirewallRules: [TCP Query User{60C6A1E4-7E08-4BDD-82D5-D8A6B5AAC402}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => Brak pliku FirewallRules: [UDP Query User{BE5B5ED6-4B54-4719-A800-C6B683F11ADB}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => Brak pliku FirewallRules: [TCP Query User{D91FAD95-069F-425E-AF9E-77505D7AF0DA}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Block) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => Brak pliku FirewallRules: [UDP Query User{16A68FAA-09A6-42A5-8E88-E697C3001D20}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Block) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => Brak pliku FirewallRules: [TCP Query User{BC8F0B84-1607-4D25-8C84-19A8D7250BE1}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Brak pliku FirewallRules: [UDP Query User{D49256AB-0515-459A-A5D3-5E381B2472A0}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Brak pliku FirewallRules: [TCP Query User{4370F16D-2D03-45F7-B977-7BA2A4B880EC}C:\program files\epic games\ue_5.3\engine\binaries\win64\unrealeditor.exe] => (Block) C:\program files\epic games\ue_5.3\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [UDP Query User{941ED9C8-7E07-4140-A137-9749F82A9BB1}C:\program files\epic games\ue_5.3\engine\binaries\win64\unrealeditor.exe] => (Block) C:\program files\epic games\ue_5.3\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [{1BE5C59F-7150-4A44-8FBD-409A3BF98A50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => Brak pliku FirewallRules: [{3EEF106E-0B16-40A5-98B9-F00EF74AD550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => Brak pliku FirewallRules: [{7030737D-6260-4257-83D0-E3DEAEEA6508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe => Brak pliku FirewallRules: [{920370D5-05D2-4215-82FD-77E4D1730D0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe => Brak pliku FirewallRules: [{4EB5D5F3-170E-40EA-9ED5-CF9EAAB8824D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [{5902B7CF-2557-4432-AC0E-653CD4350C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [TCP Query User{C95863E1-3277-4EB4-A442-B7C6B7A7C77F}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Block) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => Brak pliku FirewallRules: [UDP Query User{C705F2EA-A707-46D5-8F1D-5DD554E9E2EA}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Block) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => Brak pliku FirewallRules: [TCP Query User{886057A8-453E-4064-A0BE-70CBEF4DDDD1}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [UDP Query User{66736AB9-2E7C-4DE0-9FC6-23458B4E6ACD}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [{D7A22752-055B-4E80-A060-8AF616911800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe => Brak pliku FirewallRules: [{9A0E4F15-3408-4AE3-8801-A79D1D787BA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe => Brak pliku FirewallRules: [TCP Query User{8F8FC78F-A71E-4A03-A58B-91170AE2D4AC}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe => Brak pliku FirewallRules: [UDP Query User{216B785D-23B3-4A0A-A078-5631A0AB45B3}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe => Brak pliku FirewallRules: [TCP Query User{A684B956-5164-4EC2-902A-BB15E82B715E}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Brak pliku FirewallRules: [UDP Query User{A8772E35-73A5-4C7A-9619-6BCF70E4B0A8}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Brak pliku FirewallRules: [TCP Query User{EC0AF1BE-486E-40B5-8713-B803BF6DCDAC}C:\program files\epic games\thehuntercallofthewild\thehuntercotw_f.exe] => (Block) C:\program files\epic games\thehuntercallofthewild\thehuntercotw_f.exe => Brak pliku FirewallRules: [UDP Query User{2D966AE8-2404-4B06-8325-C47E0F7CD9EF}C:\program files\epic games\thehuntercallofthewild\thehuntercotw_f.exe] => (Block) C:\program files\epic games\thehuntercallofthewild\thehuntercotw_f.exe => Brak pliku FirewallRules: [TCP Query User{4F523C52-7CC2-48D9-9E85-3F46EAAB2911}C:\program files\epic games\ue_5.3\engine\plugins\bridge\thirdparty\win\node-bifrost.exe] => (Allow) C:\program files\epic games\ue_5.3\engine\plugins\bridge\thirdparty\win\node-bifrost.exe => Brak pliku FirewallRules: [UDP Query User{D08900C5-2ED5-49B6-9CF2-5C11E9386EB6}C:\program files\epic games\ue_5.3\engine\plugins\bridge\thirdparty\win\node-bifrost.exe] => (Allow) C:\program files\epic games\ue_5.3\engine\plugins\bridge\thirdparty\win\node-bifrost.exe => Brak pliku FirewallRules: [TCP Query User{2C9CD550-CEB9-49D9-BA43-B92DCEAAB022}C:\program files (x86)\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Block) C:\program files (x86)\steam\steamapps\common\battlefield 2042\bf2042.exe => Brak pliku FirewallRules: [UDP Query User{089CAA89-2B1E-4307-A3A9-46B7E22A46AA}C:\program files (x86)\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Block) C:\program files (x86)\steam\steamapps\common\battlefield 2042\bf2042.exe => Brak pliku FirewallRules: [TCP Query User{11C5412D-D13E-484E-9901-FFE53A15CBEF}C:\program files\epic games\chivalry2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Block) C:\program files\epic games\chivalry2\tbl\binaries\win64\chivalry2-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{827C71AD-091C-4507-AF94-5052A91E81C4}C:\program files\epic games\chivalry2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Block) C:\program files\epic games\chivalry2\tbl\binaries\win64\chivalry2-win64-shipping.exe => Brak pliku FirewallRules: [{3B96F7C2-87BB-4AB2-8B1A-E82D9A65F7A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => Brak pliku FirewallRules: [{AB949F40-8C24-4E07-9131-71C57DF8F552}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => Brak pliku FirewallRules: [TCP Query User{8F7BD0AD-2684-4FFB-B826-2EBEA6271FE6}C:\program files (x86)\steam\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{E03993B9-7B88-474A-827F-02FB6CCE06F5}C:\program files (x86)\steam\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{E58C41E7-29DB-41B2-9A96-F0D31B31F618}C:\program files (x86)\steam\steamapps\common\dungeonborne\dungeonborne\binaries\win64\dungeonborne.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeonborne\dungeonborne\binaries\win64\dungeonborne.exe => Brak pliku FirewallRules: [UDP Query User{5816BD97-9037-41A9-A182-BAD8A5E3ACA8}C:\program files (x86)\steam\steamapps\common\dungeonborne\dungeonborne\binaries\win64\dungeonborne.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeonborne\dungeonborne\binaries\win64\dungeonborne.exe => Brak pliku FirewallRules: [{0504663A-93FF-498C-9375-8CDCF0858F4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe => Brak pliku FirewallRules: [{3D84FC23-D5D5-41AB-84DF-D90709DB56F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe => Brak pliku FirewallRules: [TCP Query User{AB7B5B85-5623-479A-8666-81755E7EA811}C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe] => (Block) C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe => Brak pliku FirewallRules: [UDP Query User{51D187CE-DBE3-49B2-8284-D2A007F62E8C}C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe] => (Block) C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe => Brak pliku FirewallRules: [TCP Query User{D53CE96B-C78D-4AF9-A728-58D1CFDC1813}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe => Brak pliku FirewallRules: [UDP Query User{33001932-700E-4AF1-A5F6-628361D5FE60}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe => Brak pliku FirewallRules: [{D5D2F452-8C8B-4FE7-82D3-CB136A772639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo.exe => Brak pliku FirewallRules: [{9DA4DECC-AEA2-44DC-8EC8-36863C9944DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo.exe => Brak pliku FirewallRules: [{789355BE-6C6D-4898-8DDC-36DC2A751809}] => (Allow) C:\Program Files (x86)\Overwolf\0.270.0.12\OverwolfBrowser.exe => Brak pliku FirewallRules: [{FE144160-3A4D-478D-867C-A8C7850060E3}] => (Allow) C:\Program Files (x86)\Overwolf\0.270.0.12\OverwolfBrowser.exe => Brak pliku FirewallRules: [{47268ED2-00A3-4DD5-9FB9-5931CB1775F2}] => (Block) C:\Program Files (x86)\Overwolf\0.270.0.12\OverwolfBrowser.exe => Brak pliku FirewallRules: [{C8A172B6-6EBE-4C6E-82FD-68A15652EBDE}] => (Block) C:\Program Files (x86)\Overwolf\0.270.0.12\OverwolfBrowser.exe => Brak pliku HKU\S-1-5-21-236842057-3121852777-2504459507-1001\...\Run: [AF_uuid_2139460] => 29cc3e90-5e56-4e67-a891-fe58e40cf378 (Brak pliku) HKU\S-1-5-21-236842057-3121852777-2504459507-1001\...\Run: [AF_counter_2139460] => 3 (Brak pliku) HKU\S-1-5-21-236842057-3121852777-2504459507-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe (Brak pliku) CreateRestorePoint: EmptyTemp: End:: Fixlist przeznaczona tylko dla autora tematu! W FRST kliknij opcję "Napraw" (Fix). Pokaż raport "fixlog.txt", który otrzymasz po restarcie komputera. Pobierz też darmowy "ADWCleaner" i tak samo, skanowanie, usuwanie jeśli coś zostanie wykryte, pokaż raport z usuwania. Malwaresvbytes nic niepokojącego nie wykrył, da ci do kwarantanny omyłkowo OCCT, dodaj aplikacje do wyjątku, to przez to ze to silnie obciążającą apka komputer podczas testu i pewnie dlatego została błędnie zaklasyfikowana jako zagrożenie. Defender wcześniej z tego co widzę usunął jakiś ciasteczka z Opera, ciężko stwierdzić czy to było rzeczywiście zagrożenie, czy też fałszywy alarm. Takie podejrzane pliki trzeba by było zbadać jeszcze przez inne skanery antywirusowe, np. na stronie Virus Total. Odnośnik do komentarza
szymgor Opublikowano Czwartek o 21:04 Autor Zgłoś Udostępnij Opublikowano Czwartek o 21:04 Załączam fixlog.txt oraz raport z ADWCleaner. Również jeśli można prosiłbym o poradę które pliki zbadać za pomocą Virus Total Odnośnik do komentarza
Illidan Opublikowano Czwartek o 21:22 Zgłoś Udostępnij Opublikowano Czwartek o 21:22 W FRST wszystko zrobione. AdwCleaner nie znalazł żadnych zagrożeń. Oceń działanie Windows po czyszczeniu. Odnośnik do komentarza
szymgor Opublikowano Czwartek o 21:29 Autor Zgłoś Udostępnij Opublikowano Czwartek o 21:29 Tak naprawde nawet wczoraj po wykryciu wirusa nie widziałem jakiegokolwiek pogorszenia wydajności. Aktualnie bez zmian, urządzenia działa bez zarzutów. Odnośnik do komentarza
Illidan Opublikowano Piątek o 22:51 Zgłoś Udostępnij Opublikowano Piątek o 22:51 Jak jest OK, to możesz usunąć FRST i jego kwarantannę: C:\\FRST AdwCleaner zalecam zostawić i używać co jakiś czas. Odnośnik do komentarza
szymgor Opublikowano 20 godzin temu Autor Zgłoś Udostępnij Opublikowano 20 godzin temu Super. Dzieki wielkie w takim razie za pomoc Odnośnik do komentarza
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się