Ikona Ten komputer zmienia położenie po odśwież

Dla specjalistów Bezpieczeństwo
#1

Witam. Tak jak w temacie ikona Ten komputer przenosi się na dół czyli lewy dolny róg. Zarówno po włączeniu jak i kliknięciu odśwież. Poproszę o wskazówki co robić, bo wydaje mi się, że to wirus, dlatego umieszczam post w dziale bezpieczeństwo. Pozdrawiam.

#2

Zapodaj logi z FRST i zrób skan MBAM

#3

Frst - Pastebin.com
Addition - Pastebin.com
Possible Spam Detected - Pastebin.com. Shortcut powoduje błąd. Wkleję go oddzielnie.

#4

Rezultat skanowania skrótów użytkowników (x64) Wersja: 04-08-2022
Uruchomiony przez paawe (05-08-2022 16:12:39)
Uruchomiony z C:\Users\paawe\Downloads
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk → C:\Users\paawe\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk → C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk → C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk → C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk → C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk → C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk → C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk → C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk → C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk → C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk → C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\Links\Desktop.lnk → C:\Users\paawe\Desktop ()
Shortcut: C:\Users\paawe\Links\Downloads.lnk → C:\Users\paawe\Downloads ()
Shortcut: C:\Users\paawe\Desktop\BitTorrent.lnk → C:\Users\paawe\AppData\Roaming\bittorrent\BitTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\paawe\Desktop\Programy i funkcje.lnk → System Folder
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk → C:\Users\paawe\AppData\Roaming\bittorrent\BitTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kosz.lnk → [LFx@_dP/N1SPSU(Ly9K-e)::{645FF040-5081-101B-9F08-00AA002F954E}]
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk → C:\Users\paawe\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk → C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk → C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk → C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk → C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk → C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk → C:\Windows\explorer.exe,-30
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk → C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk → C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk → C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk → C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK → C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk → C:\Users\paawe\AppData\Roaming\bittorrent\BitTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk → C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Metro Exodus.lnk → D:\Gry\Metro Exodus\MetroExodus.exe (4A Games)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk → C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\IObit Uninstall Tool (3).lnk → C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (Brak pliku)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk → C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk → C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk → C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk → C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk → C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk → C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\Metro Exodus.lnk → D:\Gry\Metro Exodus\MetroExodus.exe (4A Games)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk → C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\paawe\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\paawe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk → C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) → --profile-directory=Default
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk → C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) → page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\paawe\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

InternetURL: C:\Users\paawe\Favorites\Bing.url → URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142

==================== Koniec Shortcut.txt =============================

#5

Miałem problem z Defenderem i zresetowałem komputer do ustawień fabrycznych. Teraz nie wiem czy te logi są aktualne, wolałem napisać Pozdrawiam

#6

Nie wiem jakie masz ustawienia na pulpicie?
Te same?

Desktop 2022-08-05 232827
Desktop 2022-08-05 232827765×520 441 KB

Nie są aktualne.

#7

Teraz na tym laptopie jest windows 11 na razie jest wszystko w porządku, także przepraszam, że zająłem czas, ale było to denerwujące. Chciałbym jeszcze powiedzieć, że MBAM znalazł cztery wirusy. Na razie zamykam temat jako rozwiązany. Zanim się pożegnamy w tym wątku, to proszę o podanie strony do wklejania logów, dwa mi się udało a trzeci traktuje jako spam, nie wiem czemu. Chciałbym nie zaśmiecać wątku długimi logami. Pozdrawiam.

#8

Pastebin lub wklejto

#9

Wklejto padło i nagle otwiera puste „dzialkujepl”.

Nie wiem czemu nie wrzucacie plików przyciskiem: obraz

Jak WP uzna załączniki za problem to napisze by Radek i FadeMind ich nie odblokowali pod groźbą reżimu…

#10

Tu pliki nie są blokowane, prawdopodobnie problem pojawił się na pastebin.

Więc wklejaj je tu, ale jako pliki, a nie w treść postu. Tak jak napisał krystian3w.

#11

Teraz będę używał przycisku strzałki, chyba najszybciej bez zbędnego wklejania linków. Dziękuję za poradę i pomoc. Pozdrawiam.