VIRY.CZ

FRST.rar: (20.72 KiB) Staženo 89 x

Zdravím,
po poslední aktualizaci Win10 provedeno čištění a mazání ADWCleaner, MBAM, Ccleaner

ráda bych odstranila případnou havěť a zbytečnosti -díky

Addition přidám po kontaktu poradce

Ahoj

Poprosim o posledny log z AdwCleaneru (mal by sa nachadzat v C:\AdwCleaner\Logs). Malwarebytes nasiel nieco?

Poprosim o obidva nove logy z FRST.

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-17-2019
# Duration: 00:00:41
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Folder C:\ProgramData\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Janka\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\defaultuser0\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBD3CAD1-FF17-4F85-AF85-F566254C3D92}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLVDLauncher
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Task C:\Windows\System32\Tasks\CLVDLAUNCHER
Deleted Preinstalled.LenovoUtility Folder C:\Program Files\LENOVO\LENOVOUTILITY
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}

*************************

[+] Delete Tracing Keys
[+] Reset Windows Firewall
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1250 octets] - [07/07/2019 09:01:14]
AdwCleaner[C00].txt - [1436 octets] - [07/07/2019 09:02:05]
AdwCleaner_Debug.log - [20687 octets] - [17/09/2019 10:16:21]
AdwCleaner[S01].txt - [4030 octets] - [17/09/2019 10:17:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

MBAM čisté

Addition.rar: (7.56 KiB) Staženo 122 x

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
File: C:\WINDOWS\system32\EOSNotify.exe
CMD: dir "C:\WINDOWS\system32\ ‰"
CMD: dir "C:\WINDOWS\system32\ ‰Ď"
CMD: dir "C:\WINDOWS\system32\ ‰Ü"
CMD: dir "C:\WINDOWS\system32\ ‰"
CMD: dir "C:\WINDOWS\system32\4_168acb088d48fafb"
CMD: dir "C:\WINDOWS\system32\€"
CMD: dir "C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ë"

Task: {186D1F04-BB4E-47C2-B419-20FCFEEAA03D} - \Lenovo\ImController\TimeBasedEvents\3a0c3097-e324-4092-8ad2-4ce8419d066e -> No File <==== ATTENTION
Task: {1E69B205-861D-4C1C-9002-C901990B7CEE} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {6090ECC4-2AFB-4FDA-ADF3-376550A62464} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {9D162628-DBA6-40BF-8EBE-CFCFB489BE6B} - \Lenovo\ImController\TimeBasedEvents\e7578710-3490-49e3-b173-53003b8832e0 -> No File <==== ATTENTION
Task: {C68CE26C-B8DA-4832-90E5-E8BCC9D8EA7E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {FAE1E958-5843-4FC9-8A17-2CC6B4052EFD} - \Lenovo\ImController\TimeBasedEvents\7af95a4f-d059-4628-bd9b-413652944bf8 -> No File <==== ATTENTION
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File

Hosts:
EmptyTemp:
End

Klikni na Subor a potom na Ulozit
Vpravo dole vyber kodovanie Unicode
Subor uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by Janka (18-09-2019 10:41:34) Run:1
Running from C:\Users\Janka\Downloads
Loaded Profiles: Janka (Available Profiles: defaultuser0 & Janka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
File: C:\WINDOWS\system32\EOSNotify.exe
CMD: dir "C:\WINDOWS\system32\ ‰"
CMD: dir "C:\WINDOWS\system32\ ‰Ď"
CMD: dir "C:\WINDOWS\system32\ ‰Ü"
CMD: dir "C:\WINDOWS\system32\ ‰"
CMD: dir "C:\WINDOWS\system32\4_168acb088d48fafb"
CMD: dir "C:\WINDOWS\system32\€"
CMD: dir "C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ë"

Task: {186D1F04-BB4E-47C2-B419-20FCFEEAA03D} - \Lenovo\ImController\TimeBasedEvents\3a0c3097-e324-4092-8ad2-4ce8419d066e -> No File <==== ATTENTION
Task: {1E69B205-861D-4C1C-9002-C901990B7CEE} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {6090ECC4-2AFB-4FDA-ADF3-376550A62464} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {9D162628-DBA6-40BF-8EBE-CFCFB489BE6B} - \Lenovo\ImController\TimeBasedEvents\e7578710-3490-49e3-b173-53003b8832e0 -> No File <==== ATTENTION
Task: {C68CE26C-B8DA-4832-90E5-E8BCC9D8EA7E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {FAE1E958-5843-4FC9-8A17-2CC6B4052EFD} - \Lenovo\ImController\TimeBasedEvents\7af95a4f-d059-4628-bd9b-413652944bf8 -> No File <==== ATTENTION
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 14
Average :
Sum : 14550
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe ========================

"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe" => not found
====== End of File: ======

========================= File: C:\WINDOWS\system32\EOSNotify.exe ========================

"C:\WINDOWS\system32\EOSNotify.exe" => not found
====== End of File: ======

========= dir "C:\WINDOWS\system32\ ‰" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\ %?

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
20.04.2019 17:04 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙457˙042˙432 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\ ‰Ď" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\ %Ň

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
26.01.2019 07:16 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙456˙976˙896 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\ ‰Ü" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\ %š

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
29.11.2018 22:56 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙456˙976˙896 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\ ‰" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\ %

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
18.01.2019 19:50 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙456˙911˙360 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\4_168acb088d48fafb" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\4_168acb088d48fafb

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
06.04.2018 18:39 <DIR> atidxx64.dll
0 File(s) 0 bytes
3 Dir(s) 407˙456˙907˙264 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\€" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\?

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
03.04.2018 18:59 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙456˙841˙728 bytes free

========= End of CMD: =========

========= dir "C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ë" =========

Volume in drive C is Windows
Volume Serial Number is 2095-3C6E

Directory of C:\WINDOWS\system32\úúúúúúúú‰

17.09.2019 01:04 <DIR> .
17.09.2019 01:04 <DIR> ..
03.04.2018 18:59 <DIR> AMD
0 File(s) 0 bytes
3 Dir(s) 407˙456˙841˙728 bytes free

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{186D1F04-BB4E-47C2-B419-20FCFEEAA03D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{186D1F04-BB4E-47C2-B419-20FCFEEAA03D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\3a0c3097-e324-4092-8ad2-4ce8419d066e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E69B205-861D-4C1C-9002-C901990B7CEE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E69B205-861D-4C1C-9002-C901990B7CEE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6090ECC4-2AFB-4FDA-ADF3-376550A62464}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6090ECC4-2AFB-4FDA-ADF3-376550A62464}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D162628-DBA6-40BF-8EBE-CFCFB489BE6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D162628-DBA6-40BF-8EBE-CFCFB489BE6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e7578710-3490-49e3-b173-53003b8832e0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C68CE26C-B8DA-4832-90E5-E8BCC9D8EA7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C68CE26C-B8DA-4832-90E5-E8BCC9D8EA7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAE1E958-5843-4FC9-8A17-2CC6B4052EFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAE1E958-5843-4FC9-8A17-2CC6B4052EFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\7af95a4f-d059-4628-bd9b-413652944bf8" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12169337 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1466578 B
Edge => 7111491 B
Chrome => 172316 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 6514 B
NetworkService => 0 B
defaultuser0 => 6656 B
Janka => 12392480 B

RecycleBin => 58355 B
EmptyTemp: => 40.9 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:45:27 ====

Nové logy

FRST.rar: (20.54 KiB) Staženo 98 x

Tak este jeden fixlist:

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\WINDOWS\Minidump
Task: {A6055851-A3EB-42DE-A59E-E1111E0C726C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
Task: {FE0A8552-4593-4517-B8AC-DED06C8A8D4A} - System32\Tasks\AdwCleaner_onReboot => C:/Users/Janka/Downloads/adwcleaner_7.4.1.exe
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> DefaultScope {C50BADC1-9265-414B-8437-6B21C282F983} URL = 
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> {C50BADC1-9265-414B-8437-6B21C282F983} URL = 

End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01
Ran by Janka (19-09-2019 09:32:39) Run:2
Running from C:\Users\Janka\Downloads
Loaded Profiles: Janka (Available Profiles: defaultuser0 & Janka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\WINDOWS\Minidump
Task: {A6055851-A3EB-42DE-A59E-E1111E0C726C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
Task: {FE0A8552-4593-4517-B8AC-DED06C8A8D4A} - System32\Tasks\AdwCleaner_onReboot => C:/Users/Janka/Downloads/adwcleaner_7.4.1.exe
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> DefaultScope {C50BADC1-9265-414B-8437-6B21C282F983} URL =
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> {C50BADC1-9265-414B-8437-6B21C282F983} URL =

End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= Folder: C:\WINDOWS\Minidump ========================

2018-08-17 19:48 - 2019-09-17 18:41 - 000107520 ____N [E1893DFF92C4311EF95CBDAB9B93C900] () C:\WINDOWS\Minidump\091719-34796-01.dmp
2018-08-17 19:48 - 2019-09-18 07:22 - 000107520 ____N [2B642C51743785242873D40EAD825F8A] () C:\WINDOWS\Minidump\091819-35484-01.dmp
2018-08-17 19:48 - 2019-09-18 10:21 - 000107520 ____N [725DEADD3A96808089E252D19A89B878] () C:\WINDOWS\Minidump\091819-38109-01.dmp
2018-08-17 19:48 - 2019-09-18 15:33 - 000107520 ____N [8E1F90CF2ED381032E75A15FF3F73B51] () C:\WINDOWS\Minidump\091819-39921-01.dmp
2018-08-17 19:48 - 2019-09-19 08:16 - 000107520 ____N [788C8A9CC440EB74F939E366B1654E4A] () C:\WINDOWS\Minidump\091919-33937-01.dmp

====== End of Folder: ======

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6055851-A3EB-42DE-A59E-E1111E0C726C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6055851-A3EB-42DE-A59E-E1111E0C726C}" => removed successfully
C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLMLSvc_P2G8" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE0A8552-4593-4517-B8AC-DED06C8A8D4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE0A8552-4593-4517-B8AC-DED06C8A8D4A}" => removed successfully
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => removed successfully
"HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C50BADC1-9265-414B-8437-6B21C282F983} => removed successfully
HKLM\Software\Classes\CLSID\{C50BADC1-9265-414B-8437-6B21C282F983} => not found

The system needed a reboot.

==== End of Fixlog 09:34:20 ====

Podla logu sa na tomto PC 5x vyskytla "modra obrazovka smrti" (BSOD). Skopiruj obsah adresaru C:\WINDOWS\Minidump niekde inde (do dokumentov, na plochu), zabal do archivu (RAR alebo ZIP) a posli ako prilohu k dalsiemu prispevku.

Minidump.rar: (63.38 KiB) Staženo 101 x

jsou tam jen tři

Tieto BSOD su sposobene padmi ovladacu "sptd2.sys" - ovladac pre virtualne disky, pouzivaju ho programy ako Daemon Tools a pod., v tomto pripade tipujem, ze ho pouziva program CyberLink PowerDVD. Skus tento program aktualizovat na poslednu verziu.

Inak logy vyzeraju OK co sa tyka malware. Su aj nejake ine problemy s PC?

Nejsou to klasické BSOD, vytvoří se při startu a musí se startovat dvakrát (no problém)
Nabízená nová verze CyberLink PowerDVD je jen zkušební

Nemám žádný závažný problém tak to snad můžeme ukončit Delfixem
a velkým poděkováním

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

VIRY.CZ

kontrola prosím

kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím

Re: kontrola prosím