Černá obrazovka + automatické spuštění cmd po restartu

[antonin1]

Dobrý den, zdá se mi, že mám poněkud zavirovaný počítač. Po restartu mi naběhly mé win10 s černou obrazovkou a spuštěným cmd. Obvyklá obrazovka win10 naběhne po spuštění explorer.exe přes cmd. Po dalším restartu je ovšem znovu stejný problém. Už delší dobu mi navíc Norton po restartu nachází problémy v issas.exe a nvtray.exe. Prosím o kontrolu logů, očištění škodné a pomoc, jak nastavit registry tak, aby se explorer po restartu spouštěl sám a nespouštěl se cmd. Děkuji!

[JaRon]

ahoj,
1. vycisti PC s CCleanerom - cistic + registre
restart
2. vycisti PC s AVPTool
3. vycisti PC s ADWCleanerom

[antonin1]

Děkuji, provedeno. Norton už po restartu nehlásí problémy se issas a nvtray apod. Ale stále se mi spouští černá obrazovka a cmd.

[JaRon]

Daj aktualne logy Frst, zajtra cosi pocistime

[antonin1]

Dle domluvy posílám nový FRST logy

[JaRon]

navod- citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [] => 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-19\Sortware\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-20\Sortware\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0CA97837-4253-4B2B-AF8F-CA86D7C3779C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1AD8ED7B-EBBF-477F-B235-EA9F134AC0B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2167A783-BFCB-4DB1-83CF-4C5D71D1F4E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {24FCD695-7D37-41C7-B7CA-1E38CC658A2D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2BC3F9AF-080A-402B-BC02-462BA607E13B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {39AA7E89-0E24-4861-AE26-18D7B95000AC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {40031DB8-4430-4AE0-82F2-C64D5F4DAFDC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D2FB62F-9BD2-4CC3-833F-27B4E5997141} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {70E5FCD5-A6F4-4C20-8F71-3749F7E1B4AE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {86745E34-BA5D-4FAC-9A14-A22C27672AF7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8F67EB6F-7598-4E1A-9F1E-C47518F41681} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9130FB0F-E7C8-444E-B6C5-ACF64161687E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A11590DD-8E4E-44BE-8537-90002D63E45F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DC8C068A-F292-4E9D-B1D4-0F388D632BFE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F61D529E-B657-4193-BBAB-1DEAE4946E0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FF98DC59-DABD-4ABE-8580-FD9430C754E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
S3 ALSysIO; \??\C:\Users\Petr\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz140; \??\C:\Users\Petr\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U4 sr; no ImagePath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4 [136]
AlternateDataStreams: C:\ProgramData\TEMP:6387AA6C [130]
AlternateDataStreams: C:\ProgramData\TEMP:85AA7074 [286]
FirewallRules: [{57C8FC93-F830-4218-9450-C2CB0B4D9786}] => (Allow) C:\WINDOWS\TEMP\gsrk357Y.tmp\nvtray.exe No File
FirewallRules: [{C7533DDF-6E66-45C2-BE16-A303FB6EEE10}] => (Allow) C:\WINDOWS\TEMP\gsrk357Y.tmp\nvtray.exe No File
FirewallRules: [{2C889264-959F-4C87-AD96-87BC8BDC93CD}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File
FirewallRules: [{7151CE72-281A-4420-8CAA-DB2B47882185}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[antonin1]

Windows už nabíhají správně, cmd se automaticky nespouští. Nevím, jestli už je počítač zcela očištěn, ale už to, že je funkční, je skvělé. Děkuji moc!

[JaRon]

je to ciste - rado sa stalo