Asi problém s virem update-client a V2

[Terror755]

Nevím jak to zjistit na 100% ale zatím je klid ale asi to mam i v notebooku

[Rudy]

Zopakujte postu i pro NB. Začněte logy FRST+Additin.

[Terror755]

tak mám to z notasu

[Rudy]

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Terror755]

tady se omlouvám že to tak trvá je trochu zabržděný

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Users\oldaz\appdata\roaming\system\update-client.exe
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {2FEA87ED-122F-4EB4-A977-5A4677A32C07} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D08D12AD-A5CE-48F2-B21D-0B050BCDCB82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FFD72202-6D5F-497A-9F00-C77099B15EB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Terror755]

Fix result of Farbar Recovery Scan Tool (x64) Version: 18.02.2019
Ran by oldaz (19-02-2019 08:00:47) Run:1
Running from C:\Users\oldaz\Desktop
Loaded Profiles: oldaz & (Available Profiles: defaultuser0 & oldaz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\oldaz\appdata\roaming\system\update-client.exe
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {2FEA87ED-122F-4EB4-A977-5A4677A32C07} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D08D12AD-A5CE-48F2-B21D-0B050BCDCB82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FFD72202-6D5F-497A-9F00-C77099B15EB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\oldaz\appdata\roaming\system\update-client.exe => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FEA87ED-122F-4EB4-A977-5A4677A32C07}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FEA87ED-122F-4EB4-A977-5A4677A32C07}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D08D12AD-A5CE-48F2-B21D-0B050BCDCB82}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D08D12AD-A5CE-48F2-B21D-0B050BCDCB82}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFD72202-6D5F-497A-9F00-C77099B15EB7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFD72202-6D5F-497A-9F00-C77099B15EB7}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51292982 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 1188533 B
Edge => 14129 B
Chrome => 108787110 B
Firefox => 16309173 B
Opera => 203383007 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
defaultuser0 => 7168 B
oldaz => 21798742 B

RecycleBin => 7316808 B
EmptyTemp: => 401.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:01:53 ====

[Rudy]

OK. Nastala nějaká změna?

[Terror755]

Zatím ne smazal jsem soubory s te slozky System a zatim v pohode dekuji

[Rudy]

Nemáte zač!