Stránka 1 z 1
Chrome se samovolně vypíná
Napsal: 07 lis 2022 22:57
od Woytman
Zdravím, v posledních 2 týdnech se mi stále samovolně vypíná Chrome.
Jediné co v událostech najdu ve stejný čas co se vypne chrome je PowerShell 12 záznamů za 20 vteřin. Pár ukázek uvedu níže:
Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ServerRemoteHost
HostVersion=1.0.0.0
HostId=c6411a9a-30ad-46f6-86dd-e7b754ef1bbb
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Version 5.1 -s -NoLogo -NoProfile
EngineVersion=5.1.22000.832
RunspaceId=309fdcb8-3c76-4178-8ce0-411185fea976
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ServerRemoteHost
HostVersion=1.0.0.0
HostId=c6411a9a-30ad-46f6-86dd-e7b754ef1bbb
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Version 5.1 -s -NoLogo -NoProfile
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
PC byl zkontrolován MBAM, AdwCleaner, RogueKiller - bez nálezu.
Chrome byl odinstalován, vyčištěn pomocí Cleanup tool, smazána složka User z AppData/chrome
Deaktivovány všechny rozšíření.
Deaktivovány úlohy v Plánování úloh.
Absolutně bez změny.
Mockrát děkuji.
Re: Chrome se samovolně vypíná
Napsal: 08 lis 2022 07:26
od JaRon
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [RazerAxon] => "C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe" -autorun (No File)
ShortcutTarget: DeepL auto-start.lnk -> (No File)
BootExecute: autocheck autochk * Partizan
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {52510CA0-CD65-48FC-99C5-CF57314CEC65} - \Microsoft\Windows\Management\Provisioning\xiHM0g\046E4CE2-D25A-4B57-A2E2-3AD7D55DFBDB -> No File <==== ATTENTION
Task: {5FDD0220-E4B9-4462-AC20-4D9BDB16070E} - System32\Tasks\Microsoft\Windows\Management\Provisioning\User => powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\WINDOWS\System32\57540306-c3ad-454f-bbe7-1c56160757fe.ps1" <==== ATTENTION
Task: {96BB2A72-BBD3-4A21-B7F2-C23A745E8678} - System32\Tasks\Microsoft\Windows\MUI\LPRemovea93Lqu => powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\WINDOWS\System32\D5910F34-9B2F-4E01-80CF-49460B7AF191.ps1" <==== ATTENTION
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S4 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S4 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2021-04-03] <==== ATTENTION (zero byte File/Folder)
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
FirewallRules: [{395B3311-5A73-4561-9758-481CD398A729}] => (Block) PCBS.exe => No File
EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
Re: Chrome se samovolně vypíná
Napsal: 08 lis 2022 19:43
od Woytman
Ahoj, mockrát děkuji
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-11-2022
Ran by Woytman (08-11-2022 19:20:08) Run:1
Running from C:\Users\Woytman\Desktop
Loaded Profiles: Woytman
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [RazerAxon] => "C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe" -autorun (No File)
ShortcutTarget: DeepL auto-start.lnk -> (No File)
BootExecute: autocheck autochk * Partizan
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {52510CA0-CD65-48FC-99C5-CF57314CEC65} - \Microsoft\Windows\Management\Provisioning\xiHM0g\046E4CE2-D25A-4B57-A2E2-3AD7D55DFBDB -> No File <==== ATTENTION
Task: {5FDD0220-E4B9-4462-AC20-4D9BDB16070E} - System32\Tasks\Microsoft\Windows\Management\Provisioning\User => powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\WINDOWS\System32\57540306-c3ad-454f-bbe7-1c56160757fe.ps1" <==== ATTENTION
Task: {96BB2A72-BBD3-4A21-B7F2-C23A745E8678} - System32\Tasks\Microsoft\Windows\MUI\LPRemovea93Lqu => powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\WINDOWS\System32\D5910F34-9B2F-4E01-80CF-49460B7AF191.ps1" <==== ATTENTION
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S4 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S4 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2021-04-03] <==== ATTENTION (zero byte File/Folder)
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
FirewallRules: [{395B3311-5A73-4561-9758-481CD398A729}] => (Block) PCBS.exe => No File
HOSTS:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\RazerAxon" => not found
"ShortcutTarget: DeepL auto-start.lnk -> (No File)" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => not found
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52510CA0-CD65-48FC-99C5-CF57314CEC65}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\xiHM0g\046E4CE2-D25A-4B57-A2E2-3AD7D55DFBDB" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FDD0220-E4B9-4462-AC20-4D9BDB16070E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Management\Provisioning\User" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\User" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96BB2A72-BBD3-4A21-B7F2-C23A745E8678}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\MUI\LPRemovea93Lqu" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemovea93Lqu" => not found
HKLM\System\CurrentControlSet\Services\Browser => removed successfully
Browser => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz150 => removed successfully
cpuz150 => service removed successfully
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully
Partizan => service removed successfully
HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully
semav6msr64 => service removed successfully
"C:\WINDOWS\SysWOW64\version_IObitDel.dll" => not found
C:\Users\Public\DRM => ":احتضان" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{395B3311-5A73-4561-9758-481CD398A729}" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10742843 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 380491127 B
Windows/system/drivers => 2041978 B
Edge => 0 B
Chrome => 466551548 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 200143 B
LocalService => 200143 B
NetworkService => 202041 B
Woytman => 57666520 B
RecycleBin => 0 B
EmptyTemp: => 876.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:21:22 ====
Re: Chrome se samovolně vypíná
Napsal: 08 lis 2022 20:03
od JaRon
Zmenilo sa nieco ?