Jump to content

_A00

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. # Run at 31.03.2022 11:37:41 # KpRm (Kernel-panik) version 2.9.3 # Website https://kernel-panik.me/tool/kprm/ # Run by patry from C:\Users\patry\Downloads # Computer Name: DESKTOP-R6LRBVL # OS: Windows 10 X64 (22000) # Number of passes: 1 - Checked options - ~ Registry Backup ~ Delete Tools ~ Restore System Settings ~ UAC Restore ~ Delete Restore Points ~ Create Restore Point ~ Delete Quarantines - Create Registry Backup - ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up ~ [OK] Hive C:\Users\patry\NTUSER.dat backed up [OK] Registry Backup: C:\KPRM\backup\2022-03-31-11-37-41 - Delete Tools - ## AdwCleaner [OK] C:\Users\patry\Downloads\adwcleaner_8.3.1.exe deleted [OK] C:\AdwCleaner deleted ## FRST [OK] C:\Users\patry\Downloads\Addition.txt deleted [OK] C:\Users\patry\Downloads\FRST.txt deleted [OK] C:\Users\patry\Downloads\FRSTEnglish.exe deleted [OK] C:\FRST deleted - Restore System Settings - [OK] Reset WinSock [OK] FLUSHDNS [OK] Hide Hidden file. [OK] Show Extensions for known file types [OK] Hide protected operating system files - Restore UAC - [OK] Set EnableLUA with default (1) value [OK] Set ConsentPromptBehaviorAdmin with default (5) value [OK] Set ConsentPromptBehaviorUser with default (3) value [OK] Set EnableInstallerDetection with default (0) value [OK] Set EnableSecureUIAPaths with default (1) value [OK] Set EnableUIADesktopToggle with default (0) value [OK] Set EnableVirtualization with default (1) value [OK] Set FilterAdministratorToken with default (0) value [OK] Set PromptOnSecureDesktop with default (1) value [OK] Set ValidateAdminCodeSignatures with default (0) value - Clear Restore Points - ~ [OK] RP named Zainstalowano: Microsoft Visual C++ 2005 Redistributable created at 03/26/2022 10:38:31 deleted ~ [OK] RP named Instalator modułów systemu Windows created at 03/30/2022 17:50:58 deleted [OK] All system restore points have been successfully deleted - Create Restore Point - [OK] System Restore Point created - Display System Restore Point - ~ RP named KpRm created at 03/31/2022 09:37:48 -- KPRM finished in 13.77s -- Thank you for your time.
  2. --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.361, (build 1.361.1015.0) Started On Wed Mar 30 23:51:31 2022 Engine: 1.1.19100.5 Signatures: 1.361.1015.0 MpGear: 1.1.16330.1 Run Mode: Interactive Graphical Mode Quick Scan Results: ------------------- Threat Detected: VirTool:Win32/DefenderTamperingRestore and Removed! Action: Remove, Result: 0x00000000 regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware SigSeq: 0x0000055555C57273 Results Summary: ---------------- Found VirTool:Win32/DefenderTamperingRestore and Removed! Successfully Submitted MAPS Report Successfully Submitted Heartbeat Report Microsoft Safety Scanner Finished On Wed Mar 30 23:53:25 2022 Return code: 6 (0x6) --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.361, (build 1.361.1015.0) Started On Wed Mar 30 23:53:28 2022 Engine: 1.1.19100.5 Signatures: 1.361.1015.0 MpGear: 1.1.16330.1 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Successfully Submitted MAPS Report Successfully Submitted Heartbeat Report Microsoft Safety Scanner Finished On Thu Mar 31 00:29:03 2022 Return code: 0 (0x0)
  3. Currently, the computer work correct. Malwarebytes does not display a problem detected message. Can you tell the computer is safe?
  4. SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 30.03.2022 22:14:06 Path starting: C:\Users\patry\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: patry VersionXML: 9.65is-29.03.2022 ___________________________________________________________________________ Windows 11(6.3.22000) (x64) Professional Release: 21H2 Lang: Polish(0415) Installation date OS: 10.02.2022 17:26:54 LicenseStatus: Windows(R), Professional edition The machine is permanently activated. Boot Mode: Normal Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe SystemDrive: C: FS: [NTFS] Capacity: [476.2 Gb] Used: [82.2 Gb] Free: [394 Gb] ------------------------------- [ Windows ] ------------------------------- User Account Control enabled (Level 3) Centrum zabezpieczeń (wscsvc) - The service is running Rejestr zdalny (RemoteRegistry) - The service has stopped Odnajdywanie SSDP (SSDPSRV) - The service has stopped Usługi pulpitu zdalnego (TermService) - The service has stopped Zdalne zarządzanie systemem Windows (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (disabled and up to date) Malwarebytes (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Zapora Windows Defender (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.7.186 v.4.5.7.186 [+] --------------------------- [ OtherUtilities ] ---------------------------- Steam v.2.10.91.91 Epic Games Launcher v.1.3.0.0 ------------------------------ [ ArchAndFM ] ------------------------------ WinRAR 6.10 (64-bitowy) v.6.10.0 Warning! Download Update ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox (x64 pl) v.97.0.1 Warning! Download Update Google Chrome v.100.0.4896.60 [+] Microsoft Edge v.99.0.1150.55 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe v.4.0.0.1290 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1290 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1051 Usługa Program antywirusowy Microsoft Defender (WinDefend) - The service has stopped Usługa inspekcji sieci Programu antywirusowego Microsoft Defender (WdNisSvc) - The service has stopped ----------------------------- [ End of Log ] ------------------------------
  5. mbst-grab-results.zip I'm sending the required file
  6. Hello while surfing the internet. I received a notification regarding the detection of an exploit. I am asking for help in getting rid of the threat Malwarebytes www.malwarebytes.com -Szczegóły raportu- Data zdarzenia ochrony: 30.03.2022 Czas zdarzenia ochrony: 19:44 Plik raportu: 15479e4c-b051-11ec-9cf3-0c9d9284f00c.json -Informacje o oprogramowaniu- Wersja: 4.5.6.180 Wersja komponentów: 1.0.1634 Aktualna wersja pakietu: 1.0.53052 Licencja: Premium -Informacje o systemie- System operacyjny: Windows 11 (Build 22000.556) Procesor: x64 System plików: NTFS Użytkownik: System -Eksportuj szczegóły- Plik: 0 (Nie wykryto zagrożeń) Zagrożenie wykorzystujące lukę w oprogramowaniu: 1 Malware.Exploit.Agent.Generic, explorer.exe, Zablokowano, 0, 392684, 0.0.0, , -Dane zagrożenia wykorzystującego lukę w oprogramowaniu- Powiązana aplikacja: Windows Control Panel Warstwa ochrony: Application Behavior Protection Technika ochrony: Exploit Office WMI abuse blocked Nazwa pliku: explorer.exe Adres URL: (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.