vyskakuje mi po spustění tato hlaska

[Conder]

Ahoj

Ta hlaska sa ukaze len po zapnuti PC?

Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Conder]

Poznas nejaky software BizTacks alebo instaloval si nieco take?

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Users\Zdeněk\AppData\Roaming\inst.exe
  File: C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
  Folder: C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
  Folder: C:\Program Files (x86)\foldershare
  Folder: C:\Program Files\BizTacks
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foldershare
  CMD: file "C:\duster.cmd"
  Zip:  C:\WINDOWS\Minidump
  
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [m5-An5bgbs.exe] => C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe 
  ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -> No File
  GroupPolicy: Restriction - Chrome <==== ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  SearchScopes: HKLM -> DefaultScope {4CC999B8-366A-4E5E-97D9-2A8BCB5072CD} URL = 
  BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL => No File
  Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
  Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
  Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
  Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
  FF NewTabOverride: Mozilla\Firefox\Profiles\m25rssgu.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
  FF Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-26]
  FF Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-06-26]
  FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
  FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\sko-extension@firma.seznam.cz [not found]
  FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
  FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
  FF Plugin HKU\S-1-5-21-2861560486-2024932042-3958806256-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zdeněk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
  CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
  2018-07-05 12:22 - 2018-07-05 12:22 - 000003534 _____ C:\WINDOWS\System32\Tasks\AutoKMS
  2018-07-05 12:22 - 2018-07-05 12:22 - 000000000 ____D C:\WINDOWS\AutoKMS
  2018-07-03 20:04 - 2018-07-03 20:04 - 000000000 ____D C:\Program Files (x86)\trend micro
  2018-07-02 21:54 - 2018-07-02 23:04 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
  2018-07-02 21:54 - 2018-07-02 21:54 - 000016788 _____ C:\WINDOWS\System32\Tasks\BizTacks
  2018-07-02 21:46 - 2018-07-02 22:55 - 000000000 ____D C:\ProgramData\KMSAutoS
  2018-07-05 08:02 - 2015-09-07 15:53 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Seznam.cz
  2018-07-03 21:19 - 2017-03-12 11:06 - 000000917 _____ C:\DelFix.txt
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000171 _____ () C:\Users\Zdeněk\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000304 _____ () C:\Users\Zdeněk\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000175 _____ () C:\Users\Zdeněk\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
  
  Avira Connect (HKLM-x32\...\{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
  ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll -> No File
  ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} =>  -> No File
  ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} =>  -> No File
  ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} =>  -> No File
  ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  Task: {0617948D-48FA-48D0-B333-F7BBD81D2E58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {0C0BF126-F23A-41EE-948D-E9B20F65D6F8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2018-07-05] ()
  Task: {17190C90-7938-4AD8-8299-64004C9111C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {1C423A01-32A2-447E-B408-2A391164A221} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {510D74F9-E063-4C85-809B-A63B2913B827} - System32\Tasks\SafeZone scheduled Autoupdate 1450281883 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
  Task: {59B84636-5E5D-441E-9939-6D7A9BA6C923} - \tYTxWQNiqUDrpykdz2 -> No File <==== ATTENTION
  Task: {61028B6B-1C15-4CD7-8A19-C2D3E298F4A3} - \KMSAutoNet -> No File <==== ATTENTION
  Task: {86DED35C-98DA-48CF-8438-6182A83C4288} - System32\Tasks\Důkladné čištění OS => C:\duster.cmd 
  Task: {8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
  Task: {961B3E76-8384-4B47-80F4-1112B93BBA6C} - \gsoWYTWjTmmaYK -> No File <==== ATTENTION
  Task: {9653C969-F8FC-474A-944E-D5C4236BBC78} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ATTENTION
  Task: {96CEBD5D-6229-43E3-B06D-3D4AF63AC555} - \BIfzZGXRZsAHHjNDWab2 -> No File <==== ATTENTION
  Task: {9C5D731E-446C-428E-89E6-79A94928CB44} - \XQfFOORvlssePLX2 -> No File <==== ATTENTION
  Task: {B4745E1D-FE29-4593-8643-DDD4605D8654} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {B5B60D63-D7D7-432B-AF8C-572F856BD289} - System32\Tasks\BizTacks => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX <==== ATTENTION
  Task: {C1B23DB4-349D-489D-B980-03091303E4C9} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
  Task: {D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {D83389DB-06C2-4507-A31C-0713D532D9B6} - \WPD\SqmUpload_S-1-5-21-2861560486-2024932042-3958806256-1001 -> No File <==== ATTENTION
  Task: {FEFFFC03-48A0-48A5-A94F-0773808EABF7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
  AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [301]
  HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
  
  C:\Program Files\BizTacks
  C:\Program Files (x86)\Seznam.cz
  C:\duster.cmd
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Conder]

V Google Chrome odinstaluj rozsirenia "Adblocker pro Youtube" a "Adblocker for Youtube" (su to nejake pofiderne rozsirenia, pravdepodobne adware, ak chces nejaky blokovac reklam, odporucam uBlock Origin alebo Adblock Plus).

Nastala nejaka zmena? Ta hlaska este vyskakuje?

V PC su zbytky po viacerych antivirusoch: Avast, Avira, Kaspersky, Bitdefender, EnigmaSoft, GridinSoft. Vsetky tieto si odinstaloval? Planujes nainstalovat nejaky antivirus alebo ti staci Windows Defender?

Odinstaluj tieto programy:

• Avira Connect
• foldershare
• Google Toolbar for Internet Explorer
• GridinSoft Anti-Malware

[Conder]

Stlac win+r -> napis "appwiz.cpl" -> enter a pokus sa tie 2 programy odinstalovat tu. Malo by to iba vyhodit chybovu hlasku, klikni na Ano a malo by to zmiznut zo zoznamu.

Ako sa vola ten program z ktoreho si poslal screen? Nastav to v nom, aby sa to spustalo po starte.

Planujes doinstalovat do PC nejaky antivirus alebo ti postaci Windows Defender?

Hitman Pro mozes tiez odinstalovat.

Nasledne vytvor a posli nove FRST logy.

[Conder]

Co sa tyka tych antivirusov, ja osobne si myslim, ze na Win10 postaci aj predinstalovany Windows Defender, ak si clovek dava pozor kam klika, co stahuje a instaluje. Alebo pozri tieto odporucania.

v Chrome su stale nainstalovane tie rozsirenia "Adblocker for Youtube" a "Adblocker for Youtube". Odinstaloval si ich? Vpravo hore otvor menu (3 bodky) -> Dalsie nastroje -> Rozsirenia -> Odstranit (Odebrat).

Co sa tyka uBlock Origin, treba nainstalovat toto: https://chrome.google.com/webstore/deta ... phjbkeiagm.

Poprosim este log Addition.txt

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\Users\Zdeněk\AppData\Local\installer.dat
  File: C:\Users\Zdeněk\AppData\Local\installer.dat
  File: C:\WINDOWS\system32\epmntdrv.sys
  File: C:\WINDOWS\SysWOW64\epmntdrv.sys
  File: C:\WINDOWS\system32\EuGdiDrv.sys
  File: C:\WINDOWS\SysWOW64\EuGdiDrv.sys
  CMD: type "C:\FRST\Quarantine\C\duster.cmd.xbad"
  CMD: type "C:\Users\Zdeněk\AppData\Local\uts.ini"
  
  HKLM\...\Run: [rundll32] => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX
  OPR Extension: (Adblocker for Youtube™) - C:\Users\Zdeněk\AppData\Roaming\Opera Software\Opera Stable\Extensions\bgafbmpmdmlbbpbaipgpbkdlfgnepgao [2018-07-02]
  2018-03-22 16:09 - 2018-03-22 16:09 - 000099384 _____ () C:\Users\Zdeněk\AppData\Roaming\inst.exe
  2018-03-22 16:09 - 2018-03-22 16:09 - 000007859 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.cat
  2018-03-22 16:09 - 2018-03-22 16:09 - 000001167 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.inf
  2018-03-22 16:09 - 2018-03-22 16:09 - 000000055 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.log
  2018-03-22 16:09 - 2018-03-22 16:09 - 000082816 _____ (VSO Software) C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
  2018-07-02 21:53 - 2018-07-02 21:53 - 000140800 _____ () C:\Users\Zdeněk\AppData\Local\installer.dat
  2016-11-16 21:56 - 2016-11-16 21:56 - 000000001 _____ () C:\Users\Zdeněk\AppData\Local\llftool.4.40.agreement
  Task: {E67AC00C-4ED3-4655-8EB3-E0C7F3B02455} - System32\Tasks\čistění os => C:\dusting.cmd 
  AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
  C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coiagddgpmoccinljjidkpgonimejcnk
  C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coiagddgpmoccinljjidkpgonimejcnk
  C:\Program Files (x86)\foldershare
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Conder]

Ano, v poslednom kroku sme odstranili zaznam z registrov, takze Windows sa uz nesnazi spustit neexistujuci subor

Este mozeme precistit PC od zbytkov po predchadzajucich antivirusoch - pouzi vsetky odinstalatory jednotlivych antivirusov:

• Kaspersky: http://media.kaspersky.com/utilities/Co ... vremvr.exe
• Avast: https://files.avast.com/iavs9x/avastclear.exe
• Avira: http://install.avira-update.com/package ... ner_en.exe
• Bitdefender: https://www.bitdefender.com/files/Knowl ... llTool.exe

Napis ci vsetko prebehlo OK. Nasledne mozes nainstalovat antivirus podla tvojich preferencii alebo nechat len WinDefender

[Conder]

Nie je zaco

Poprosim este raz o nove logy z FRST (obidva - FRST.txt aj Addition.txt), ci tam este nieco neostalo. Mozes ich zabalit do RAR / ZIP archivu a poslat ako prilohu.

[Conder]

Su tam stale zbytky po Kaspersky, odporucam tento postup:

• Stiahni este raz Kaspersky Remover: http://media.kaspersky.com/utilities/Co ... vremvr.exe
• Spusti ako spravca a potvrd licencne podmienky (Accept)
• V pripade, ze program vypise "The following products were detected":
  • Opis overovaci kod, klikni na Remove a pockaj na dokoncenie
  • Nasledne znovu spusti program znovu a postup opakuj az dokym program nevypise "Product was not detected"
  • Potom uz iba restartuj PC
• V pripade, ze program na zaciatku vypise "Product was not detected":
  • Opis overovaci kod
  • Vyber v zozname moznost "Kaspersky Free/Kaspersky Anti-Virus/Internet Security/Kaspersky Total Security 2018"
  • Klikni na Remove a pockaj na dokoncenie
  • Nasledne spusti program spusti este raz a tentokrat vyber moznost "Kaspersky Secure Connection"
  • Na zaver restartuj PC

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
  S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
  R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [421200 2016-06-20] (AO Kaspersky Lab)
  S0 b06bdrv; System32\drivers\bxvbda.sys [X]
  2018-07-06 00:02 - 2018-07-06 00:02 - 000000000 ___HD C:\kleaner.tmp
  2018-07-06 00:02 - 2016-12-06 22:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab
  2018-07-05 22:36 - 2017-10-26 17:19 - 000000000 ____D C:\Program Files\HitmanPro
  C:\Program Files (x86)\Kaspersky Lab
  C:\Program Files (x86)\Wondershare
  C:\Program Files (x86)\Common Files\Wondershare
  C:\ProgramData\Wondershare
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
  C:\Users\Zdeněk\AppData\Local\Wondershare
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Conder]

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Skontroluj velkost plochy (C:\Users\Zdeněk\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

[Conder]

OK, tak to by bolo asi vsetko, ak uz nie su ziadne problemy s PC.

[Conder]

Nie je zaco, rad som pomohol