VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu - notebbook se při vypnutí o.s. zasekne

https://forum.viry.cz:443/viewtopic.php?t=150912

Stránka 1 z 1

Prosím o kontrolu - notebbook se při vypnutí o.s. zasekne

Napsal: 21 pro 2016 15:13
od gully
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Datel (administrator) on DATEL-COMP (21-12-2016 15:07:01)
Running from C:\Users\Datel\Desktop
Loaded Profiles: Datel (Available Profiles: Datel)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashServ.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Ozmo Inc) C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\PWMUIAux.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Primax Electronics Ltd.) C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [380776 2011-03-30] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [PelAstro] => C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe [65536 2011-01-14] (Primax Electronics Ltd.)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Wi-Fi Mobile Mouse\hpMonitor23.exe [106552 2011-11-03] (Hewlett-Packard)
HKLM-x32\...\Run: [avast!] => C:\Program Files\Alwil Software\Avast4\ashDisp.exe [79224 2007-12-04] (ALWIL Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.3.1
Tcpip\..\Interfaces\{35642c0a-8ece-414b-bd26-ff63ed5aeaef}: [DhcpNameServer] 192.168.100.1 192.168.3.1
Tcpip\..\Interfaces\{3c8b023e-cbf5-497c-95e5-1ba72c9bb8d3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d083b434-c7a0-4fcf-a5ff-7d9795145625}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{eecdad23-17ca-4459-94ae-b14566d3ace1}: [NameServer] 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_csCZ618
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {09C1F4A7-E0B9-4FCF-A82A-4EB6B8639B3D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {282B8AE8-2C00-436A-9C27-E1C275BA5CA0} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {5A806433-DA8C-4957-8D6A-9C31F0515119} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_csCZ618
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {A5A18EDA-51CF-4582-A754-1D9B876EEECE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {B7BE6D3D-6960-408F-9D85-EA62B582565A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {C62FFD99-716E-4813-95F8-3BB2B3A6787E} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {C754C5F2-47B8-4C7E-8631-63C1A30D792F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {F030AE8C-A229-4E69-B29B-E279BFFDD3E5} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {F5F0DC61-BA9C-4931-B55E-0F6222443DB4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
BHO: No Name -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2011-06-30] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2016-12-21] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-872970765-2336037875-4207061899-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Datel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AstroS; C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe [172032 2010-12-01] () [File not signed]
R2 aswUpdSv; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [17272 2007-12-04] (ALWIL Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [140664 2007-12-04] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [247160 2007-12-04] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [345464 2007-12-04] (ALWIL Software)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 ozwpansvc; C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe [97560 2011-10-06] (Ozmo Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 ssinstall; C:\WINDOWS\SysWoW64\ssins.exe [4696960 2016-12-21] (PS Media s.r.o.)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-26] (Lenovo Group Limited) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-28] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82664 2015-12-16] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\WINDOWS\System32\DRIVERS\aswMonFlt.sys [55888 2007-12-04] (ALWIL Software)
R2 aswMonFlt; C:\Windows\SysWOW64\DRIVERS\aswMonFlt.sys [45648 2007-12-04] (ALWIL Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [27216 2007-12-04] (ALWIL Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [48720 2007-12-04] (ALWIL Software)
R3 hswpan; C:\WINDOWS\System32\drivers\hswpan.sys [114944 2011-10-06] (Ozmo Inc)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-28] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 15:07 - 2016-12-21 15:09 - 00016588 _____ C:\Users\Datel\Desktop\FRST.txt
2016-12-21 15:06 - 2016-12-21 15:07 - 00000000 ____D C:\FRST
2016-12-21 15:05 - 2016-12-21 15:06 - 02420224 _____ (Farbar) C:\Users\Datel\Desktop\FRST64.exe
2016-12-21 15:05 - 2016-12-21 15:05 - 02420224 _____ (Farbar) C:\Users\Datel\Downloads\FRST64.exe
2016-12-21 15:01 - 2016-12-21 15:02 - 01065376 _____ (Google Inc.) C:\Users\Datel\Downloads\ChromeSetup.exe
2016-12-21 14:27 - 2016-12-21 14:28 - 00000000 ____D C:\Program Files\CCleaner
2016-12-21 14:27 - 2016-12-21 14:27 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-12-21 14:27 - 2016-12-21 14:27 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-21 14:27 - 2016-12-21 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-21 14:26 - 2016-12-21 14:27 - 08805960 _____ (Piriform Ltd) C:\Users\Datel\Downloads\ccsetup525pro.exe
2016-12-21 13:40 - 2016-12-21 13:40 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-21 13:38 - 2016-12-21 14:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-21 13:36 - 2016-12-21 13:36 - 01363456 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2016-12-21 13:36 - 2016-12-21 13:36 - 00359936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2016-12-21 13:36 - 2016-12-21 13:36 - 00002824 _____ C:\WINDOWS\SysWOW64\ca.pem
2016-12-21 13:36 - 2016-12-21 13:36 - 00002269 _____ C:\WINDOWS\SysWOW64\cert.crt
2016-12-21 13:36 - 2016-12-21 13:36 - 00001679 _____ C:\WINDOWS\SysWOW64\keyfile.key
2016-12-21 13:15 - 2016-12-21 13:15 - 00000000 ____D C:\Users\Datel\AppData\Roaming\TeamViewer
2016-12-21 13:13 - 2016-12-21 13:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 15:07 - 2016-09-25 01:34 - 02029292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-21 15:07 - 2016-07-16 23:25 - 00703874 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-21 15:07 - 2016-07-16 23:25 - 00174204 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-21 15:04 - 2014-12-08 19:31 - 00000000 ____D C:\Users\Datel\AppData\Roaming\Skype
2016-12-21 15:03 - 2014-12-08 18:30 - 00002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-21 15:03 - 2011-11-10 13:34 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-21 15:03 - 2011-11-10 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-12-21 15:00 - 2016-09-25 01:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-21 14:59 - 2016-09-25 01:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-21 14:57 - 2016-09-25 01:34 - 00000000 ____D C:\Users\Datel
2016-12-21 14:56 - 2011-11-10 13:35 - 00000000 ____D C:\ProgramData\PCDr
2016-12-21 14:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-21 14:46 - 2015-01-19 19:05 - 00000000 ____D C:\Users\Datel\AppData\Roaming\Seznam.cz
2016-12-21 14:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-21 14:38 - 2016-09-25 01:26 - 00203032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-21 14:38 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-21 14:33 - 2016-10-26 19:34 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-21 14:33 - 2016-09-25 02:24 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-21 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-21 14:33 - 2015-01-16 14:06 - 00000000 ____D C:\Users\Datel\AppData\Local\CrashDumps
2016-12-21 14:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-21 14:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-21 13:46 - 2016-09-25 01:53 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-21 13:46 - 2016-09-25 01:53 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-21 13:46 - 2015-01-05 16:31 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-21 13:40 - 2016-06-04 16:55 - 00002439 _____ C:\Users\Datel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-21 13:40 - 2016-06-04 16:55 - 00000000 ___RD C:\Users\Datel\OneDrive
2016-12-21 13:36 - 2014-12-08 19:12 - 04696960 _____ (PS Media s.r.o.) C:\WINDOWS\SysWOW64\ssins.exe
2016-12-21 13:35 - 2016-03-19 18:47 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-21 13:35 - 2014-12-08 18:29 - 00000466 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2016-12-21 13:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-03 16:16 - 2016-06-04 16:48 - 00000000 ____D C:\Users\Datel\AppData\Local\Packages
2016-11-24 16:21 - 2016-10-26 19:45 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 41.lnk
2016-11-24 16:21 - 2016-09-25 01:53 - 00003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1421094398

==================== Files in the root of some directories =======

2014-12-23 13:22 - 2014-12-23 13:22 - 0002425 _____ () C:\Users\Datel\AppData\Local\FastClean.20141223.132200.txt
2014-12-23 13:26 - 2014-12-23 13:26 - 0001875 _____ () C:\Users\Datel\AppData\Local\FastClean.20141223.132643.txt
2014-12-23 13:23 - 2014-12-23 13:23 - 0002457 _____ () C:\Users\Datel\AppData\Local\IWDAudHelper.20141223.132313.txt
2014-12-23 13:28 - 2014-12-23 13:29 - 0050444 _____ () C:\Users\Datel\AppData\Local\IWDAudHelper.20141223.132820.txt
2014-12-23 13:22 - 2014-12-23 13:22 - 0000671 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132255.txt
2014-12-23 13:23 - 2014-12-23 13:23 - 0001245 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132313.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0001573 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132702.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0000661 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132750.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0001597 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132753.txt
2014-12-23 13:28 - 2014-12-23 13:28 - 0001227 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132804.txt
2014-12-23 13:29 - 2014-12-23 13:29 - 0001245 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132905.txt
2014-12-23 13:34 - 2014-12-23 13:34 - 0001547 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.133445.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-21 11:18

==================== End of FRST.txt ============================

Děkuji.

Re: Prosím o kontrolu - notebbook se při vypnutí o.s. zasekn

Napsal: 21 pro 2016 18:14
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu - notebbook se při vypnutí o.s. zasekn

Napsal: 21 pro 2016 18:39
od gully
# AdwCleaner v6.041 - Log vytvořen 21/12/2016 v 18:35:16
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-21.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Datel - DATEL-COMP
# Spuštěno z : C:\Users\Datel\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\Partner


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pda.slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pda.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1479 Bajty] - [21/12/2016 18:35:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1896 Bajty] - [21/12/2016 18:34:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1625 Bajty] ##########

Re: Prosím o kontrolu - notebbook se při vypnutí o.s. zasekn

Napsal: 21 pro 2016 19:56
od Rudy
Dejte nový log FRST.

Re: Prosím o kontrolu - notebbook se při vypnutí o.s. zasekn

Napsal: 22 pro 2016 12:16
od gully
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Datel (administrator) on DATEL-COMP (22-12-2016 12:08:33)
Running from C:\Users\Datel\Desktop
Loaded Profiles: Datel (Available Profiles: Datel)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashServ.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
() C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Ozmo Inc) C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\PWMUIAux.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Primax Electronics Ltd.) C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.7608.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> explorer.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\PWMUIAux.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [380776 2011-03-30] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [PelAstro] => C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe [65536 2011-01-14] (Primax Electronics Ltd.)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Wi-Fi Mobile Mouse\hpMonitor23.exe [106552 2011-11-03] (Hewlett-Packard)
HKLM-x32\...\Run: [avast!] => C:\Program Files\Alwil Software\Avast4\ashDisp.exe [79224 2007-12-04] (ALWIL Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.3.1
Tcpip\..\Interfaces\{35642c0a-8ece-414b-bd26-ff63ed5aeaef}: [DhcpNameServer] 192.168.100.1 192.168.3.1
Tcpip\..\Interfaces\{3c8b023e-cbf5-497c-95e5-1ba72c9bb8d3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d083b434-c7a0-4fcf-a5ff-7d9795145625}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{eecdad23-17ca-4459-94ae-b14566d3ace1}: [NameServer] 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-872970765-2336037875-4207061899-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_csCZ618
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {09C1F4A7-E0B9-4FCF-A82A-4EB6B8639B3D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {282B8AE8-2C00-436A-9C27-E1C275BA5CA0} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {5A806433-DA8C-4957-8D6A-9C31F0515119} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_csCZ618
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {A5A18EDA-51CF-4582-A754-1D9B876EEECE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {B7BE6D3D-6960-408F-9D85-EA62B582565A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {C62FFD99-716E-4813-95F8-3BB2B3A6787E} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {C754C5F2-47B8-4C7E-8631-63C1A30D792F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {F030AE8C-A229-4E69-B29B-E279BFFDD3E5} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> {F5F0DC61-BA9C-4931-B55E-0F6222443DB4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
BHO: No Name -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2011-06-30] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2016-12-21] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-872970765-2336037875-4207061899-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Datel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\Datel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Datel\AppData\Local\Google\Chrome\User Data\Default [2016-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Datel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Datel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AstroS; C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe [172032 2010-12-01] () [File not signed]
R2 aswUpdSv; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [17272 2007-12-04] (ALWIL Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [140664 2007-12-04] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [247160 2007-12-04] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [345464 2007-12-04] (ALWIL Software)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 ozwpansvc; C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe [97560 2011-10-06] (Ozmo Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 ssinstall; C:\WINDOWS\SysWoW64\ssins.exe [4696960 2016-12-21] (PS Media s.r.o.)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-26] (Lenovo Group Limited) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-28] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82664 2015-12-16] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\WINDOWS\System32\DRIVERS\aswMonFlt.sys [55888 2007-12-04] (ALWIL Software)
R2 aswMonFlt; C:\Windows\SysWOW64\DRIVERS\aswMonFlt.sys [45648 2007-12-04] (ALWIL Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [27216 2007-12-04] (ALWIL Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [48720 2007-12-04] (ALWIL Software)
R3 hswpan; C:\WINDOWS\System32\drivers\hswpan.sys [114944 2011-10-06] (Ozmo Inc)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-28] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-22 12:08 - 2016-12-22 12:08 - 00000000 ____D C:\Users\Datel\Desktop\FRST-OlderVersion
2016-12-21 18:32 - 2016-12-21 18:35 - 00000000 ____D C:\AdwCleaner
2016-12-21 18:31 - 2016-12-21 18:32 - 03977168 _____ C:\Users\Datel\Desktop\adwcleaner_6.041.exe
2016-12-21 18:31 - 2016-12-21 18:31 - 03977168 _____ C:\Users\Datel\Downloads\adwcleaner_6.041.exe
2016-12-21 17:50 - 2016-12-21 17:50 - 00000000 ____D C:\Users\Datel\AppData\Local\ESET
2016-12-21 17:49 - 2016-12-21 17:50 - 06770304 _____ (ESET spol. s r.o.) C:\Users\Datel\Downloads\ESETOnlineScanner_CSY.exe
2016-12-21 15:13 - 2016-12-21 15:13 - 00011583 _____ C:\Users\Datel\Desktop\Addition.rar
2016-12-21 15:10 - 2016-12-21 15:11 - 00040001 _____ C:\Users\Datel\Desktop\Addition.txt
2016-12-21 15:07 - 2016-12-22 12:10 - 00018464 _____ C:\Users\Datel\Desktop\FRST.txt
2016-12-21 15:06 - 2016-12-22 12:08 - 00000000 ____D C:\FRST
2016-12-21 15:05 - 2016-12-22 12:08 - 02420736 _____ (Farbar) C:\Users\Datel\Desktop\FRST64.exe
2016-12-21 15:05 - 2016-12-21 15:05 - 02420224 _____ (Farbar) C:\Users\Datel\Downloads\FRST64.exe
2016-12-21 15:01 - 2016-12-21 15:02 - 01065376 _____ (Google Inc.) C:\Users\Datel\Downloads\ChromeSetup.exe
2016-12-21 14:27 - 2016-12-21 14:28 - 00000000 ____D C:\Program Files\CCleaner
2016-12-21 14:27 - 2016-12-21 14:27 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-12-21 14:27 - 2016-12-21 14:27 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-21 14:27 - 2016-12-21 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-21 14:26 - 2016-12-21 14:27 - 08805960 _____ (Piriform Ltd) C:\Users\Datel\Downloads\ccsetup525pro.exe
2016-12-21 13:40 - 2016-12-21 13:40 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-21 13:38 - 2016-12-21 14:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-21 13:36 - 2016-12-21 13:36 - 01363456 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2016-12-21 13:36 - 2016-12-21 13:36 - 00359936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2016-12-21 13:36 - 2016-12-21 13:36 - 00002824 _____ C:\WINDOWS\SysWOW64\ca.pem
2016-12-21 13:36 - 2016-12-21 13:36 - 00002269 _____ C:\WINDOWS\SysWOW64\cert.crt
2016-12-21 13:36 - 2016-12-21 13:36 - 00001679 _____ C:\WINDOWS\SysWOW64\keyfile.key
2016-12-21 13:15 - 2016-12-21 13:15 - 00000000 ____D C:\Users\Datel\AppData\Roaming\TeamViewer
2016-12-21 13:13 - 2016-12-21 13:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-22 12:06 - 2014-12-08 19:31 - 00000000 ____D C:\Users\Datel\AppData\Roaming\Skype
2016-12-22 12:04 - 2016-09-25 01:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-22 12:04 - 2016-09-25 01:34 - 00000000 ____D C:\Users\Datel
2016-12-22 12:03 - 2016-09-25 01:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-22 10:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-22 10:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-22 09:53 - 2016-09-25 01:34 - 02086592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-22 09:53 - 2016-07-16 23:25 - 00733470 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-22 09:53 - 2016-07-16 23:25 - 00183004 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-21 19:23 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-21 19:02 - 2014-12-08 18:32 - 00000000 ____D C:\Users\Datel\AppData\Local\Google
2016-12-21 18:35 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-21 16:27 - 2014-12-22 14:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-21 16:24 - 2014-12-22 14:22 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-21 15:03 - 2014-12-08 18:30 - 00002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-21 15:03 - 2011-11-10 13:34 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-21 15:03 - 2011-11-10 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-12-21 14:56 - 2011-11-10 13:35 - 00000000 ____D C:\ProgramData\PCDr
2016-12-21 14:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-21 14:46 - 2015-01-19 19:05 - 00000000 ____D C:\Users\Datel\AppData\Roaming\Seznam.cz
2016-12-21 14:38 - 2016-09-25 01:26 - 00203032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-21 14:33 - 2016-10-26 19:34 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-21 14:33 - 2016-09-25 02:24 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-21 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-21 14:33 - 2015-01-16 14:06 - 00000000 ____D C:\Users\Datel\AppData\Local\CrashDumps
2016-12-21 13:46 - 2016-09-25 01:53 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-21 13:46 - 2016-09-25 01:53 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-21 13:46 - 2015-01-05 16:31 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-21 13:40 - 2016-06-04 16:55 - 00002439 _____ C:\Users\Datel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-21 13:40 - 2016-06-04 16:55 - 00000000 ___RD C:\Users\Datel\OneDrive
2016-12-21 13:36 - 2014-12-08 19:12 - 04696960 _____ (PS Media s.r.o.) C:\WINDOWS\SysWOW64\ssins.exe
2016-12-21 13:35 - 2016-03-19 18:47 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-21 13:35 - 2014-12-08 18:29 - 00000466 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2016-12-21 13:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-03 16:16 - 2016-06-04 16:48 - 00000000 ____D C:\Users\Datel\AppData\Local\Packages
2016-11-24 16:21 - 2016-10-26 19:45 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 41.lnk
2016-11-24 16:21 - 2016-09-25 01:53 - 00003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1421094398

==================== Files in the root of some directories =======

2014-12-23 13:22 - 2014-12-23 13:22 - 0002425 _____ () C:\Users\Datel\AppData\Local\FastClean.20141223.132200.txt
2014-12-23 13:26 - 2014-12-23 13:26 - 0001875 _____ () C:\Users\Datel\AppData\Local\FastClean.20141223.132643.txt
2014-12-23 13:23 - 2014-12-23 13:23 - 0002457 _____ () C:\Users\Datel\AppData\Local\IWDAudHelper.20141223.132313.txt
2014-12-23 13:28 - 2014-12-23 13:29 - 0050444 _____ () C:\Users\Datel\AppData\Local\IWDAudHelper.20141223.132820.txt
2014-12-23 13:22 - 2014-12-23 13:22 - 0000671 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132255.txt
2014-12-23 13:23 - 2014-12-23 13:23 - 0001245 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132313.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0001573 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132702.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0000661 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132750.txt
2014-12-23 13:27 - 2014-12-23 13:27 - 0001597 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132753.txt
2014-12-23 13:28 - 2014-12-23 13:28 - 0001227 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132804.txt
2014-12-23 13:29 - 2014-12-23 13:29 - 0001245 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.132905.txt
2014-12-23 13:34 - 2014-12-23 13:34 - 0001547 _____ () C:\Users\Datel\AppData\Local\PDLSetup.20141223.133445.txt

Some files in TEMP:
====================
C:\Users\Datel\AppData\Local\Temp\libeay32.dll
C:\Users\Datel\AppData\Local\Temp\msvcr120.dll
C:\Users\Datel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-21 11:18

==================== End of FRST.txt ============================

Re: Prosím o kontrolu - notebbook se při vypnutí o.s. zasekn

Napsal: 22 pro 2016 17:24
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
Toolbar: HKU\S-1-5-21-872970765-2336037875-4207061899-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\Datel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Datel\AppData\Local\Temp
Task: {39C87CA1-93A3-466D-B12F-0A24CB31C87D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3CAA18A7-865E-45CE-A6D9-3F878565C5D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4BA368AA-8130-4BED-90E9-3489FB304D3A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {626AEFB6-BF95-452C-BD44-E9BAF5AE4362} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {70C4FE2B-BF68-4417-B289-4A9BCFE8FB24} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75FD23EC-AEEA-4DCA-A9EA-B5657CAE0C84} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {781F1C1B-2ED8-4A8D-B13F-74141803C64D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {91040BB9-4FF4-4976-AA19-299EBF653405} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AE42CC06-5A91-41E1-B89D-FC46DCDE0C80} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B1506CA2-A57B-4B5F-A019-3B8BAE9FCC9F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C7DBB185-2124-4A20-B7D9-A5FE5EEFC620} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CA7F80A3-93D1-42EF-ADBB-D2286669BEBE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D0858F42-F419-4958-A688-52D47D91B22B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E03AD334-7DFE-4DE3-B2D5-169D13F4F92D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F5DAD770-D278-4EFC-9B3A-150A95669A8C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz