Hi
first im sory for my bad english.
second i need advice/help
i was attaqued / victime of ransomware .isza in between 24 and 28 december 2022 (maybe).
i stop virus by windows defender + voodoo + bitdefender
i did not succeed torecover data by recuva or aomei or shadow explorer ...
i had some probelem with "griding system utilities + and other cleeners" they broke my windows 11
so i erase every thing in C
i scan and rescan with a lot of software and also with commande "run / commande administrator : sf /scannow ..." no think
al is clean
but
voodoo show me a commande ines ; it seems like in the past in 28 december !
its software /false positive or other things ?
the commande line is like this :
" rundll32.exe "c:\windows\installer\msi33b2.tmp",zzzzinvokemanagedcustomactionoutofproc sfxca_107427031 2217 setupconfigcustomaction!squirrel.setupconfigcustomaction.settingscustomactions.removeregkeyfrompreviousinstall"
and there is aslo another commande klines may be from "kms" crak of office i try to erase it before and using "libre office" but the commande is here ?
"xcopy /s /h kms_suite 21967 "
also commande to system shell !
"c:\windows\sysnative\windowspowershell\v1.0\powershell.exe -command "& {1...10 |chcp 65001|get-startapps| where appid -like "*!*" |format-list|out-file -encoding utf8 $env:temp\startapps.txt}"
is it commande ligne false positive or virus or ransomeware ???
some software i use now sare giveaway or free limited like :
bitdefender giveaway 6 month
voodooshield free
steganos vpn give away
comodo free
windscribe giveaway limited
allavsoft (this programme try to connect to the net and firewall think its problem)
-----------------------------------------------------
can i clear the commande lines ?
------------------------------------------------------
first im sory for my bad english.
second i need advice/help
i was attaqued / victime of ransomware .isza in between 24 and 28 december 2022 (maybe).
i stop virus by windows defender + voodoo + bitdefender
i did not succeed torecover data by recuva or aomei or shadow explorer ...
i had some probelem with "griding system utilities + and other cleeners" they broke my windows 11
so i erase every thing in C
i scan and rescan with a lot of software and also with commande "run / commande administrator : sf /scannow ..." no think
al is clean
but
voodoo show me a commande ines ; it seems like in the past in 28 december !
its software /false positive or other things ?
the commande line is like this :
" rundll32.exe "c:\windows\installer\msi33b2.tmp",zzzzinvokemanagedcustomactionoutofproc sfxca_107427031 2217 setupconfigcustomaction!squirrel.setupconfigcustomaction.settingscustomactions.removeregkeyfrompreviousinstall"
and there is aslo another commande klines may be from "kms" crak of office i try to erase it before and using "libre office" but the commande is here ?
"xcopy /s /h kms_suite 21967 "
also commande to system shell !
"c:\windows\sysnative\windowspowershell\v1.0\powershell.exe -command "& {1...10 |chcp 65001|get-startapps| where appid -like "*!*" |format-list|out-file -encoding utf8 $env:temp\startapps.txt}"
is it commande ligne false positive or virus or ransomeware ???
some software i use now sare giveaway or free limited like :
bitdefender giveaway 6 month
voodooshield free
steganos vpn give away
comodo free
windscribe giveaway limited
allavsoft (this programme try to connect to the net and firewall think its problem)
-----------------------------------------------------
can i clear the commande lines ?
------------------------------------------------------
