VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

vyskakuje mi po spustění tato hlaska

https://forum.viry.cz:443/viewtopic.php?t=154487

Stránka 11

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 04 Črc 2018 16:36
od Conder
Ahoj :)

:arrow: Ta hlaska sa ukaze len po zapnuti PC?

:arrow: Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 14:47
od Conder
:arrow: Poznas nejaky software BizTacks alebo instaloval si nieco take?

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 17:40
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Zdeněk\AppData\Roaming\inst.exe
File: C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
Folder: C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
Folder: C:\Program Files (x86)\foldershare
Folder: C:\Program Files\BizTacks
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foldershare
CMD: file "C:\duster.cmd"
Zip:  C:\WINDOWS\Minidump

HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [m5-An5bgbs.exe] => C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe 
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -> No File
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {4CC999B8-366A-4E5E-97D9-2A8BCB5072CD} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL => No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
FF NewTabOverride: Mozilla\Firefox\Profiles\m25rssgu.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-26]
FF Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-06-26]
FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin HKU\S-1-5-21-2861560486-2024932042-3958806256-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zdeněk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
2018-07-05 12:22 - 2018-07-05 12:22 - 000003534 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-07-05 12:22 - 2018-07-05 12:22 - 000000000 ____D C:\WINDOWS\AutoKMS
2018-07-03 20:04 - 2018-07-03 20:04 - 000000000 ____D C:\Program Files (x86)\trend micro
2018-07-02 21:54 - 2018-07-02 23:04 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
2018-07-02 21:54 - 2018-07-02 21:54 - 000016788 _____ C:\WINDOWS\System32\Tasks\BizTacks
2018-07-02 21:46 - 2018-07-02 22:55 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-07-05 08:02 - 2015-09-07 15:53 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Seznam.cz
2018-07-03 21:19 - 2017-03-12 11:06 - 000000917 _____ C:\DelFix.txt
2018-03-22 22:22 - 2018-03-22 22:22 - 000000171 _____ () C:\Users\Zdeněk\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-03-22 22:22 - 2018-03-22 22:22 - 000000304 _____ () C:\Users\Zdeněk\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-03-22 22:22 - 2018-03-22 22:22 - 000000175 _____ () C:\Users\Zdeněk\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388

Avira Connect (HKLM-x32\...\{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} =>  -> No File
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} =>  -> No File
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} =>  -> No File
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} =>  -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} =>  -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
Task: {0617948D-48FA-48D0-B333-F7BBD81D2E58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0BF126-F23A-41EE-948D-E9B20F65D6F8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2018-07-05] ()
Task: {17190C90-7938-4AD8-8299-64004C9111C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1C423A01-32A2-447E-B408-2A391164A221} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {510D74F9-E063-4C85-809B-A63B2913B827} - System32\Tasks\SafeZone scheduled Autoupdate 1450281883 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {59B84636-5E5D-441E-9939-6D7A9BA6C923} - \tYTxWQNiqUDrpykdz2 -> No File <==== ATTENTION
Task: {61028B6B-1C15-4CD7-8A19-C2D3E298F4A3} - \KMSAutoNet -> No File <==== ATTENTION
Task: {86DED35C-98DA-48CF-8438-6182A83C4288} - System32\Tasks\Důkladné čištění OS => C:\duster.cmd 
Task: {8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
Task: {961B3E76-8384-4B47-80F4-1112B93BBA6C} - \gsoWYTWjTmmaYK -> No File <==== ATTENTION
Task: {9653C969-F8FC-474A-944E-D5C4236BBC78} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ATTENTION
Task: {96CEBD5D-6229-43E3-B06D-3D4AF63AC555} - \BIfzZGXRZsAHHjNDWab2 -> No File <==== ATTENTION
Task: {9C5D731E-446C-428E-89E6-79A94928CB44} - \XQfFOORvlssePLX2 -> No File <==== ATTENTION
Task: {B4745E1D-FE29-4593-8643-DDD4605D8654} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B5B60D63-D7D7-432B-AF8C-572F856BD289} - System32\Tasks\BizTacks => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX <==== ATTENTION
Task: {C1B23DB4-349D-489D-B980-03091303E4C9} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D83389DB-06C2-4507-A31C-0713D532D9B6} - \WPD\SqmUpload_S-1-5-21-2861560486-2024932042-3958806256-1001 -> No File <==== ATTENTION
Task: {FEFFFC03-48A0-48A5-A94F-0773808EABF7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [301]
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"

C:\Program Files\BizTacks
C:\Program Files (x86)\Seznam.cz
C:\duster.cmd

Hosts:
EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 19:18
od Conder
:arrow: V Google Chrome odinstaluj rozsirenia "Adblocker pro Youtube" a "Adblocker for Youtube" (su to nejake pofiderne rozsirenia, pravdepodobne adware, ak chces nejaky blokovac reklam, odporucam uBlock Origin alebo Adblock Plus).

:arrow: Nastala nejaka zmena? Ta hlaska este vyskakuje?

:arrow: V PC su zbytky po viacerych antivirusoch: Avast, Avira, Kaspersky, Bitdefender, EnigmaSoft, GridinSoft. Vsetky tieto si odinstaloval? Planujes nainstalovat nejaky antivirus alebo ti staci Windows Defender?

:arrow: Odinstaluj tieto programy:
  • Avira Connect
  • foldershare
  • Google Toolbar for Internet Explorer
  • GridinSoft Anti-Malware

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 21:21
od Conder
:arrow: Stlac win+r -> napis "appwiz.cpl" -> enter a pokus sa tie 2 programy odinstalovat tu. Malo by to iba vyhodit chybovu hlasku, klikni na Ano a malo by to zmiznut zo zoznamu.

:arrow: Ako sa vola ten program z ktoreho si poslal screen? Nastav to v nom, aby sa to spustalo po starte.

:arrow: Planujes doinstalovat do PC nejaky antivirus alebo ti postaci Windows Defender?

:arrow: Hitman Pro mozes tiez odinstalovat.

:arrow: Nasledne vytvor a posli nove FRST logy.

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 22:03
od Conder
:arrow: Co sa tyka tych antivirusov, ja osobne si myslim, ze na Win10 postaci aj predinstalovany Windows Defender, ak si clovek dava pozor kam klika, co stahuje a instaluje. Alebo pozri tieto odporucania.

:arrow: v Chrome su stale nainstalovane tie rozsirenia "Adblocker for Youtube" a "Adblocker for Youtube". Odinstaloval si ich? Vpravo hore otvor menu (3 bodky) -> Dalsie nastroje -> Rozsirenia -> Odstranit (Odebrat).

:arrow: Co sa tyka uBlock Origin, treba nainstalovat toto: https://chrome.google.com/webstore/deta ... phjbkeiagm.

:arrow: Poprosim este log Addition.txt

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 22:28
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\Users\Zdeněk\AppData\Local\installer.dat
File: C:\Users\Zdeněk\AppData\Local\installer.dat
File: C:\WINDOWS\system32\epmntdrv.sys
File: C:\WINDOWS\SysWOW64\epmntdrv.sys
File: C:\WINDOWS\system32\EuGdiDrv.sys
File: C:\WINDOWS\SysWOW64\EuGdiDrv.sys
CMD: type "C:\FRST\Quarantine\C\duster.cmd.xbad"
CMD: type "C:\Users\Zdeněk\AppData\Local\uts.ini"

HKLM\...\Run: [rundll32] => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX
OPR Extension: (Adblocker for Youtube™) - C:\Users\Zdeněk\AppData\Roaming\Opera Software\Opera Stable\Extensions\bgafbmpmdmlbbpbaipgpbkdlfgnepgao [2018-07-02]
2018-03-22 16:09 - 2018-03-22 16:09 - 000099384 _____ () C:\Users\Zdeněk\AppData\Roaming\inst.exe
2018-03-22 16:09 - 2018-03-22 16:09 - 000007859 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.cat
2018-03-22 16:09 - 2018-03-22 16:09 - 000001167 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.inf
2018-03-22 16:09 - 2018-03-22 16:09 - 000000055 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.log
2018-03-22 16:09 - 2018-03-22 16:09 - 000082816 _____ (VSO Software) C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
2018-07-02 21:53 - 2018-07-02 21:53 - 000140800 _____ () C:\Users\Zdeněk\AppData\Local\installer.dat
2016-11-16 21:56 - 2016-11-16 21:56 - 000000001 _____ () C:\Users\Zdeněk\AppData\Local\llftool.4.40.agreement
Task: {E67AC00C-4ED3-4655-8EB3-E0C7F3B02455} - System32\Tasks\čistění os => C:\dusting.cmd 
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coiagddgpmoccinljjidkpgonimejcnk
C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coiagddgpmoccinljjidkpgonimejcnk
C:\Program Files (x86)\foldershare

Hosts:
EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 05 Črc 2018 22:54
od Conder
:arrow: Ano, v poslednom kroku sme odstranili zaznam z registrov, takze Windows sa uz nesnazi spustit neexistujuci subor :)

:arrow: Este mozeme precistit PC od zbytkov po predchadzajucich antivirusoch - pouzi vsetky odinstalatory jednotlivych antivirusov: :arrow: Napis ci vsetko prebehlo OK. Nasledne mozes nainstalovat antivirus podla tvojich preferencii alebo nechat len WinDefender

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 06 Črc 2018 00:05
od Conder
:arrow: Nie je zaco :)

:arrow: Poprosim este raz o nove logy z FRST (obidva - FRST.txt aj Addition.txt), ci tam este nieco neostalo. Mozes ich zabalit do RAR / ZIP archivu a poslat ako prilohu.

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 06 Črc 2018 21:42
od Conder
:arrow: Su tam stale zbytky po Kaspersky, odporucam tento postup:
  • Stiahni este raz Kaspersky Remover: http://media.kaspersky.com/utilities/Co ... vremvr.exe
  • Spusti ako spravca a potvrd licencne podmienky (Accept)
  • V pripade, ze program vypise "The following products were detected":
    • Opis overovaci kod, klikni na Remove a pockaj na dokoncenie
    • Nasledne znovu spusti program znovu a postup opakuj az dokym program nevypise "Product was not detected"
    • Potom uz iba restartuj PC
  • V pripade, ze program na zaciatku vypise "Product was not detected":
    • Opis overovaci kod
    • Vyber v zozname moznost "Kaspersky Free/Kaspersky Anti-Virus/Internet Security/Kaspersky Total Security 2018"
    • Klikni na Remove a pockaj na dokoncenie
    • Nasledne spusti program spusti este raz a tentokrat vyber moznost "Kaspersky Secure Connection"
    • Na zaver restartuj PC
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [421200 2016-06-20] (AO Kaspersky Lab)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
2018-07-06 00:02 - 2018-07-06 00:02 - 000000000 ___HD C:\kleaner.tmp
2018-07-06 00:02 - 2016-12-06 22:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-07-05 22:36 - 2017-10-26 17:19 - 000000000 ____D C:\Program Files\HitmanPro
C:\Program Files (x86)\Kaspersky Lab
C:\Program Files (x86)\Wondershare
C:\Program Files (x86)\Common Files\Wondershare
C:\ProgramData\Wondershare
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
C:\Users\Zdeněk\AppData\Local\Wondershare

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 09 Črc 2018 23:49
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch: :arrow: Skontroluj velkost plochy (C:\Users\Zdeněk\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 10 Črc 2018 21:41
od Conder
:arrow: OK, tak to by bolo asi vsetko, ak uz nie su ziadne problemy s PC.

Re: vyskakuje mi po spustění tato hlaska

Odeslal: 11 Črc 2018 15:31
od Conder
Nie je zaco, rad som pomohol :)
Všechny časy jsou v UTC+01:00
Stránka 11

Založeno na phpBB® Forum Software © phpBB Limited

Překlad Leschek - FotoNomad.cz