ADVERTISEMENT

Fixlog.txt

Aktualizacje i błąd reader_s.exe na starym laptopie - analiza logów FRST

Ok, wykonane po kolei :-)


Download file - link to post

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 19-07-2021 01
Uruchomiony przez Ania (31-07-2021 17:24:43) Run:1
Uruchomiony z C:\Users\Ania\Desktop\Łukasz\Fix
Załadowane profile: Ania
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] = & gt; C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd - & gt; Wondershare)
HKLM-x32\...\Run: [] = & gt; [X]
HKU\S-1-5-21-880852076-2758146150-3902315697-1001\...\Run: [Skype for Desktop] = & gt; C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl - & gt; Skype Technologies S.A.)
HKU\S-1-5-21-880852076-2758146150-3902315697-1001\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd - & gt; Piriform Software Ltd)
HKU\S-1-5-21-880852076-2758146150-3902315697-1001\Software\Policies\...\system: [disablecmd] 0
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-04]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
GroupPolicy: Ograniczenia - Chrome & lt; ==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
Task: {00C93FE6-F0FA-41B7-8FCD-618416CA792E} - System32\Tasks\{D3460870-8304-491F-8F8D-C7093EF5466B} = & gt; C:\Program Files (x86)\Need For Speed 2\NFS2\nfsw.exe [885248 2011-11-03] () [Brak podpisu cyfrowego]
Task: {03B8817D-34F2-4CA8-809B-B7D45077ED62} - System32\Tasks\{4F2FDCB8-4A9E-4E37-AF42-43D3A396646F} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Program Files (x86)\VAG-COM\VAGUSBUN.EXE " -d " C:\Program Files (x86)\VAG-COM "
Task: {05A93408-234E-4552-9AF5-6F3D35BE1F3C} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd - & gt; Piriform)
Task: {18FC2D87-5A7C-4BC4-95B3-7DCEBD2075E4} - System32\Tasks\{E9CB7B24-BC60-4963-9CCE-BD77B738DFF0} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Ania\Downloads\WinSetupFromUSB-1-4_[www.programosy.pl].exe -d C:\Users\Ania\Downloads
Task: {45CCC37E-55C5-41E3-AD7D-16897812D332} - System32\Tasks\{F10B5C7B-D15E-468F-983A-5AB66D610339} = & gt; C:\Program Files (x86)\VAG-COM\VagCom.exe
Task: {56AFA5AB-6693-4909-B3B2-4D2D00064BFC} - System32\Tasks\{7CB4E3D0-FB7E-4305-9C53-FC5116246300} = & gt; C:\Users\Ania\Desktop\Worms\frontend.exe
Task: {5BD135CC-1E98-44A4-8921-A5C3F986364F} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {6B1B1751-5EE4-4497-9E95-782F1E403D1A} - System32\Tasks\{5ECA70FD-F1D5-4A2A-B5C9-C610AF0900BC} = & gt; C:\Program Files (x86)\Need For Speed 2\NFS2\nfsw.exe [885248 2011-11-03] () [Brak podpisu cyfrowego]
Task: {7E2F2EE0-A52E-40A6-93A7-E5F9743D089A} - System32\Tasks\{E9F226FF-9B3B-4148-8811-C9DE1CCAD794} = & gt; C:\Program Files (x86)\Need For Speed 2\NFS2\nfsw.exe [885248 2011-11-03] () [Brak podpisu cyfrowego]
Task: {93BEC867-7806-48C5-BEEC-326E68D6A9A8} - System32\Tasks\{B1D11523-2104-438F-855B-E297CDB6C66E} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Users\Ania\Downloads\VAG-COM-PL 704.exe " -d C:\Users\Ania\Downloads
Task: {DC2B0678-72C4-437E-A73B-32E70D2A348D} - System32\Tasks\{A9FA6DBB-C83D-430B-AFCA-5B48FF9BFDD5} = & gt; C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c C:\ADAKO\VAG-COM\VagCom.exe
Task: {EE22D857-C752-4EE6-97ED-F5311EAC9045} - System32\Tasks\{17888C49-4DC8-4693-B779-4CAA203E55A4} = & gt; C:\Windows\system32\pcalua.exe -a E:\PROGRAMY\DEMONSTRACYJNE\OBD2Spy\setup.exe -d E:\PROGRAMY\DEMONSTRACYJNE\OBD2Spy
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\discoverypro@discoverypro.com
FF Extension: (Website Discovery Pro) - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\discoverypro@discoverypro.com [2014-05-23] [Przestarza�e] [Brak podpisu cyfrowego]
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\gmailnoads@mywebber.com.xpi
FF Extension: (Webmail Ad Blocker) - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\gmailnoads@mywebber.com.xpi [2019-08-07]
FF Extension: (PDF Viewer) - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\uriloader@pdf.js.xpi [2016-06-15] [Przestarza�e]
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\uriloader@pdf.js.xpi
FF Extension: (SmarterPower) - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}.xpi [2014-10-13] [Przestarza�e] [Brak podpisu cyfrowego]
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}.xpi
CHR Notifications: Profile 1 - & gt; �hxxps://www-estore-pl-pandora-net.pushpushgo.com
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2021-07-31 13:45 - 2021-07-31 13:47 - 000000000 ____D C:\ProgramData\WinThruster
2021-07-28 22:03 - 2016-12-03 10:13 - 000000000 ____D C:\ProgramData\F-Secure
2021-07-28 21:44 - 2015-01-03 15:11 - 000000000 ____D C:\Qoobox
2016-02-15 20:14 - 2016-02-15 20:14 - 001308952 _____ (Ministerstwo Finans�w ) C:\Users\Ania\Downloads\e-Deklaracje-wtyczka (4).exe
2014-02-10 21:34 - 2014-02-10 21:34 - 027795416 _____ ( ) C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1030_Full.exe
2015-08-14 21:00 - 2015-08-14 21:01 - 039014208 _____ ( ) C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1136_Full_www.INSTALKI.pl.exe
2016-11-09 22:14 - 2016-11-09 22:14 - 036854102 _____ (KLCP ) C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1244_Full.exe

*****************

Procesy zostały pomyślnie zamknięte.
" HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe " = & gt; pomyślnie usunięto
" HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ " = & gt; pomyślnie usunięto
" HKU\S-1-5-21-880852076-2758146150-3902315697-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype for Desktop " = & gt; pomyślnie usunięto
" HKU\S-1-5-21-880852076-2758146150-3902315697-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning " = & gt; pomyślnie usunięto
" HKU\S-1-5-21-880852076-2758146150-3902315697-1001\Software\Policies\Microsoft\Windows\System\\disablecmd " = & gt; pomyślnie usunięto
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = & gt; pomyślnie przeniesiono
C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe = & gt; pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\Machine = & gt; pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\GPT.ini = & gt; pomyślnie przeniesiono
C:\Windows\SysWOW64\GroupPolicy\GPT.ini = & gt; pomyślnie przeniesiono
C:\ProgramData\NTUSER.pol = & gt; pomyślnie przeniesiono
HKLM\SOFTWARE\Policies\Mozilla = & gt; pomyślnie usunięto
HKLM\SOFTWARE\Policies\Google = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00C93FE6-F0FA-41B7-8FCD-618416CA792E} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00C93FE6-F0FA-41B7-8FCD-618416CA792E} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{D3460870-8304-491F-8F8D-C7093EF5466B} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3460870-8304-491F-8F8D-C7093EF5466B} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03B8817D-34F2-4CA8-809B-B7D45077ED62} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03B8817D-34F2-4CA8-809B-B7D45077ED62} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{4F2FDCB8-4A9E-4E37-AF42-43D3A396646F} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F2FDCB8-4A9E-4E37-AF42-43D3A396646F} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{05A93408-234E-4552-9AF5-6F3D35BE1F3C} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05A93408-234E-4552-9AF5-6F3D35BE1F3C} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\CCleaner Update = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18FC2D87-5A7C-4BC4-95B3-7DCEBD2075E4} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18FC2D87-5A7C-4BC4-95B3-7DCEBD2075E4} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{E9CB7B24-BC60-4963-9CCE-BD77B738DFF0} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E9CB7B24-BC60-4963-9CCE-BD77B738DFF0} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CCC37E-55C5-41E3-AD7D-16897812D332} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CCC37E-55C5-41E3-AD7D-16897812D332} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{F10B5C7B-D15E-468F-983A-5AB66D610339} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F10B5C7B-D15E-468F-983A-5AB66D610339} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56AFA5AB-6693-4909-B3B2-4D2D00064BFC} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56AFA5AB-6693-4909-B3B2-4D2D00064BFC} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{7CB4E3D0-FB7E-4305-9C53-FC5116246300} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CB4E3D0-FB7E-4305-9C53-FC5116246300} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BD135CC-1E98-44A4-8921-A5C3F986364F} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BD135CC-1E98-44A4-8921-A5C3F986364F} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\CCleanerSkipUAC = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B1B1751-5EE4-4497-9E95-782F1E403D1A} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B1B1751-5EE4-4497-9E95-782F1E403D1A} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{5ECA70FD-F1D5-4A2A-B5C9-C610AF0900BC} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ECA70FD-F1D5-4A2A-B5C9-C610AF0900BC} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E2F2EE0-A52E-40A6-93A7-E5F9743D089A} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E2F2EE0-A52E-40A6-93A7-E5F9743D089A} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{E9F226FF-9B3B-4148-8811-C9DE1CCAD794} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E9F226FF-9B3B-4148-8811-C9DE1CCAD794} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93BEC867-7806-48C5-BEEC-326E68D6A9A8} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93BEC867-7806-48C5-BEEC-326E68D6A9A8} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{B1D11523-2104-438F-855B-E297CDB6C66E} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B1D11523-2104-438F-855B-E297CDB6C66E} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC2B0678-72C4-437E-A73B-32E70D2A348D} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC2B0678-72C4-437E-A73B-32E70D2A348D} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{A9FA6DBB-C83D-430B-AFCA-5B48FF9BFDD5} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A9FA6DBB-C83D-430B-AFCA-5B48FF9BFDD5} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE22D857-C752-4EE6-97ED-F5311EAC9045} " = & gt; pomyślnie usunięto
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE22D857-C752-4EE6-97ED-F5311EAC9045} " = & gt; pomyślnie usunięto
C:\Windows\System32\Tasks\{17888C49-4DC8-4693-B779-4CAA203E55A4} = & gt; pomyślnie przeniesiono
" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17888C49-4DC8-4693-B779-4CAA203E55A4} " = & gt; pomyślnie usunięto
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\discoverypro@discoverypro.com = & gt; pomyślnie przeniesiono
" C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\discoverypro@discoverypro.com " = & gt; nie znaleziono
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\gmailnoads@mywebber.com.xpi = & gt; pomyślnie przeniesiono
" C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\gmailnoads@mywebber.com.xpi " = & gt; nie znaleziono
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\uriloader@pdf.js.xpi = & gt; pomyślnie przeniesiono
" C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\uriloader@pdf.js.xpi " = & gt; nie znaleziono
C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}.xpi = & gt; pomyślnie przeniesiono
" C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\al2ymgoe.default\Extensions\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}.xpi " = & gt; nie znaleziono
" Chrome Notifications " = & gt; pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll = & gt; pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh = & gt; pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk = & gt; pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki = & gt; pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\catchme = & gt; pomyślnie usunięto
catchme = & gt; serwis pomyślnie usunięto
C:\ProgramData\WinThruster = & gt; pomyślnie przeniesiono
C:\ProgramData\F-Secure = & gt; pomyślnie przeniesiono
C:\Qoobox = & gt; pomyślnie przeniesiono
C:\Users\Ania\Downloads\e-Deklaracje-wtyczka (4).exe = & gt; pomyślnie przeniesiono
C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1030_Full.exe = & gt; pomyślnie przeniesiono
C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1136_Full_www.INSTALKI.pl.exe = & gt; pomyślnie przeniesiono
C:\Users\Ania\Downloads\K-Lite_Codec_Pack_1244_Full.exe = & gt; pomyślnie przeniesiono


System wymagał restartu.

==== Koniec Fixlog 17:25:03 ====