Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 6
- Registrován: 25 črc 2011 20:27
Prosím o kontrolu
Zdravím, prosím o kontrolu popřípadě radu co změnit. PC je trochu zpomalené, hlavně při prohlížení a načítání webu. Logy jsem přiložil. Bohužel se mi sem nevešel, bylo moc znaků. děkuji
- Přílohy
-
- FRST @ ADDITION.rar
- (40 KiB) Staženo 58 x
Re: Prosím o kontrolu
Ahoj
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 6
- Registrován: 25 črc 2011 20:27
Re: Prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-15-2019
# Duration: 00:02:15
# OS: Windows 10 Home
# Cleaned: 111
# Failed: 8
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Martina\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Martina\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\BYTEFENCE
Deleted C:\Windows\System32\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted C:\Windows\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}.job
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE009C9-0689-49A6-BBF1-391FAFAE1AD4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|UninstallString
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\playerunknowns-battlegrounds.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\playerunknowns-battlegrounds.en.softonic.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.LenovoAcceleratorApplication Folder C:\Program Files (x86)\LENOVO\LENOVOPORTAL
Deleted Preinstalled.LenovoAcceleratorApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Martina\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6344FAA8-B41D-4CD7-95E0-A5F9FF2F9BA0}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\Users\Martina\AppData\Local\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Deleted Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Folder C:\Users\Martina\AppData\Local\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
Deleted Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52753916-613B-4455-8022-A146CC17B1F6}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [583575 octets] - [15/11/2019 16:58:33]
AdwCleaner[S00].txt - [18747 octets] - [15/11/2019 17:01:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-15-2019
# Duration: 00:02:15
# OS: Windows 10 Home
# Cleaned: 111
# Failed: 8
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Martina\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Martina\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\BYTEFENCE
Deleted C:\Windows\System32\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted C:\Windows\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}.job
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE009C9-0689-49A6-BBF1-391FAFAE1AD4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|UninstallString
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\playerunknowns-battlegrounds.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\playerunknowns-battlegrounds.en.softonic.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.LenovoAcceleratorApplication Folder C:\Program Files (x86)\LENOVO\LENOVOPORTAL
Deleted Preinstalled.LenovoAcceleratorApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Martina\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6344FAA8-B41D-4CD7-95E0-A5F9FF2F9BA0}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\Users\Martina\AppData\Local\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Deleted Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Folder C:\Users\Martina\AppData\Local\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
Deleted Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52753916-613B-4455-8022-A146CC17B1F6}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [583575 octets] - [15/11/2019 16:58:33]
AdwCleaner[S00].txt - [18747 octets] - [15/11/2019 17:01:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Prosím o kontrolu
Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 6
- Registrován: 25 črc 2011 20:27
Re: Prosím o kontrolu
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum CMD: type "C:\Users\Martina\AppData\Roaming\WB.CFG" Task: {10052ADC-2A7D-4FB3-8E96-AC6D070AECFD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {3E508A05-7F5D-4961-B126-18782C4C418E} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {51199476-BD91-421B-BB35-CE56CBB28E51} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION Task: {61AB3B1E-24A7-4E4B-87B8-F7F3EC89D3BA} - \Lenovo\ImController\TimeBasedEvents\b81433ec-6f44-4f74-b3d5-9e83ebebaa52 -> No File <==== ATTENTION Task: {7E73EFAC-0FEF-401F-B66A-D89CFFD5D899} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION Task: {7F5CC40C-DC7A-46EC-A3C3-DB5DE72A48E6} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION Task: {9C454C84-BA88-4667-9E06-01CD405D3BCC} - \Lenovo\ImController\TimeBasedEvents\cbfda1d6-6d9a-4768-861b-deda0ce28ad5 -> No File <==== ATTENTION Task: {F0B9BE25-1053-45A8-9C7A-6FEFEC67BB03} - \Lenovo\ImController\TimeBasedEvents\00f90f24-89b9-4280-931c-a419bf76d344 -> No File <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKU\S-1-5-21-1331774177-858288628-842161164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1331774177-858288628-842161164-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKLM -> DefaultScope {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> DefaultScope {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [X] S2 FastbootService; "C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe" [X] S2 ImControllerService; "%SystemDrive%\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" [X] S2 LenovoPortalService; "C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe" [X] S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X] 2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Users\Martina\AppData\Roaming\Lavasoft 2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Users\Martina\AppData\Local\Lavasoft 2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft 2019-11-15 17:19 - 2019-09-10 16:30 - 000000000 ____D C:\ProgramData\Lavasoft 2019-03-29 12:31 - 2019-03-29 12:31 - 000000000 _____ () C:\Users\Martina\AppData\Local\{5CC2ADB2-17C2-4965-8B23-FAAF6BE9DD34} CustomCLSID: HKU\S-1-5-21-1331774177-858288628-842161164-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472] DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\friday-the-13th-the-game.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-game.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-patch.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\playerunknowns-battlegrounds.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\friday-the-13th-the-game.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-game.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-patch.en.softonic.com DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\playerunknowns-battlegrounds.en.softonic.com Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!