Padání Windows Exploreru + WMP

[hoskinson]

Zdravím,

po mém laickém zkoumání se můj problém uvedený v předmětu pravděpodobně netýká zavirování ale chybné knihovny "ntdll.dll" ale i tak prosím o kontrolu logu.Je možné že ji narušil vir.Knihovnu (ntdll.dll verze: 10.0.10586.306)jsem se pokusil vyměnit za jinou ale na netu jsem naše pouze knihovnu s jiným posledním trojčíslím a nepomohlo to.Windows Explorer padá nejrychleji ve složkách s audio soubory (které zmizely),WMP padá ihned.

Díky za pomoc....

..moje logy mají příliš mnoho znaků - přikládám soubory...

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[hoskinson]

...tuto utilitu už používám řadu měsíců ale v posledních týdnech mi při pokusu o čištění zablokuje PC (musím natvrdo restartovat).Teď se to stalo taky,takže jsem preventivně uložil log který je ještě před čištěním-v příloze

[Rudy]

Neklikl jste na mazání, ADW nemazal. Zkuste ještě jednou.

[hoskinson]

..jak jsem psal v minulé odpovědi,mazal jsem až po logu - a tím si vždy si zablokuji PC...takže log po čištění nevznikne...

[Rudy]

Njn, to je ale k ničemu. My to potřebujeme především vyčistit. Udělejte tedy kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[hoskinson]

...log v příloze...

[Rudy]

Smažte všechny nálezy MBAM, restartujte a dejte nový log FRST.

[hoskinson]

...logy...

[hoskinson]

...další...

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> {7F8F5F55-8845-4FAD-B307-B7AC5D6B8373} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> No Name - {2C4F22C7-0CB9-4CBD-B405-2C8D953361F1} - No File
Toolbar: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
R1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S1 asgeksda; \??\C:\WINDOWS\system32\drivers\asgeksda.sys [X]
C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\greenhorn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\ChromeHTML: -> <==== ATTENTION
Task: {213F253A-693B-4831-AC45-E5D0F4E976C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {488DBA8F-1E8C-40D9-936A-DF541A22DF67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4A26DBEA-93A6-4B3A-881B-FF239556B915} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4AF2C86F-337A-4814-AF26-A5214CFEB5F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4B5349A8-B248-44B5-9213-07C6D2559C28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4FF824C4-3FDB-4D1A-86F1-ED31B0DB4E1C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5D72A228-0F08-4730-B15C-77475C9A6104} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {65F00D0F-4D09-4065-88DD-D450AD7E2363} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73B83335-6B8E-406D-8BA4-875278C4C5AA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {83A35758-9D37-4552-90A5-44D7B127F295} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A4F3349E-75F2-4631-82CF-659C80E48A9B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B6E8F704-F66B-4DB3-AE2C-76114A606C9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B7846577-7C74-4C02-901F-A3C7F66BB1AC} - System32\Tasks\{2D0C8188-21D5-4BBB-9204-BB34BFDEA392} => pcalua.exe -a "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.dat" -a uninstallme FFCF2174-491F-4010-BD70-9A2ADDAC183D
Task: {B990CD8D-1835-45E2-948D-BC5EBC136C10} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0888F409 [236]
AlternateDataStreams: C:\ProgramData\Temp:66633281 [246]
AlternateDataStreams: C:\ProgramData\Temp:B1CD2545 [236]
AlternateDataStreams: C:\ProgramData\Temp:EEDA5B17 [121]

EmptyTemp:
ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat AdvancedSystem care. Tento optimizer vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.

Z logu:

Velikost slozky "C:\Users\greenhorn\Desktop" je 2635 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\greenhorn novou složku, do níž přesuňte všechna data z plochy. Na plochu si pak dejte zástupce té složky pro snazší přístup.

[hoskinson]

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-01-2017
Ran by greenhorn (13-01-2017 19:42:22) Run:1
Running from C:\Users\greenhorn\Desktop
Loaded Profiles: UpdatusUser & greenhorn (Available Profiles: UpdatusUser & greenhorn)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> {7F8F5F55-8845-4FAD-B307-B7AC5D6B8373} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> No Name - {2C4F22C7-0CB9-4CBD-B405-2C8D953361F1} - No File
Toolbar: HKU\S-1-5-21-2946792676-692352388-3923824208-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
R1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S1 asgeksda; \??\C:\WINDOWS\system32\drivers\asgeksda.sys [X]
C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\greenhorn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\ChromeHTML: -> <==== ATTENTION
Task: {213F253A-693B-4831-AC45-E5D0F4E976C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {488DBA8F-1E8C-40D9-936A-DF541A22DF67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4A26DBEA-93A6-4B3A-881B-FF239556B915} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4AF2C86F-337A-4814-AF26-A5214CFEB5F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4B5349A8-B248-44B5-9213-07C6D2559C28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4FF824C4-3FDB-4D1A-86F1-ED31B0DB4E1C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5D72A228-0F08-4730-B15C-77475C9A6104} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {65F00D0F-4D09-4065-88DD-D450AD7E2363} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73B83335-6B8E-406D-8BA4-875278C4C5AA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {83A35758-9D37-4552-90A5-44D7B127F295} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A4F3349E-75F2-4631-82CF-659C80E48A9B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B6E8F704-F66B-4DB3-AE2C-76114A606C9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B7846577-7C74-4C02-901F-A3C7F66BB1AC} - System32\Tasks\{2D0C8188-21D5-4BBB-9204-BB34BFDEA392} => pcalua.exe -a "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.dat" -a uninstallme FFCF2174-491F-4010-BD70-9A2ADDAC183D
Task: {B990CD8D-1835-45E2-948D-BC5EBC136C10} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0888F409 [236]
AlternateDataStreams: C:\ProgramData\Temp:66633281 [246]
AlternateDataStreams: C:\ProgramData\Temp:B1CD2545 [236]
AlternateDataStreams: C:\ProgramData\Temp:EEDA5B17 [121]

EmptyTemp:
ResetHosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj2 => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShareOverlay => key removed successfully
HKCR\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516} => key not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F8F5F55-8845-4FAD-B307-B7AC5D6B8373} => key removed successfully
HKCR\CLSID\{7F8F5F55-8845-4FAD-B307-B7AC5D6B8373} => key not found.
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C4F22C7-0CB9-4CBD-B405-2C8D953361F1} => value removed successfully
HKCR\CLSID\{2C4F22C7-0CB9-4CBD-B405-2C8D953361F1} => key not found.
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
UCGuard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\UCGuard => key removed successfully
UCGuard => service removed successfully
HKLM\System\CurrentControlSet\Services\asgeksda => key removed successfully
asgeksda => service removed successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\Users\greenhorn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKU\S-1-5-21-2946792676-692352388-3923824208-1002_Classes\ChromeHTML => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{213F253A-693B-4831-AC45-E5D0F4E976C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{213F253A-693B-4831-AC45-E5D0F4E976C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{488DBA8F-1E8C-40D9-936A-DF541A22DF67} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{488DBA8F-1E8C-40D9-936A-DF541A22DF67} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A26DBEA-93A6-4B3A-881B-FF239556B915} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A26DBEA-93A6-4B3A-881B-FF239556B915} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AF2C86F-337A-4814-AF26-A5214CFEB5F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AF2C86F-337A-4814-AF26-A5214CFEB5F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B5349A8-B248-44B5-9213-07C6D2559C28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B5349A8-B248-44B5-9213-07C6D2559C28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FF824C4-3FDB-4D1A-86F1-ED31B0DB4E1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FF824C4-3FDB-4D1A-86F1-ED31B0DB4E1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D72A228-0F08-4730-B15C-77475C9A6104} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D72A228-0F08-4730-B15C-77475C9A6104} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65F00D0F-4D09-4065-88DD-D450AD7E2363} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65F00D0F-4D09-4065-88DD-D450AD7E2363} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73B83335-6B8E-406D-8BA4-875278C4C5AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73B83335-6B8E-406D-8BA4-875278C4C5AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83A35758-9D37-4552-90A5-44D7B127F295} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83A35758-9D37-4552-90A5-44D7B127F295} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4F3349E-75F2-4631-82CF-659C80E48A9B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4F3349E-75F2-4631-82CF-659C80E48A9B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E8F704-F66B-4DB3-AE2C-76114A606C9D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E8F704-F66B-4DB3-AE2C-76114A606C9D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7846577-7C74-4C02-901F-A3C7F66BB1AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7846577-7C74-4C02-901F-A3C7F66BB1AC} => key removed successfully
C:\WINDOWS\System32\Tasks\{2D0C8188-21D5-4BBB-9204-BB34BFDEA392} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D0C8188-21D5-4BBB-9204-BB34BFDEA392} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B990CD8D-1835-45E2-948D-BC5EBC136C10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B990CD8D-1835-45E2-948D-BC5EBC136C10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Temp => ":0888F409" ADS removed successfully.
C:\ProgramData\Temp => ":66633281" ADS removed successfully.
C:\ProgramData\Temp => ":B1CD2545" ADS removed successfully.
C:\ProgramData\Temp => ":EEDA5B17" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 50254 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12694384 B
Java, Flash, Steam htmlcache => 959 B
Windows/system/drivers => 3418303 B
Edge => 500 B
Chrome => 0 B
Firefox => 0 B
Opera => 961536 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1689588 B
UpdatusUser => 0 B
greenhorn => 36656154 B

RecycleBin => 1746242227 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:42:41 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[hoskinson]

Explorer stále padá...ale je mi divné,že jste na ploše našel 2,6GB,nikdy tam skoro nic nemám a teď po vymazání logů je tam jen 2,4 MB.

[Rudy]

Explorer stále padá...ale je mi divné,že jste na ploše našel 2,6GB,nikdy tam skoro nic nemám a teď po vymazání logů je tam jen 2,4 MB.

To vypsal log a vím, že to tak opravdu je. Tohle ale nemá nic společného s malware, je to jen upozornění, že by tento stav mohl dělat problémy. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.