Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Blackscreen po Windows Update, DPAgent.exe - Chyba aplikace

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Blackscreen po Windows Update, DPAgent.exe - Chyba aplikace

#1 Příspěvek od tompson606 »

Zdravím, na notebooku HP ProBook 450 s Windowsem 8.1 jsem nechal stáhnout a nainstalovat přes Windows Update aktualizaci pro grafiku AMD a pár Aktualizací systému Windows 8 pro systémy na platformě x64 ... . Nechal jsem počítač pracovat přes noc a když jsem ho chtěl druhý den probudit ze spánku, trvalo to delší dobu než obvykle, (což jsem po aktualizaci tak nějak očekával..). Když jsem se konečně dostal na plochu a nechal naskočit všechny ikony atd. všechny reakce mi připadaly strašně zpomalené, jakoby byl zatížen disk, a taky že jo, ve správci úloh stále na 100%. Chtěl jsem se podívat přes ovládací panely na Windows Update, jestli byly všechny vybrané položky stáhnuté a v tom zčernala obrazovka, uprostřed systémová hláška: "DPAgent.exe - Chyba aplikace. Instrukce na adrese 0x05b1b8f0 odkazovala na adresu paměti 0x06501138. S pamětí nelze provést operaci: read. Kliknutím na tlačítko OK ukončíte program." Kliknu na OK hláška zmizí a nic se neděje, nikam se nedostanu ani přes ctrl+alt+del, alt+tab, alt+F4 prostě nic.

Díky za jakoukoliv radu,

Tomáš
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#2 Příspěvek od Rudy »

Zdravím!
Je možné nastartovat do nouz. režimu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#3 Příspěvek od tompson606 »

Ano, jsem na ploše v nouzovém režimu.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#4 Příspěvek od Rudy »

Udělejte obnovu systému k datu, kdy korketně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#5 Příspěvek od tompson606 »

Udělal jsem obnovu, tedy cca ten týden zpátky. Teď se mi podařilo Spustit NB v normálním režimu, ale. Spouštěl se docela dlouho než vůbec naskočila obrazovka pro přihlášení do Windows, poté tak pět minut, než naskočilo pozadí plochy ovšem bez ikon. Ve správci jsem opět zjistil že disk jede na 100 % bez přestání. Procesy "System", "Microsoft Compatibility Telemetry", "Hostitel služby: Místní služba" a ze začátku také "Windows Modules Installer Worker" zapisují na disk někdy i 20 MB/s což mi přijde šílený. Asi po půl hodině se na ploše objevila pouze ikona Avastu.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#6 Příspěvek od Rudy »

Tak vypadá to na nějakou systémovou chybu. Zkusíme vyčistit. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#7 Příspěvek od tompson606 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by tompson606 (administrator) on TOMAS-NB (01-08-2016 23:03:15)
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\tompson606\Downloads\CoreTemp32\Core Temp.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-02-07] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-26] (AVAST Software)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\3G HSDPA Modem\drv\DataCardMonitor.exe [345088 2011-03-07] (TODO: <Company name>)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Spotify Web Helper] => C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Facebook Update] => C:\Users\tompson606\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-28] (Facebook Inc.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7dca8454-b3b7-11e5-bf28-bc8556a523cc} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7f079922-7501-11e4-8250-bc8556a523cc} - "G:\Startme.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1009\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-26] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Rychlé spuštění.lnk [2015-10-09]
ShortcutTarget: SOLIDWORKS 2015 Rychlé spuštění.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-09]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-01-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{24A026BC-CCEF-498E-98D4-252C5090C956}: [DhcpNameServer] 172.16.6.241
Tcpip\..\Interfaces\{6A9453B1-EE4F-48DF-91E6-82FE433C4AE4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A698B053-B5BD-4A11-A171-BDCA219ACBE8}: [DhcpNameServer] 10.1.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
BHO: No Name -> {11BCEB97-22CA-A017-8193-E9BFE2D4E649} -> No File
BHO: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-26] (AVAST Software)
BHO: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll => No File
BHO-x32: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-26] (AVAST Software)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tompson606\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-09] (Ubisoft)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-01-03] [not signed]

Chrome:
=======
CHR HomePage: Default -> www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (James White) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-11]
CHR Extension: (YouTube) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Pushbullet) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-08-01]
CHR Extension: (Vyhledávání Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Unit Converter) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiicdapcioonpclifmhmcnhhdegnpke [2016-04-14]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-29]
CHR Extension: (AdBlock) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-01]
CHR Extension: (Avast Online Security) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Gmail) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhdcpcmdngdcjhjahgpnjkkfkeehkejj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home454\ch\MediaWatchV1home454.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-26]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-26] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [File not signed]
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2015-02-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-21] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-16] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-11-15] (SolidWorks) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-02-07] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-26] (AVAST Software)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2013-02-04] (GEAR Software Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 OSFMount; C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [552888 2013-10-18] (PassMark Software)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2016-01-29] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-19] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1513208 2016-04-01] (Sunplus)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-22] (StdLib)
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-01 23:03 - 2016-08-01 23:03 - 00033700 _____ C:\Users\tompson606\Desktop\FRST.txt
2016-08-01 23:02 - 2016-08-01 23:03 - 00000000 ____D C:\FRST
2016-08-01 22:59 - 2016-08-01 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\tompson606\Downloads\Nepotvrzeno 749907.crdownload
2016-08-01 22:57 - 2016-08-01 22:57 - 02394112 _____ (Farbar) C:\Users\tompson606\Desktop\FRST64.exe
2016-08-01 21:59 - 2016-08-01 23:04 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-01 21:59 - 2016-08-01 22:04 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-01 21:48 - 2008-06-24 14:45 - 01414440 _____ (Nero AG) C:\WINDOWS\SysWOW64\ShellManager310E2D762.dll
2016-08-01 21:48 - 2008-06-23 18:36 - 00773120 _____ C:\WINDOWS\SysWOW64\NEROINSTAEC43759.DB
2016-08-01 21:26 - 2016-08-01 21:26 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2016-08-01 20:23 - 2016-08-01 20:23 - 05792464 _____ (Microsoft Corporation) C:\Users\tompson606\Downloads\Windows10Upgrade24074.exe
2016-08-01 20:23 - 2016-08-01 20:23 - 00000729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-01 20:23 - 2016-08-01 20:23 - 00000717 _____ C:\Users\tompson606\Desktop\Pomocník při upgradu na Windows 10.lnk
2016-08-01 20:23 - 2016-08-01 20:23 - 00000000 ___HD C:\$GetCurrent
2016-08-01 20:23 - 2016-08-01 20:23 - 00000000 ____D C:\Windows10Upgrade
2016-07-26 22:51 - 2016-07-26 22:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-07-26 22:51 - 2016-07-26 22:49 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-26 22:50 - 2016-07-26 22:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-07-26 22:10 - 2016-07-26 22:10 - 00001951 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-26 22:10 - 2016-07-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-26 22:09 - 2016-08-01 20:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-26 22:09 - 2016-03-26 16:01 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-26 22:09 - 2016-03-26 16:01 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-07-26 22:09 - 2016-03-26 16:01 - 00287016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-26 22:09 - 2016-03-26 16:01 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-26 22:08 - 2016-03-26 16:00 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-18 20:36 - 2016-07-18 20:36 - 00000000 ____D C:\Users\AC\AppData\Roaming\Nero
2016-07-15 20:19 - 2016-08-01 20:19 - 00003194 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFortompson606
2016-07-15 20:19 - 2016-08-01 20:19 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFortompson606.job
2016-07-14 09:05 - 2016-07-14 09:05 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 09:04 - 2016-07-14 09:04 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-11 16:53 - 2016-07-11 16:53 - 00275759 _____ C:\Users\tompson606\Downloads\potvr.pdf
2016-07-10 16:55 - 2016-07-10 16:55 - 00000000 ____D C:\Users\tompson606\AppData\LocalLow\Smartly Dressed Games
2016-07-10 16:44 - 2016-07-10 16:44 - 00000000 ____D C:\Users\tompson606\AppData\Local\Steam
2016-07-09 21:28 - 2016-07-09 21:42 - 1514307584 _____ C:\Users\tompson606\Downloads\Neighbors.2014.480p.BDRip.AC3.XviD.4play.CZ.avi
2016-07-09 21:08 - 2016-07-09 21:08 - 00014950 _____ C:\Users\tompson606\Downloads\[CzT]Sousedi_Neighbors_2014_CZ_.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-01 22:50 - 2014-04-13 14:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-01 21:59 - 2014-03-28 20:18 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-01 21:59 - 2014-03-28 20:18 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-01 21:52 - 2013-10-31 15:46 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2051496915-2526895320-1986910058-1002
2016-08-01 21:49 - 2015-02-27 13:58 - 00000000 ____D C:\ProgramData\Nero
2016-08-01 21:48 - 2016-02-24 21:51 - 00001024 _____ C:\Users\tompson606\.rnd
2016-08-01 21:47 - 2013-12-24 14:15 - 01040384 ___SH C:\Users\tompson606\Desktop\Thumbs.db
2016-08-01 21:40 - 2015-08-31 21:40 - 00003204 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-NB$
2016-08-01 21:40 - 2015-08-31 21:40 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-NB$.job
2016-08-01 21:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-01 20:43 - 2014-08-21 17:18 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-01 20:43 - 2013-12-22 23:54 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\TS3Client
2016-08-01 20:43 - 2013-11-03 15:18 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\DAEMON Tools Lite
2016-08-01 20:43 - 2013-11-02 01:45 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\uTorrent
2016-08-01 20:39 - 2015-01-15 20:32 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-01 20:25 - 2014-12-24 22:57 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Skype
2016-08-01 20:22 - 2015-03-01 13:41 - 00003990 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B5F1473-7408-4B3F-8AA1-ED110E51ED37}
2016-08-01 20:20 - 2016-03-15 23:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-01 20:20 - 2014-12-24 22:56 - 00000000 ____D C:\ProgramData\Skype
2016-08-01 20:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-01 20:13 - 2014-11-26 00:06 - 00000000 ___RD C:\Users\tompson606\Disk Google
2016-08-01 20:13 - 2014-06-28 11:08 - 00000966 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002UA.job
2016-07-26 23:18 - 2013-04-29 07:58 - 00000000 ____D C:\ProgramData\PDFC
2016-07-26 23:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-26 23:15 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-26 23:13 - 2014-11-26 02:03 - 00000000 ____D C:\Users\tompson606
2016-07-26 23:01 - 2016-02-09 18:44 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-26 23:01 - 2016-02-09 18:44 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-26 22:58 - 2013-11-02 01:57 - 00007646 _____ C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2016-07-26 22:52 - 2013-10-31 20:47 - 00000000 ____D C:\ProgramData\Oracle
2016-07-26 22:51 - 2014-10-17 20:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-26 22:51 - 2013-11-14 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-26 22:50 - 2015-08-19 22:32 - 00000000 ____D C:\Users\tompson606\.oracle_jre_usage
2016-07-26 22:50 - 2014-01-27 03:35 - 00000000 ____D C:\Program Files\Java
2016-07-26 22:49 - 2015-08-19 22:39 - 00269888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2016-07-26 22:04 - 2014-11-26 18:21 - 00000000 __SHD C:\Users\tompson606\IntelGraphicsProfiles
2016-07-26 22:03 - 2015-02-27 14:02 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-07-24 22:14 - 2015-12-03 18:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-07-24 22:14 - 2015-04-19 18:15 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-24 22:14 - 2015-03-17 00:21 - 00000000 ____D C:\Program Files (x86)\Assassin's Creed Brotherhood
2016-07-24 22:14 - 2014-11-26 02:03 - 00000000 ____D C:\Users\AC
2016-07-24 22:14 - 2014-09-24 17:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-24 22:14 - 2014-05-31 12:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-07-24 22:14 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-24 22:10 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-24 22:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-07-24 22:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-07-24 22:00 - 2014-03-07 11:45 - 00000000 ____D C:\Users\AC\AppData\Local\Google
2016-07-24 21:58 - 2014-06-08 12:03 - 00000000 ____D C:\Program Files\AMD
2016-07-24 12:43 - 2013-11-04 01:20 - 00000000 ____D C:\Users\tompson606\AppData\Local\ElevatedDiagnostics
2016-07-19 21:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-19 20:59 - 2015-01-08 15:37 - 00000000 __SHD C:\Users\AC\IntelGraphicsProfiles
2016-07-15 11:13 - 2014-06-28 11:08 - 00000944 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002Core.job
2016-07-13 13:00 - 2013-10-31 15:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-13 12:50 - 2016-06-17 10:50 - 06079168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-07-13 12:50 - 2014-04-13 14:01 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-13 12:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-13 12:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-07 19:36 - 2013-12-30 01:04 - 00155648 ___SH C:\Users\tompson606\Downloads\Thumbs.db
2016-07-07 19:33 - 2015-10-24 19:15 - 00000000 ____D C:\Users\tompson606\Desktop\ANGLIE Jakub
2016-07-05 23:11 - 2015-07-13 23:28 - 00000000 ____D C:\Users\tompson606\Downloads\Minions.2015.HD-TS.XVID.AC3.HQ.Hive-CM8

==================== Files in the root of some directories =======

2013-02-26 08:28 - 2013-02-26 08:28 - 0027762 _____ () C:\Program Files (x86)\changes.txt
2013-02-26 08:56 - 2013-02-26 08:56 - 2391736 _____ (Beepa P/L) C:\Program Files (x86)\fraps.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 0234168 _____ (Beepa P/L) C:\Program Files (x86)\fraps32.dll
2013-02-26 08:56 - 2013-02-26 08:56 - 0068792 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dat
2013-02-26 08:34 - 2013-02-26 08:34 - 0186552 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dll
2013-02-26 08:54 - 2013-02-26 08:54 - 0139776 _____ (Beepa P/L) C:\Program Files (x86)\frapslcd.dll
2013-02-26 08:27 - 2013-02-26 08:27 - 0001894 _____ () C:\Program Files (x86)\README.HTM
2015-04-27 22:10 - 2015-04-27 22:10 - 0036079 _____ (Beepa Pty Ltd) C:\Program Files (x86)\uninstall.exe
2015-03-24 23:09 - 2015-03-24 23:09 - 0000027 _____ () C:\Users\tompson606\AppData\Roaming\SoundCloudDownloaderSettings.ini
2014-06-19 13:43 - 2014-06-19 13:43 - 0000024 _____ () C:\Users\tompson606\AppData\Roaming\temp.ini
2014-04-14 16:56 - 2016-02-16 18:09 - 0007680 _____ () C:\Users\tompson606\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-21 19:56 - 2016-03-21 19:56 - 0012803 _____ () C:\Users\tompson606\AppData\Local\recently-used.xbel
2013-11-02 01:57 - 2016-07-26 22:58 - 0007646 _____ () C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2015-08-08 01:06 - 2016-01-03 15:16 - 14216652 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-10-04 23:24 - 2015-11-14 14:33 - 0113240 _____ () C:\ProgramData\SynFPRmsiLogs.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-14 14:23

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#8 Příspěvek od Rudy »

Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#9 Příspěvek od tompson606 »

# AdwCleaner v3.023 - Report created 02/08/2016 at 22:52:09
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : tompson606 - TOMAS-NB
# Running from : C:\Users\tompson606\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\tompson606\AppData\Roaming\OpenCandy
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\Program Files (x86)\Uninstall.exe
File Deleted : C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.18124


-\\ Google Chrome v52.0.2743.82

[ File : C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\AC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3557 octets] - [13/04/2014 11:45:23]
AdwCleaner[R1].txt - [3617 octets] - [13/04/2014 12:20:36]
AdwCleaner[R2].txt - [3426 octets] - [02/08/2016 22:51:35]
AdwCleaner[S0].txt - [3451 octets] - [13/04/2014 12:21:22]
AdwCleaner[S1].txt - [3323 octets] - [02/08/2016 22:52:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3383 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#10 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#11 Příspěvek od tompson606 »

Jenom chci podotknout že po vyčištění tím adwcleanerem a po restartu NB se při načítání plochy opět objevila hláška o tom DPAgent.exe , S pamětí nelze provést operaci:read ... jak jsem psal v prvním příspěvku. Ovšem po kliknutí na OK hláška zmizela a žádné zamrznutí nebo tak něco.
Každopádně ten nový log:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by tompson606 (administrator) on TOMAS-NB (04-08-2016 17:58:17)
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
() C:\Users\tompson606\Downloads\CoreTemp32\Core Temp.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Spotify Ltd) C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-02-07] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-26] (AVAST Software)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\3G HSDPA Modem\drv\DataCardMonitor.exe [345088 2011-03-07] (TODO: <Company name>)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Spotify Web Helper] => C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Facebook Update] => C:\Users\tompson606\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-28] (Facebook Inc.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7dca8454-b3b7-11e5-bf28-bc8556a523cc} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7f079922-7501-11e4-8250-bc8556a523cc} - "G:\Startme.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1009\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-26] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Rychlé spuštění.lnk [2015-10-09]
ShortcutTarget: SOLIDWORKS 2015 Rychlé spuštění.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-09]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-01-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{24A026BC-CCEF-498E-98D4-252C5090C956}: [DhcpNameServer] 172.16.6.241
Tcpip\..\Interfaces\{6A9453B1-EE4F-48DF-91E6-82FE433C4AE4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A698B053-B5BD-4A11-A171-BDCA219ACBE8}: [DhcpNameServer] 10.1.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: No Name -> {11BCEB97-22CA-A017-8193-E9BFE2D4E649} -> No File
BHO: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-26] (AVAST Software)
BHO: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll => No File
BHO-x32: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-26] (AVAST Software)
BHO-x32: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tompson606\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-09] (Ubisoft)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-01-03] [not signed]

Chrome:
=======
CHR HomePage: Default -> www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (James White) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-11]
CHR Extension: (YouTube) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Pushbullet) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-08-01]
CHR Extension: (Vyhledávání Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Unit Converter) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiicdapcioonpclifmhmcnhhdegnpke [2016-04-14]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-29]
CHR Extension: (AdBlock) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-01]
CHR Extension: (Avast Online Security) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Gmail) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-02]
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhdcpcmdngdcjhjahgpnjkkfkeehkejj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home454\ch\MediaWatchV1home454.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-26]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-26] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [File not signed]
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2015-02-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-21] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-16] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-11-15] (SolidWorks) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-02-07] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-02] (AVAST Software)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2013-02-04] (GEAR Software Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 OSFMount; C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [552888 2013-10-18] (PassMark Software)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2016-01-29] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-19] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1513208 2016-04-01] (Sunplus)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-22] (StdLib)
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-04 17:57 - 2016-08-04 17:57 - 02393600 _____ (Farbar) C:\Users\tompson606\Desktop\FRST64.exe
2016-08-04 17:57 - 2016-08-04 17:57 - 00000000 ____D C:\Users\tompson606\Desktop\FRST-OlderVersion
2016-08-04 17:02 - 2016-08-04 17:02 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2016-08-02 22:09 - 2016-08-02 22:09 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-01 23:04 - 2016-08-01 23:05 - 00088978 _____ C:\Users\tompson606\Desktop\Addition.txt
2016-08-01 23:03 - 2016-08-04 17:58 - 00033217 _____ C:\Users\tompson606\Desktop\FRST.txt
2016-08-01 23:02 - 2016-08-04 17:58 - 00000000 ____D C:\FRST
2016-08-01 22:59 - 2016-08-01 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\tompson606\Downloads\Nepotvrzeno 749907.crdownload
2016-08-01 21:59 - 2016-08-04 17:04 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-01 21:59 - 2016-08-02 22:56 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-01 21:48 - 2008-06-24 14:45 - 01414440 _____ (Nero AG) C:\WINDOWS\SysWOW64\ShellManager310E2D762.dll
2016-08-01 21:48 - 2008-06-23 18:36 - 00773120 _____ C:\WINDOWS\SysWOW64\NEROINSTAEC43759.DB
2016-08-01 20:23 - 2016-08-01 20:23 - 05792464 _____ (Microsoft Corporation) C:\Users\tompson606\Downloads\Windows10Upgrade24074.exe
2016-08-01 20:23 - 2016-08-01 20:23 - 00000729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-01 20:23 - 2016-08-01 20:23 - 00000717 _____ C:\Users\tompson606\Desktop\Pomocník při upgradu na Windows 10.lnk
2016-08-01 20:23 - 2016-08-01 20:23 - 00000000 ___HD C:\$GetCurrent
2016-08-01 20:23 - 2016-08-01 20:23 - 00000000 ____D C:\Windows10Upgrade
2016-07-26 22:51 - 2016-07-26 22:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-07-26 22:51 - 2016-07-26 22:49 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-26 22:50 - 2016-07-26 22:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-07-26 22:10 - 2016-07-26 22:10 - 00001951 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-26 22:10 - 2016-07-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-26 22:09 - 2016-08-02 22:59 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-26 22:09 - 2016-03-26 16:01 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-26 22:09 - 2016-03-26 16:01 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-07-26 22:09 - 2016-03-26 16:01 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-26 22:09 - 2016-03-26 16:00 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-26 22:08 - 2016-03-26 16:00 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-18 20:36 - 2016-07-18 20:36 - 00000000 ____D C:\Users\AC\AppData\Roaming\Nero
2016-07-15 20:19 - 2016-08-01 20:19 - 00003194 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFortompson606
2016-07-15 20:19 - 2016-08-01 20:19 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFortompson606.job
2016-07-14 09:05 - 2016-07-14 09:05 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 09:04 - 2016-07-14 09:04 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-11 16:53 - 2016-07-11 16:53 - 00275759 _____ C:\Users\tompson606\Downloads\potvr.pdf
2016-07-10 16:55 - 2016-07-10 16:55 - 00000000 ____D C:\Users\tompson606\AppData\LocalLow\Smartly Dressed Games
2016-07-10 16:44 - 2016-07-10 16:44 - 00000000 ____D C:\Users\tompson606\AppData\Local\Steam
2016-07-09 21:28 - 2016-07-09 21:42 - 1514307584 _____ C:\Users\tompson606\Downloads\Neighbors.2014.480p.BDRip.AC3.XviD.4play.CZ.avi
2016-07-09 21:08 - 2016-07-09 21:08 - 00014950 _____ C:\Users\tompson606\Downloads\[CzT]Sousedi_Neighbors_2014_CZ_.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-04 17:50 - 2014-04-13 14:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-04 17:13 - 2014-06-28 11:08 - 00000966 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002UA.job
2016-08-04 17:05 - 2015-03-01 13:41 - 00003990 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B5F1473-7408-4B3F-8AA1-ED110E51ED37}
2016-08-03 18:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-03 16:59 - 2013-12-24 14:15 - 01064448 ___SH C:\Users\tompson606\Desktop\Thumbs.db
2016-08-02 22:58 - 2014-11-26 00:06 - 00000000 ___RD C:\Users\tompson606\Disk Google
2016-08-02 22:57 - 2016-03-21 19:55 - 00000000 ____D C:\Users\tompson606\Desktop\zábava
2016-08-02 22:57 - 2014-11-26 18:21 - 00000000 __SHD C:\Users\tompson606\IntelGraphicsProfiles
2016-08-02 22:56 - 2013-04-29 07:58 - 00000000 ____D C:\ProgramData\PDFC
2016-08-02 22:54 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-02 22:53 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-02 22:52 - 2014-04-13 11:44 - 00000000 ____D C:\AdwCleaner
2016-08-02 16:33 - 2016-05-21 21:50 - 00000000 ____D C:\Users\tompson606\Downloads\The.Hunger.Games.Mockingjay.Part.2.2015.DVDRip.XviD.AC3-EVO
2016-08-02 16:30 - 2013-10-31 15:46 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2051496915-2526895320-1986910058-1002
2016-08-01 21:59 - 2014-03-28 20:18 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-01 21:59 - 2014-03-28 20:18 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-01 21:49 - 2015-02-27 13:58 - 00000000 ____D C:\ProgramData\Nero
2016-08-01 21:48 - 2016-02-24 21:51 - 00001024 _____ C:\Users\tompson606\.rnd
2016-08-01 21:40 - 2015-08-31 21:40 - 00003204 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-NB$
2016-08-01 21:40 - 2015-08-31 21:40 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-NB$.job
2016-08-01 20:43 - 2014-08-21 17:18 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-01 20:43 - 2013-12-22 23:54 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\TS3Client
2016-08-01 20:43 - 2013-11-03 15:18 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\DAEMON Tools Lite
2016-08-01 20:43 - 2013-11-02 01:45 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\uTorrent
2016-08-01 20:39 - 2015-01-15 20:32 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-01 20:25 - 2014-12-24 22:57 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Skype
2016-08-01 20:20 - 2016-03-15 23:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-01 20:20 - 2014-12-24 22:56 - 00000000 ____D C:\ProgramData\Skype
2016-08-01 20:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-26 23:13 - 2014-11-26 02:03 - 00000000 ____D C:\Users\tompson606
2016-07-26 23:01 - 2016-02-09 18:44 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-26 23:01 - 2016-02-09 18:44 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-26 22:58 - 2013-11-02 01:57 - 00007646 _____ C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2016-07-26 22:52 - 2013-10-31 20:47 - 00000000 ____D C:\ProgramData\Oracle
2016-07-26 22:51 - 2014-10-17 20:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-26 22:51 - 2013-11-14 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-26 22:50 - 2015-08-19 22:32 - 00000000 ____D C:\Users\tompson606\.oracle_jre_usage
2016-07-26 22:50 - 2014-01-27 03:35 - 00000000 ____D C:\Program Files\Java
2016-07-26 22:49 - 2015-08-19 22:39 - 00269888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2016-07-26 22:03 - 2015-02-27 14:02 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-07-24 22:14 - 2015-12-03 18:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-07-24 22:14 - 2015-04-19 18:15 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-24 22:14 - 2015-03-17 00:21 - 00000000 ____D C:\Program Files (x86)\Assassin's Creed Brotherhood
2016-07-24 22:14 - 2014-11-26 02:03 - 00000000 ____D C:\Users\AC
2016-07-24 22:14 - 2014-09-24 17:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-24 22:14 - 2014-05-31 12:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-07-24 22:14 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-24 22:10 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-24 22:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-07-24 22:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-07-24 22:00 - 2014-03-07 11:45 - 00000000 ____D C:\Users\AC\AppData\Local\Google
2016-07-24 21:58 - 2014-06-08 12:03 - 00000000 ____D C:\Program Files\AMD
2016-07-24 12:43 - 2013-11-04 01:20 - 00000000 ____D C:\Users\tompson606\AppData\Local\ElevatedDiagnostics
2016-07-19 21:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-19 20:59 - 2015-01-08 15:37 - 00000000 __SHD C:\Users\AC\IntelGraphicsProfiles
2016-07-15 11:13 - 2014-06-28 11:08 - 00000944 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002Core.job
2016-07-13 13:00 - 2013-10-31 15:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-13 12:50 - 2016-06-17 10:50 - 06079168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-07-13 12:50 - 2014-04-13 14:01 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-13 12:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-13 12:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-07 19:36 - 2013-12-30 01:04 - 00155648 ___SH C:\Users\tompson606\Downloads\Thumbs.db
2016-07-07 19:33 - 2015-10-24 19:15 - 00000000 ____D C:\Users\tompson606\Desktop\ANGLIE Jakub
2016-07-05 23:11 - 2015-07-13 23:28 - 00000000 ____D C:\Users\tompson606\Downloads\Minions.2015.HD-TS.XVID.AC3.HQ.Hive-CM8

==================== Files in the root of some directories =======

2013-02-26 08:28 - 2013-02-26 08:28 - 0027762 _____ () C:\Program Files (x86)\changes.txt
2013-02-26 08:56 - 2013-02-26 08:56 - 2391736 _____ (Beepa P/L) C:\Program Files (x86)\fraps.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 0234168 _____ (Beepa P/L) C:\Program Files (x86)\fraps32.dll
2013-02-26 08:56 - 2013-02-26 08:56 - 0068792 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dat
2013-02-26 08:34 - 2013-02-26 08:34 - 0186552 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dll
2013-02-26 08:54 - 2013-02-26 08:54 - 0139776 _____ (Beepa P/L) C:\Program Files (x86)\frapslcd.dll
2013-02-26 08:27 - 2013-02-26 08:27 - 0001894 _____ () C:\Program Files (x86)\README.HTM
2015-03-24 23:09 - 2015-03-24 23:09 - 0000027 _____ () C:\Users\tompson606\AppData\Roaming\SoundCloudDownloaderSettings.ini
2014-06-19 13:43 - 2014-06-19 13:43 - 0000024 _____ () C:\Users\tompson606\AppData\Roaming\temp.ini
2014-04-14 16:56 - 2016-02-16 18:09 - 0007680 _____ () C:\Users\tompson606\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-21 19:56 - 2016-03-21 19:56 - 0012803 _____ () C:\Users\tompson606\AppData\Local\recently-used.xbel
2013-11-02 01:57 - 2016-07-26 22:58 - 0007646 _____ () C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2015-08-08 01:06 - 2016-01-03 15:16 - 14216652 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-10-04 23:24 - 2015-11-14 14:33 - 0113240 _____ () C:\ProgramData\SynFPRmsiLogs.log

Some files in TEMP:
====================
C:\Users\tompson606\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-03 18:51

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#12 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Facebook Update] => C:\Users\tompson606\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-28] (Facebook Inc.)
C:\Users\tompson606\AppData\Local\Facebook\Update
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7dca8454-b3b7-11e5-bf28-bc8556a523cc} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7f079922-7501-11e4-8250-bc8556a523cc} - "G:\Startme.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: No Name -> {11BCEB97-22CA-A017-8193-E9BFE2D4E649} -> No File
BHO: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll => No File
BHO-x32: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO-x32: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HKLM-x32\...\Chrome\Extension: [dhdcpcmdngdcjhjahgpnjkkfkeehkejj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home454\ch\MediaWatchV1home454.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002UA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002Core.job
C:\Users\tompson606\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#13 Příspěvek od tompson606 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by tompson606 (2016-08-04 19:04:20) Run:1
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Facebook Update] => C:\Users\tompson606\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-28] (Facebook Inc.)
C:\Users\tompson606\AppData\Local\Facebook\Update
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7dca8454-b3b7-11e5-bf28-bc8556a523cc} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\MountPoints2: {7f079922-7501-11e4-8250-bc8556a523cc} - "G:\Startme.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: No Name -> {11BCEB97-22CA-A017-8193-E9BFE2D4E649} -> No File
BHO: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll => No File
BHO-x32: No Name -> {36ABC7EF-361F-58AA-9F58-72ECF208BE52} -> No File
BHO-x32: No Name -> {DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HKLM-x32\...\Chrome\Extension: [dhdcpcmdngdcjhjahgpnjkkfkeehkejj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home454\ch\MediaWatchV1home454.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002UA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002Core.job
C:\Users\tompson606\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully
C:\Users\tompson606\AppData\Local\Facebook\Update => moved successfully
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Nero MediaHome 4 => value removed successfully
"HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dca8454-b3b7-11e5-bf28-bc8556a523cc}" => key removed successfully
HKCR\CLSID\{7dca8454-b3b7-11e5-bf28-bc8556a523cc} => key not found.
"HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f079922-7501-11e4-8250-bc8556a523cc}" => key removed successfully
HKCR\CLSID\{7f079922-7501-11e4-8250-bc8556a523cc} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google" => key removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Policies\Google => key not found.
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Policies\Google => key not found.
Could not restore Default URLSearchHook.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BCEB97-22CA-A017-8193-E9BFE2D4E649}" => key removed successfully
HKCR\CLSID\{11BCEB97-22CA-A017-8193-E9BFE2D4E649} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36ABC7EF-361F-58AA-9F58-72ECF208BE52}" => key removed successfully
HKCR\CLSID\{36ABC7EF-361F-58AA-9F58-72ECF208BE52} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38}" => key removed successfully
HKCR\CLSID\{DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{3134413B-49B4-425C-98A5-893C1F195601}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36ABC7EF-361F-58AA-9F58-72ECF208BE52}" => key removed successfully
HKCR\Wow6432Node\CLSID\{36ABC7EF-361F-58AA-9F58-72ECF208BE52} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38}" => key removed successfully
HKCR\Wow6432Node\CLSID\{DB3CF2B2-2FF8-14F2-2CEC-025BB1170D38} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdcpcmdngdcjhjahgpnjkkfkeehkejj" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002UA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2051496915-2526895320-1986910058-1002Core.job => moved successfully

"C:\Users\tompson606\AppData\Local\Temp" folder move:

Could not move "C:\Users\tompson606\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-04 19:07:52)

C:\Users\tompson606\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:07:55 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#14 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tompson606
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 dub 2014 14:42

Re: Blackscreen po Windows Update, DPAgent.exe - Chyba aplik

#15 Příspěvek od tompson606 »

Už to celkem šlape, moc děkuji za pomoc. Jenom ještě jedna otázka. Prošvihl jsem lhůtu upgradu na Windows 10. Co si myslíte o tomto krátkém článku a s ním souvisejícím upgradu na Windows 10 pro zákazníky používající technologie usnadnění? http://technet.idnes.cz/windows-10-zdar ... ftware_vse Přemýšlel jsem jestli se do toho mám pouštět, po tom, co jsem měl problémy s obyčejnou Windows aktualizací.
Děkuji za názor a mějte se :)
Nahoru
Odpovědět

Zpět na „Diskuze, řešení problémů“