VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

cierna obrazovka

https://forum.viry.cz:443/viewtopic.php?t=149733

Stránka 1 z 1

cierna obrazovka

Napsal: 16 srp 2016 09:23
od Sindy
Zdravim, mam taky problem s notebookom (WIN 10), zapne sa, zadam prihlasovacie heslo, prihlasi a cierna obrazovka s kurzorom mysky, po par hodinach mi nacita aj plochu, ale neda sa nic robit, je to zamrznute.
Skusal som aj obnovit do bodu, kedy fungoval, ale nie je ziadny vytvoreny a nejde ani obnova do tovarenskych nastaveni s ponechanim suborov, to sa robilo asi hodinu a potom napisalo, ze sa nic neopravilo :roll:
dakujem za kazdu radu :31:

Re: cierna obrazovka

Napsal: 16 srp 2016 17:56
od Rudy
Zdravím!
Pokud to bude možné (třeba v nouz. režimu), dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

Re: cierna obrazovka

Napsal: 19 srp 2016 21:12
od Sindy
paci sa log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
Ran by Ján Vojtech Snopko (administrator) on JAYCOPC (19-08-2016 22:02:36)
Running from C:\Users\Ján Vojtech Snopko\Desktop
Loaded Profiles: Ján Vojtech Snopko (Available Profiles: Ján Vojtech Snopko & UpdatusUser)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
Failed to access process -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(forum.viry.cz) C:\Users\Ján Vojtech Snopko\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804464 2015-10-02] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Spotify Web Helper] => C:\Users\Ján Vojtech Snopko\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-26] (Spotify Ltd)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Spotify] => C:\Users\Ján Vojtech Snopko\AppData\Roaming\Spotify\Spotify.exe [6858864 2016-05-26] (Spotify Ltd)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3985976 2016-05-13] (GOG.com)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2022688 2016-04-26] (IObit)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\MountPoints2: {0e1d3676-6949-11e5-8254-84a6c82ced35} - "D:\Lenovo_Suite.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [185816 2015-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164008 2015-10-02] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7b98531c-ff63-48d2-951d-5d5e997a338a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c720679c-106f-43ea-bb47-c9c9f6d0ca1d}: [DhcpNameServer] 10.51.32.1 195.178.72.150

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4234586180-4130005503-4242711151-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-05-19] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-02]
CHR Extension: (Dokumenty Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-02]
CHR Extension: (Disk Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google Search) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-02]
CHR Extension: (Booking.com for Chrome™) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2016-05-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (Tlačidlo Pin It) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-13] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-13] (GOG.com)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-10-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
S1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
S2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-13] (ESET)
S1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-13] (ESET)
S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 22:02 - 2016-08-19 22:04 - 00014896 _____ C:\Users\Ján Vojtech Snopko\Desktop\FRST.txt
2016-08-19 22:01 - 2016-08-19 22:02 - 00000000 ____D C:\FRST
2016-08-19 22:01 - 2016-08-19 22:01 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-19 22:01 - 2016-08-19 21:58 - 00112640 _____ (forum.viry.cz) C:\Users\Ján Vojtech Snopko\Desktop\FRSTLauncher.exe
2016-08-19 22:01 - 2016-08-19 21:51 - 02395648 _____ (Farbar) C:\Users\Ján Vojtech Snopko\Desktop\FRST64.exe
2016-08-19 22:00 - 2016-08-19 22:03 - 00000340 _____ C:\WINDOWS\ntbtlog.txt
2016-08-19 21:10 - 2016-08-19 21:13 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 21:10 - 2016-08-19 21:13 - 00000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-15 23:00 - 2016-08-15 23:00 - 00000000 ___HD C:\$Windows.~BT
2016-08-15 22:50 - 2016-08-15 23:32 - 00000000 ___HD C:\$SysReset
2016-08-15 22:48 - 2016-08-19 21:59 - 00000000 ____D C:\WINDOWS\Panther
2016-07-29 23:24 - 2016-07-29 23:24 - 00000000 __SHD C:\found.000
2016-07-29 21:32 - 2016-08-15 23:32 - 00000000 _____ C:\Recovery.txt
2016-07-29 19:25 - 2016-07-29 19:25 - 00000000 ____D C:\Users\TEMP
2016-07-21 23:33 - 2016-07-21 23:33 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-21 14:11 - 2016-07-21 14:11 - 00000222 _____ C:\Users\Ján Vojtech Snopko\Desktop\War Thunder.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 21:59 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-19 21:59 - 2015-10-03 00:15 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 21:35 - 2016-01-05 23:34 - 00001835 _____ C:\Users\Ján Vojtech Snopko\Desktop\ESET Smart Security.lnk
2016-08-19 21:27 - 2015-12-10 13:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-19 21:10 - 2015-10-02 22:13 - 00004018 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 21:10 - 2015-10-02 22:13 - 00003786 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-19 21:04 - 2016-07-13 20:12 - 00000000 ____D C:\ProgramData\ProductData
2016-08-15 21:12 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-04 05:54 - 2015-10-02 22:22 - 00000000 __SHD C:\Users\Ján Vojtech Snopko\IntelGraphicsProfiles
2016-08-04 05:53 - 2015-10-09 09:17 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-08-04 05:42 - 2015-12-10 13:12 - 00000000 ____D C:\Users\UpdatusUser
2016-07-30 10:21 - 2015-12-10 13:12 - 00000000 ____D C:\Users\Ján Vojtech Snopko
2016-07-29 21:42 - 2016-07-13 20:12 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\LocalLow\IObit
2016-07-29 21:42 - 2016-07-13 20:11 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\IObit
2016-07-29 21:42 - 2016-07-13 20:11 - 00000000 ____D C:\ProgramData\IObit
2016-07-29 21:42 - 2015-11-06 02:38 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\vlc
2016-07-29 21:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-07-29 21:40 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-29 21:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-07-26 20:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 23:30 - 2015-10-02 20:14 - 00004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CB9763A6-62B8-449B-A6AA-FC62A0E58555}
2016-07-21 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-21 14:11 - 2015-10-07 15:50 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-20 15:56 - 2015-10-30 20:31 - 00741172 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-20 15:56 - 2015-10-30 20:31 - 00150730 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-20 15:56 - 2015-10-02 22:00 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-20 14:19 - 2016-03-24 14:18 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-07-20 12:27 - 2016-07-05 14:20 - 00000002 _____ C:\END

==================== Files in the root of some directories =======

2015-12-10 23:39 - 2015-12-10 23:39 - 0000017 _____ () C:\Users\Ján Vojtech Snopko\AppData\Local\resmon.resmoncfg
2016-05-19 15:02 - 2016-05-19 15:02 - 0000000 _____ () C:\Users\Ján Vojtech Snopko\AppData\Local\{6CB8B13D-F34C-4902-9E9F-2731FF23ABEC}
2015-12-10 13:08 - 2015-12-10 13:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 8.0 (Disabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\J�n Vojtech Snopko\Desktop" je 19844 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: cierna obrazovka

Napsal: 19 srp 2016 21:31
od Rudy
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Doporučuji odinstalovat AdvancedSystemCare. Tento čistič vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.

Re: cierna obrazovka

Napsal: 19 srp 2016 21:56
od Sindy
odinstalujem AdvancedSystemCare, ked notas pojde ako ma :thumbsup:



# AdwCleaner v6.000 - *Logfile created 19/08/2016 *at 22:40:01
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-12.4 [*Local]
# *Operating System : Windows 10 Pro (X64)
# *Username : Ján Vojtech Snopko - JAYCOPC
# *Running from : C:\Users\Ján Vojtech Snopko\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****

[-] *File deleted: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ *Browsers ] *****

[-] [mozilla-firefox.en.softonic.com] [Search Provider] *Deleted: mozilla-firefox.en.softonic.com
[-] [photo-editor.en.softonic.com] [Search Provider] *Deleted: photo-editor.en.softonic.com
[-] [minecraft.en.softonic.com] [Search Provider] *Deleted: minecraft.en.softonic.com
[-] [vlc-media-player.en.softonic.com] [Search Provider] *Deleted: vlc-media-player.en.softonic.com


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1707 *Bytes] - [19/08/2016 22:40:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [2151 *Bytes] - [19/08/2016 22:39:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1855 *Bytes] ##########

Re: cierna obrazovka

Napsal: 20 srp 2016 10:09
od Rudy
Dejte nový log FRST.

Re: cierna obrazovka

Napsal: 20 srp 2016 22:16
od Sindy
ľScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
Ran by Ján Vojtech Snopko (administrator) on JAYCOPC (20-08-2016 23:06:11)
Running from C:\Users\Ján Vojtech Snopko\Desktop
Loaded Profiles: Ján Vojtech Snopko (Available Profiles: Ján Vojtech Snopko & UpdatusUser)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Ján Vojtech Snopko\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804464 2015-10-02] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Spotify Web Helper] => C:\Users\Ján Vojtech Snopko\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-26] (Spotify Ltd)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Spotify] => C:\Users\Ján Vojtech Snopko\AppData\Roaming\Spotify\Spotify.exe [6858864 2016-05-26] (Spotify Ltd)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3985976 2016-05-13] (GOG.com)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2022688 2016-04-26] (IObit)
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Uninstall C:\Users\J�n Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ján Vojtech Snopko\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].txt [1943 2016-08-19] ()
HKU\S-1-5-21-4234586180-4130005503-4242711151-1001\...\MountPoints2: {0e1d3676-6949-11e5-8254-84a6c82ced35} - "D:\Lenovo_Suite.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [185816 2015-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164008 2015-10-02] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7b98531c-ff63-48d2-951d-5d5e997a338a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c720679c-106f-43ea-bb47-c9c9f6d0ca1d}: [DhcpNameServer] 10.51.32.1 195.178.72.150

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4234586180-4130005503-4242711151-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-05-19] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-02]
CHR Extension: (Dokumenty Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-02]
CHR Extension: (Disk Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google Search) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-02]
CHR Extension: (Booking.com for Chrome™) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2016-05-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (Tlačidlo Pin It) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Ján Vojtech Snopko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-13] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-13] (GOG.com)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-10-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
S1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
S2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-13] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-13] (ESET)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 23:06 - 2016-08-20 23:07 - 00014703 _____ C:\Users\Ján Vojtech Snopko\Desktop\FRST.txt
2016-08-20 23:05 - 2016-08-20 23:05 - 00029696 _____ C:\Users\Ján Vojtech Snopko\AppData\Local\MSGBOX.EXE
2016-08-20 23:05 - 2016-08-20 23:05 - 00015327 _____ C:\Users\Ján Vojtech Snopko\Desktop\LM.bat
2016-08-20 23:04 - 2016-08-20 23:04 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-19 22:36 - 2016-08-19 22:40 - 00000000 ____D C:\AdwCleaner
2016-08-19 22:36 - 2016-08-19 22:29 - 03784256 _____ C:\Users\Ján Vojtech Snopko\Desktop\adwcleaner_6.000.exe
2016-08-19 22:01 - 2016-08-19 22:02 - 00000000 ____D C:\FRST
2016-08-19 22:01 - 2016-08-19 21:58 - 00112640 _____ (forum.viry.cz) C:\Users\Ján Vojtech Snopko\Desktop\FRSTLauncher.exe
2016-08-19 22:01 - 2016-08-19 21:51 - 02395648 _____ (Farbar) C:\Users\Ján Vojtech Snopko\Desktop\FRST64.exe
2016-08-19 22:00 - 2016-08-20 23:04 - 01384106 _____ C:\WINDOWS\ntbtlog.txt
2016-08-19 21:10 - 2016-08-19 22:56 - 00000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 21:10 - 2016-08-19 21:13 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-15 23:00 - 2016-08-15 23:00 - 00000000 ___HD C:\$Windows.~BT
2016-08-15 22:50 - 2016-08-15 23:32 - 00000000 ___HD C:\$SysReset
2016-08-15 22:48 - 2016-08-19 21:59 - 00000000 ____D C:\WINDOWS\Panther
2016-07-29 23:24 - 2016-07-29 23:24 - 00000000 __SHD C:\found.000
2016-07-29 21:32 - 2016-08-15 23:32 - 00000000 _____ C:\Recovery.txt
2016-07-29 19:25 - 2016-07-29 19:25 - 00000000 ____D C:\Users\TEMP
2016-07-21 23:33 - 2016-07-21 23:33 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-21 14:11 - 2016-07-21 14:11 - 00000222 _____ C:\Users\Ján Vojtech Snopko\Desktop\War Thunder.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 11:21 - 2015-12-10 13:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-19 22:55 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-19 22:05 - 2016-07-13 20:12 - 00002240 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-08-19 22:04 - 2015-10-30 20:31 - 00740974 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-19 22:04 - 2015-10-30 20:31 - 00150532 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-19 22:04 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-19 22:04 - 2015-10-02 22:00 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-19 21:59 - 2015-10-03 00:15 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 21:35 - 2016-01-05 23:34 - 00001835 _____ C:\Users\Ján Vojtech Snopko\Desktop\ESET Smart Security.lnk
2016-08-19 21:10 - 2015-10-02 22:13 - 00004018 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 21:10 - 2015-10-02 22:13 - 00003786 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-19 21:04 - 2016-07-13 20:12 - 00000000 ____D C:\ProgramData\ProductData
2016-08-04 05:54 - 2015-10-02 22:22 - 00000000 __SHD C:\Users\Ján Vojtech Snopko\IntelGraphicsProfiles
2016-08-04 05:53 - 2015-10-09 09:17 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-08-04 05:42 - 2015-12-10 13:12 - 00000000 ____D C:\Users\UpdatusUser
2016-07-30 10:21 - 2015-12-10 13:12 - 00000000 ____D C:\Users\Ján Vojtech Snopko
2016-07-29 21:42 - 2016-07-13 20:12 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\LocalLow\IObit
2016-07-29 21:42 - 2016-07-13 20:11 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\IObit
2016-07-29 21:42 - 2016-07-13 20:11 - 00000000 ____D C:\ProgramData\IObit
2016-07-29 21:42 - 2015-11-06 02:38 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\vlc
2016-07-29 21:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-07-29 21:40 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-29 21:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-07-26 20:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 23:30 - 2015-10-02 20:14 - 00004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CB9763A6-62B8-449B-A6AA-FC62A0E58555}
2016-07-21 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-21 14:11 - 2015-10-07 15:50 - 00000000 ____D C:\Users\Ján Vojtech Snopko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Files in the root of some directories =======

2016-08-20 23:05 - 2016-08-20 23:05 - 0029696 _____ () C:\Users\Ján Vojtech Snopko\AppData\Local\MSGBOX.EXE
2015-12-10 23:39 - 2015-12-10 23:39 - 0000017 _____ () C:\Users\Ján Vojtech Snopko\AppData\Local\resmon.resmoncfg
2016-05-19 15:02 - 2016-05-19 15:02 - 0000000 _____ () C:\Users\Ján Vojtech Snopko\AppData\Local\{6CB8B13D-F34C-4902-9E9F-2731FF23ABEC}
2015-12-10 13:08 - 2015-12-10 13:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

Re: cierna obrazovka

Napsal: 21 srp 2016 10:45
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: cierna obrazovka

Napsal: 21 srp 2016 11:47
od Sindy
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-08-2016
Ran by Ján Vojtech Snopko (21-08-2016 12:39:42) Run:1
Running from C:\Users\Ján Vojtech Snopko\Desktop
Loaded Profiles: Ján Vojtech Snopko (Available Profiles: Ján Vojtech Snopko & UpdatusUser)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
End
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

==== End of Fixlog 12:39:42 ====

Re: cierna obrazovka

Napsal: 21 srp 2016 12:15
od Rudy
Smazáno. Nastala nějaká změna?

Ještě maličkost. Z logu:
Velikost slozky "C:\Users\Ján Vojtech Snopko\Desktop" je 19844 MB.
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Ján Vojtech Snopko novou složku, do které přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak pro snazší přístup dejte zástupce té složky.

Re: cierna obrazovka

Napsal: 21 srp 2016 12:55
od Sindy
presunute subory a dake hry vymazane a stale nic, chyba je rovnaka :(

Re: cierna obrazovka

Napsal: 21 srp 2016 16:48
od Rudy
Zkuste obnovu systému k datu, kdy korketně fungoval.

Re: cierna obrazovka

Napsal: 23 srp 2016 21:45
od Sindy
ani obnovenie neslo, tak som preinstaloval windows a ide to uz :| , dakujem za pomoc :wink:

Re: cierna obrazovka

Napsal: 24 srp 2016 11:47
od Rudy
Někdy nic jiného nezbude. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz