Blue screen przy korzystaniu z AdwCleaner


(Manian) #1

Witam,

Po ukończeniu skanowania przez AdwCleaner przy próbie usunięcia niechcianego oprogramowania pojawia się blue screen.

 

OTL: http://www.wklej.org/id/1231462/

Extras: http://www.wklej.org/id/1231465/

 

EDIT: Przepraszam, zapomniałem dołączyć informacje na temat błędu:

0x0000003B

Więcej tutaj: http://iv.pl/images/44014524921403658724.jpg


(BlackFX) #2

W bluescree powinien być zawarty kod błędu, który bardzo dużo mówi o przyczynie.


(Acorus) #3

Odinstaluj ASUS WebStorage,WinZipper.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL
SRV - [2013-07-07 19:25:29 | 000,424,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) [Auto | Running] -- C:\Program Files (x86)\WinZipper\winzipersvc.exe -- (winzipersvc)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=butm_medium=newgdpfrom=newgdpuid=ST9320325AS_5VD77VHEXXXX5VD77VHEts=1377255324
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}babsrc=SP_ss_din2gmntrId=7C1572DE2B880031affID=119357tt=250613_gr4tsp=4929
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=dsts=1388684334from=wpm0102uid=ST9320325AS_5VD77VHEXXXX5VD77VHEq={searchTerms}
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\..\SearchScopes\{8482D77F-3E93-45A2-A9FB-F3DC6D3656FF}: "URL" = http://websearch.ask.com/redirect?client=ietb=ORJo=src=kwq={searchTerms}locale=apn_ptnrs=apn_dtid=OSJ000apn_uid=49679289-EEE9-4513-A361-84C47C890BC3apn_sauid=0E3F50D7-5872-4A16-BB5C-891C2BBDFDA7
IE - HKU\S-1-5-21-1398787347-979443279-3393188971-1002\..\SearchScopes\CF9E014D7A524EA19BB3695C8F779859: "URL" = http://search.aol.pl/aol/search?s_it=tb50winampq={searchTerms}
FF - prefs.js..browser.search.defaulturl: "http://search.winamp.com/search/search?query={searchTerms}invocationType=winamp-ffs_qt=sbtb_uuid=20130309125033616tb_oid=08-03-2013tb_mrud=09-03-2013query="
[2013-03-09 19:09:35 | 000,002,533 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\aol-search.xml
[2012-09-25 16:55:38 | 000,002,299 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\askcom.xml
[2013-07-07 20:29:03 | 000,006,547 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\babylon.xml
[2013-06-18 17:18:15 | 000,002,412 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\BrowserDefender.xml
[2013-06-30 10:50:40 | 000,001,294 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\delta.xml
[2013-03-09 18:51:58 | 000,002,154 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\l0j1a296.default\searchplugins\wyszukiwarka-aol.xml
[2013-06-30 15:16:04 | 000,000,726 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[2014-01-09 15:04:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-10 17:33:01 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013-06-30 10:50:49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-30 10:48:10 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Babylon
[2013-06-30 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Desk 365
[2013-07-07 20:23:59 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DSite
[2013-06-30 15:13:26 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\eIntaller
[2014-01-09 16:05:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\newnext.me
[2013-07-07 19:26:24 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Omiga Plus

:Commands
[emptytemp]

Kliknij Wykonaj skrypt.


(Manian) #4

Wykonanie zalecanych czynności pomogło.

Dziękuje za pomoc.