Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Co chwile wyskakuje wiersz polecenia.

kusmieroxxx 03 Mar 2018 17:07 243 9
  • #1 03 Mar 2018 17:07
    kusmieroxxx
    Poziom 3  

    Witam
    Otóż od dnia wczorajszego mam problem z samoczynnie wyskakującym wierszem polecenia. Wyskakuje on na ułamek sekundy, lecz raz zdążyłem zobaczyć że jest pusty. Nie wiem gdzie może leżeć przyczyna. Bardzo jest to denerwujące bo na przykład gdy gram to wyrzuca mnie na pulpit. Proszę was o pomoc. Dzięki

    Ps. Jeżeli czegoś potrzebujecie np. logów (nie za bardzo się znam więc nie wiem czy są potrzebne) to dajcie znać.

    0 9
  • Pomocny post
    #4 03 Mar 2018 17:25
    Kolobos
    Spec od komputerów

    To teraz uzyj i DOPIERO zamiesc NOWE logi z FRST.

    0
  • #5 03 Mar 2018 17:55
    kusmieroxxx
    Poziom 3  

    Mam problem z zainstalowaniem ponieważ wyskakuje że temu wydawcy zablokowano możliwość uruchamiania oprogramowania na tym komputerze. Sorki ale nie wiem co zrobić.

    Dodano po 1 [minuty]:

    Dobra już to ogarnąłem

    Dodano po 11 [minuty]:

    teraz juz zrobilem tak jak kazales

    0
  • Pomocny post
    #6 03 Mar 2018 18:03
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {14E900EE-F2D2-4025-AB64-3830E7E005AA} - System32\Tasks\{36929BD2-BBA1-4935-B526-CD1F28CFA655} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\
    Task: {184177CA-F2BF-45D7-A3C9-147580753C3E} - System32\Tasks\Opera scheduled Autoupdate 1502793903 => C:\Users\x\AppData\Local\Programs\Opera\launcher.exe
    Task: {24F4825F-988D-4F0D-B497-EC3B3BE6FE73} - System32\Tasks\{DA766524-52D2-45CF-993A-9115660218AB} => C:\Windows\system32\pcalua.exe -a "E:\COD2DVD\setup (2).exe" -d E:\COD2DVD
    Task: {2C1377ED-3557-4F6A-8C43-A43A2157D93E} - System32\Tasks\{79790947-080C-790B-7A11-7D0C0F0F1104} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
    Task: {626A36AA-3A90-4AD6-86F5-A5F953286FCA} - System32\Tasks\Chromium citol => "wscript.exe" "C:\ProgramData\{46F08393-CCB2-0955-4A74-9717D0361CD9}\lide.txt"
    Task: {94C3181B-222D-402A-86CE-D2649B1B9317} - System32\Tasks\ACA34F46-3B69-4E96-AEDC-9CC24230899E => C:\Windows\SysWOW64\regsvr32.exe /n /s /i:"/22627c0f74757d6e /q" "C:\Users\x\AppData\Local\2A52AC~1\{E12A5~1."
    Task: {9B434E46-4129-4A79-AF59-EB4AF1910825} - System32\Tasks\{F9EAEB74-3A28-4816-97BE-D1CB2D570EFF} => C:\Windows\system32\pcalua.exe -a C:\Users\nazwa\Downloads\OneClickRoot.exe -d C:\Users\nazwa\Downloads
    Task: {D655F30A-E483-48ED-9892-7B4D771E3A14} - System32\Tasks\Opera scheduled Autoupdate 1511946510 => C:\Users\nazwa\AppData\Local\Programs\Opera\launcher.exe [2018-01-22] (Opera Software)
    Task: C:\Windows\Tasks\Typing.job => rundll32.exe C:\Program Files\Typing\Typing.dll
    HKLM\...\Run: [SERVICE] => [X]
    HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== UWAGA
    HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== UWAGA
    HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== UWAGA
    HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== UWAGA




    HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== UWAGA
    HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== UWAGA
    HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== UWAGA
    HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== UWAGA
    HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== UWAGA
    HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== UWAGA
    HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== UWAGA
    HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== UWAGA
    HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== UWAGA
    HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== UWAGA
    HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== UWAGA
    HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== UWAGA
    HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== UWAGA
    HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== UWAGA
    HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== UWAGA
    HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== UWAGA
    HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== UWAGA
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\...\Run: [Chromium] => "c:\users\x\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\...\MountPoints2: {762fa423-d2d2-11e7-8216-6cf049069a9e} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\...\MountPoints2: {ff1c0c68-7f79-11e7-8876-6cf049069a9e} - H:\AutoRun.exe
    AppInit_DLLs: C:\ProgramData\Quoteex\Blackhold.dll => Brak pliku
    GroupPolicy: Ograniczenia <==== UWAGA
    Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{8F9AB8B1-D581-4948-BF7D-4FD439F36574}: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{8F9AB8B1-D581-4948-BF7D-4FD439F36574}: [DhcpNameServer] 82.163.143.176
    Tcpip\..\Interfaces\{F1A85217-7AF1-4B75-9427-E1D9A2696974}: [NameServer] 82.163.143.176 82.163.142.178
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...sHwIhR4vSAfi0PViSq6NE0juXc8xxNQ0EXSow,&q={searchTerms}
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911...amp;GUID=00000000-0000-0000-0000-000000000000
    HKU\S-1-5-21-3935859880-2268736497-639330070-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKU\S-1-5-21-3935859880-2268736497-639330070-1000 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jk...;p_mkt=pl&p_tsrc=301&p_w=y0w52&q={searchTerms}
    FF user.js: detected! => C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\5twu1glr.default\user.js [2017-08-15]
    FF Homepage: Mozilla\Firefox\Profiles\5twu1glr.default -> hxxps://encrypted.google.com
    FF NewTab: Mozilla\Firefox\Profiles\5twu1glr.default -> C:\\ProgramData\\Quoteexs\\ff.NT
    FF Extension: (WP Strona Startowa) - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\5twu1glr.default\Extensions\{84ef59fb-249c-4c82-9323-8d4ad1e9054a}.xpi [2017-08-12]
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [nie znaleziono]
    C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\5twu1glr.default\Extensions\{84ef59fb-249c-4c82-9323-8d4ad1e9054a}.xpi
    S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe" [X]
    U3 aswbdisk; Brak ImagePath
    2018-03-03 17:44 - 2018-03-03 17:47 - 000000000 ____D C:\AdwCleaner
    2018-02-18 12:26 - 2018-02-18 12:26 - 000001466 _____ C:\Windows\Tasks\Typing.job
    2018-03-03 17:18 - 2018-01-21 20:40 - 000004182 _____ C:\Windows\System32\Tasks\ACA34F46-3B69-4E96-AEDC-9CC24230899E
    2018-02-26 19:16 - 2018-01-21 20:40 - 000023400 _____ C:\Windows\System32\Tasks\{79790947-080C-790B-7A11-7D0C0F0F1104}
    2018-02-26 19:16 - 2018-01-03 17:14 - 000004348 _____ C:\Windows\System32\Tasks\Chromium citol
    2018-02-26 19:16 - 2017-11-30 09:00 - 000003136 _____ C:\Windows\System32\Tasks\{F9EAEB74-3A28-4816-97BE-D1CB2D570EFF}
    2018-02-26 19:16 - 2017-11-29 10:08 - 000004112 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1511946510
    2018-02-26 19:16 - 2017-08-15 11:45 - 000004080 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1502793903
    2018-02-18 12:27 - 2017-08-15 11:44 - 000000000 ____D C:\Program Files (x86)\McAfee
    2018-02-18 12:27 - 2017-08-15 11:43 - 000000000 ____D C:\ProgramData\McAfee
    2018-02-18 11:03 - 2018-01-03 17:15 - 000000000 ____D C:\Users\x\AppData\Local\chromium
    2018-02-18 11:03 - 2017-08-20 08:29 - 000000000 ____D C:\ProgramData\BOINC
    2018-01-03 17:59 - 2018-01-03 17:59 - 007563264 _____ () C:\Users\x\AppData\Local\agent.dat
    2018-01-03 17:59 - 2018-01-03 17:59 - 000070800 _____ () C:\Users\x\AppData\Local\Config.xml
    2018-01-03 17:58 - 2018-01-03 17:57 - 001814528 _____ (TODO: <Company name>) C:\Users\x\AppData\Local\FaxLatis.exe
    2018-01-03 17:58 - 2018-01-03 17:59 - 000278507 _____ () C:\Users\x\AppData\Local\FaxLatis.tst
    2018-01-03 17:57 - 2018-01-03 17:57 - 000140800 _____ () C:\Users\x\AppData\Local\installer.dat
    2018-01-03 17:59 - 2018-01-03 17:59 - 000005568 _____ () C:\Users\x\AppData\Local\md.xml
    2018-01-03 17:59 - 2018-01-03 17:59 - 000126464 _____ () C:\Users\x\AppData\Local\noah.dat
    2018-01-03 17:59 - 2018-01-03 17:59 - 001895380 _____ () C:\Users\x\AppData\Local\Rejob.bin
    2017-08-13 08:36 - 2017-08-13 08:36 - 000007602 _____ () C:\Users\x\AppData\Local\Resmon.ResmonCfg
    2018-01-03 17:59 - 2018-01-03 17:57 - 001814528 _____ (TODO: <Company name>) C:\Users\x\AppData\Local\Strongzoztom.exe
    2018-01-03 17:59 - 2018-01-03 17:59 - 001980560 _____ () C:\Users\x\AppData\Local\Strongzoztom.tst
    2018-01-05 08:14 - 2018-01-07 11:14 - 000000068 _____ () C:\Users\x\AppData\Local\TTTTTTTTTT
    2018-01-03 18:00 - 2018-01-03 18:00 - 000032038 _____ () C:\Users\x\AppData\Local\uninstall_temp.ico
    EmptyTemp:

    W FRST wybierz Napraw.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Zamiesc screen calego okna z:
    CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable

    0
  • Pomocny post
    #8 03 Mar 2018 21:03
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0
  • #9 03 Mar 2018 21:23
    kusmieroxxx
    Poziom 3  

    Dzięki wielkie. Szacun

    0
  • #10 03 Mar 2018 21:24
    kusmieroxxx
    Poziom 3  

    Dzięki wielkie. Szacun

    Dodano po 1 [minuty]:

    Rozwiązałem problem robiąc to co kazał mi Kolobos.

    0