Elektroda.pl
Elektroda.pl
X
Elektroda.pl
Advanced Search

Search our partners

Find the latest content on electronic components. Datasheets.com
Datasheets
Elektroda.pl
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

[Solved] Wiersz CMD Wlacza sie w malym okienku i znika

VexoRavi 03 Apr 2020 23:23 486 12
Lock | New topic
  • Helpful post
    #2
    Kolobos
    IT specialist
    Fixlist.txt dla FRST:
    CloseProcesses:
    C:\Program Files (x86)\ProxyGate\
    (GOLD CLICK LIMITED -> Gold Click Ltd) C:\Program Files (x86)\ProxyGate\Cloud.exe
    (GOLD CLICK LIMITED -> Gold Click Ltd) C:\Program Files (x86)\ProxyGate\PGChk.exe
    C:\Users\Ania Norbert\AppData\Roaming\Microsoft\SoundModule\
    (SoundMixer) [Brak podpisu cyfrowego] C:\Users\Ania Norbert\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe
    HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-22] (Corel Corporation -> Corel Corporation)
    HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124032 2018-04-22] (Corel Corporation -> WinZip Computing)
    HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2018-04-22] (WinZip Computing LLC -> WinZip Computing, S.L.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-05-18] () [Brak podpisu cyfrowego]
    HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [30208 2005-12-07] (Cyberlink Corp.) [Brak podpisu cyfrowego]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2018-06-17] (Power Software Limited -> Power Software Ltd)
    HKLM-x32\...\Run: [GammaControl] => False
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Run: [uTorrent] => C:\Users\Ania Norbert\AppData\Roaming\uTorrent\uTorrent.exe [2073320 2020-03-20] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [1600448 2007-10-30] (SlySoft Inc. -> SlySoft, Inc.) [Brak podpisu cyfrowego]
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Run: [firefox] => C:\Users\Ania Norbert\AppData\Roaming\FFPortable\update.exe [910296 2010-03-31] (Mozilla Corporation -> Mozilla Corporation) <==== UWAGA
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\MountPoints2: {e704e6e6-0a07-11ea-ad94-50465d6510b1} - "D:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\MountPoints2: {f2aba33f-5a18-11ea-adda-50465d6510b1} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundModule.exe" 2>NUL | find /I /N "SoundModule.exe">NUL && exit & if exist "C:\Users\Ania Norbert\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" ( start /MIN "" "C:\Users\Ania Norbert\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA
    GroupPolicy: Ograniczenia ? <==== UWAGA
    Task: {07169C30-5D47-490F-84B9-2B119C5AC49E} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-22] (Corel Corporation -> Corel Corporation)
    Task: {1124B5DF-38AF-4447-B064-9674CA6F5F25} - System32\Tasks\Opera scheduled Autoupdate 1547854037 => C:\Users\Ania Norbert\AppData\Local\Programs\Opera\launcher.exe
    Task: {3B958E7D-A61C-47AB-A7B4-C85C4F1B0DAD} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-22] (Corel Corporation -> Corel Corporation)
    Task: {6865A9A3-0AD0-40B8-AEA0-A7E7FB9C1842} - System32\Tasks\Wise Registry Cleaner Schedule Task => F:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [4258984 2018-05-17] (Lespeed Technology Ltd. -> WiseCleaner.com)
    Task: {69FCB263-11CF-463D-BB0E-194F307153F1} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-22] (Corel Corporation -> Corel Corporation)
    Task: {94F4529B-FAEA-451D-8FEE-12F731E110B9} - System32\Tasks\WiseCleaner\WRCSkipUAC => F:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [4258984 2018-05-17] (Lespeed Technology Ltd. -> WiseCleaner.com)
    Task: {B1766EF6-AE71-4588-8B59-79EEFC63757C} - System32\Tasks\Opera GX scheduled Autoupdate 1581352142 => C:\Users\Ania Norbert\AppData\Local\Programs\Opera GX\launcher.exe [1480216 2020-03-24] (Opera Software AS -> Opera Software)
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Tcpip\..\Interfaces\{7d1b1345-4a7b-4136-9a11-d31922fb81ba}: [DhcpNameServer] 172.20.10.1
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-2015855844-4286111123-2268182817-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.amazon.com/gp/bit/amazonserp/ref=...nnel-17_b17dc14a_1201_1403_20161223_PL_ie_sp_
    FF ProfilePath: C:\Users\Ania Norbert\AppData\Roaming\AMozilla\AFirefox\Profiles\0pq7sjnz.default [2018-07-01] <==== UWAGA
    S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-03-05] (Mail.Ru Games LLC -> LLC Mail.Ru)
    S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED -> Gold Click Ltd) <==== UWAGA
    S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [7238880 2018-03-05] (Mail.Ru Games LLC -> LLC Mail.Ru)
    2019-03-16 23:12 - 2019-03-16 23:12 - 000000000 _____ () C:\Users\Ania Norbert\AppData\Roaming\FC29FA0894FE.ini
  • Helpful post
    #3
    User removed account
    Level 1  
  • Helpful post
    #4
    Kolobos
    IT specialist
    @Tomequ123 pelno zbednych czynnosci i polecen, a o usunieciu tego co trzeba zapominasz, C:\Users\Ania Norbert\AppData\Roaming\Microsoft\SoundModule\ samo sie nie usunie.
  • #5
    User removed account
    Level 1  
  • #6
    Kolobos
    IT specialist
    Trzeba jeszcze usunac katalog.
  • #7
    User removed account
    Level 1  
  • #8
    Kolobos
    IT specialist
    Zapewne katalog ma ustawiona date z poza zakresu albo FRST tam nie szuka.
  • #9
    VexoRavi
    Level 5  
    Witam, dziękuje wszystkim za pomoc zrobiłem tak jak kazał Pan Tomequ123 i wszystko śmiga.
    Start biosu 5,1s
  • #10
    User removed account
    Level 1  
  • #11
    VexoRavi
    Level 5  
    To tez sie doczytalem i zrobilem, %appdata% mi znane z minecrafta i wgrywania modow wiec juz foldery widze wszystkie :P
  • #12
    User removed account
    Level 1  
  • #13
    VexoRavi
    Level 5  
    Zamykam temat, rozwiązany metoda powyżej
Lock | New topic