Dobrý den,
mám zpomalený notebook a firefox shodí systém i během zadávání textu do vyhledávacího pole, zkusil jsem vypnout hardwarovou akceleraci (firefox i flash), ale nepomohlo.
Bluescreen error 0x0000007F (0x00000008, 0x801E5000, 0x00000000)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
Ran by Baal (administrator) on TARTAR (22-12-2015 14:10:42)
Running from C:\Users\Baal\Desktop
Loaded Profiles: Baal (Available Profiles: Baal & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Robert McNeel & Associates) C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Windows\Gtwatch.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\Gtwatch.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Common Group) C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ESRI) C:\Program Files\ArcGIS\License10.1\bin\ARCGIS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [] => C:\Windows\Gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [358456 2010-04-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-03] (Synaptics Incorporated)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-04-05] (Intel Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [358936 2009-07-15] (Intel Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-22] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-09] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKLM\...\Run: [Gtwatch] => C:\Windows\gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [24952456 2015-12-13] (Dropbox, Inc.)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2010-03-24] (Hewlett-Packard Limited)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [389352 2010-08-09] (SANDBOXIE L.T.D)
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89856 2010-01-18] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-01-08]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Watch.lnk [2014-03-27]
ShortcutTarget: Watch.lnk -> C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe (Common Group)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14ECA6B0-9807-413F-85C9-EC30250604EE}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{F2CD4EE9-470A-40BA-9EF4-C5DA23A2BD4F}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.geofond.cz/wasgiv/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> DefaultScope {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {10EB88EC-D735-4F63-8320-53252D504002} URL = hxxp://www.google.com/search?q={searchTerms}&h ... mages&tbs=
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files\Photosynth\npPhotosynthMozilla.dll [2010-03-17] ()
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.90 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2011-03-21] (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-06-01]
FF Extension: ScrapBook - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2015-06-01]
FF Extension: Xmarks - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\foxmarks@kei.com [2015-06-01]
FF Extension: DownThemAll! - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 ArcGIS License Manager; C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Flexera Software, Inc.)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192768 2010-01-18] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\bin\AsChnl.dll [150272 2010-01-18] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-09] (COMODO)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [4715880 2009-11-20] (DisplayLink Corp.)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [362040 2010-03-24] (Hewlett-Packard Ltd)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064752 2014-07-14] (Flexera Software LLC)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520 2010-11-15] (Hewlett-Packard Company)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2010-04-13] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256616 2010-03-05] (McAfee, Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 McNeelUpdate; C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-03-05] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-07-15] (Intel Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627312 2015-11-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2010-03-08] (Hewlett-Packard Development Company L.P.)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [165488 2009-11-20] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13936 2009-11-20] (DisplayLink Corp.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed]
S3 GT681x; C:\Windows\System32\DRIVERS\GT681x.SYS [18120 2001-08-27] ( ) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
R3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [12600 2010-03-05] (SafeBoot International)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [109288 2010-03-05] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51480 2010-03-05] (SafeBoot N.V.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13032 2010-03-05] (SafeBoot International)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1810856 2008-10-09] ()
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 14:10 - 2015-12-22 14:13 - 00024378 _____ C:\Users\Baal\Desktop\FRST.txt
2015-12-22 14:10 - 2015-12-22 14:10 - 00000000 ____D C:\FRST
2015-12-22 13:58 - 2015-12-22 13:59 - 00112640 _____ (forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
2015-12-22 13:54 - 2015-12-22 13:54 - 01721344 _____ (Farbar) C:\Users\Baal\Desktop\FRST.exe
2015-12-21 14:04 - 2015-12-21 14:05 - 00144024 _____ C:\Windows\Minidump\122115-28922-01.dmp
2015-12-16 11:57 - 2015-12-16 11:57 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 11:57 - 2015-12-16 11:57 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-13 13:10 - 2015-12-13 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-03 21:31 - 2015-12-03 21:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 14:46 - 2015-12-02 14:52 - 00000026 _____ C:\Users\Baal\Desktop\TODO 2015 .txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 14:21 - 2015-11-11 14:14 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-22 14:20 - 2015-11-11 14:14 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-22 14:11 - 2012-07-24 12:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-22 14:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-21 14:12 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 14:12 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 14:09 - 2015-11-11 14:19 - 00000000 ___RD C:\Users\Baal\Dropbox
2015-12-21 14:09 - 2015-11-11 14:14 - 00000000 ____D C:\Users\Baal\AppData\Local\Dropbox
2015-12-21 14:08 - 2013-02-06 23:34 - 00000180 _____ C:\ProgramData\HPWALog.txt
2015-12-21 14:06 - 2010-10-10 21:30 - 00000000 ____D C:\ProgramData\hpqLog
2015-12-21 14:05 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 14:04 - 2013-08-08 09:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-21 14:04 - 2011-02-23 15:22 - 00000000 ____D C:\Windows\Minidump
2015-12-21 13:08 - 2015-11-06 21:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-21 12:58 - 2010-10-28 16:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\uTorrent
2015-12-21 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-21 11:21 - 2013-07-18 11:24 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-21 11:21 - 2013-07-18 11:24 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-18 16:48 - 2015-05-21 12:41 - 00108225 _____ C:\Users\Baal\Desktop\ADRESY.TXT
2015-12-16 11:57 - 2014-04-22 22:06 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 11:57 - 2014-01-03 22:45 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-14 15:36 - 2013-07-03 10:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\vlc
2015-12-13 13:10 - 2015-11-11 14:14 - 00000000 ____D C:\Program Files\Dropbox
2015-12-09 13:10 - 2012-07-24 12:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 13:10 - 2012-07-24 12:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-02 11:32 - 2011-05-25 08:05 - 00001849 _____ C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2015-12-01 12:42 - 2010-10-10 14:20 - 01845764 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 12:42 - 2009-07-14 09:44 - 00795824 _____ C:\Windows\system32\perfh005.dat
2015-12-01 12:42 - 2009-07-14 09:44 - 00215502 _____ C:\Windows\system32\perfc005.dat
2015-11-29 13:17 - 2010-10-10 20:11 - 00000000 ____D C:\Users\Baal\AppData\Local\ElevatedDiagnostics
2015-11-28 19:11 - 2015-05-08 14:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2012-12-24 16:34 - 2012-12-24 16:35 - 0000343 _____ () C:\Users\Baal\AppData\Roaming\.ptbt0
2011-05-25 08:05 - 2015-12-02 11:32 - 0001849 _____ () C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\AtStart.txt
2011-10-03 08:36 - 2013-03-15 18:08 - 0006656 _____ () C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\DSwitch.txt
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\QSwitch.txt
2013-10-24 17:13 - 2013-10-24 17:13 - 0007673 _____ () C:\Users\Baal\AppData\Local\Resmon.ResmonCfg
2013-02-06 23:34 - 2015-12-21 14:08 - 0000180 _____ () C:\ProgramData\HPWALog.txt
2010-10-11 00:46 - 2012-07-06 15:04 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-07-14 06:00 - 2014-07-14 06:00 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some zero byte size files/folders:
==========================
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Disabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Baal\Desktop" je 8 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Bluescreen of death Firefox 43
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
wilgefortz
- Návštěvník
- Příspěvky: 64
- Registrován: 04 čer 2007 13:29
Bluescreen of death Firefox 43
- Přílohy
-
- AdditionJ.zip
- (9.12 KiB) Staženo 84 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Bluescreen of death Firefox 43
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
wilgefortz
- Návštěvník
- Příspěvky: 64
- Registrován: 04 čer 2007 13:29
Re: Bluescreen of death Firefox 43
# AdwCleaner v5.026 - Logfile created 26/12/2015 at 13:39:45
# Updated 21/12/2015 by Xplode
# Database : 2015-12-21.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Baal - TARTAR
# Running from : C:\Users\Baal\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [855 bytes] ##########
# Updated 21/12/2015 by Xplode
# Database : 2015-12-21.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Baal - TARTAR
# Running from : C:\Users\Baal\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [855 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Bluescreen of death Firefox 43
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
wilgefortz
- Návštěvník
- Příspěvky: 64
- Registrován: 04 čer 2007 13:29
Re: Bluescreen of death Firefox 43
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
Ran by Baal (administrator) on TARTAR (26-12-2015 18:54:26)
Running from C:\Users\Baal\Desktop
Loaded Profiles: Baal (Available Profiles: Baal & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Robert McNeel & Associates) C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Windows\Gtwatch.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\Gtwatch.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Common Group) C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(ESRI) C:\Program Files\ArcGIS\License10.1\bin\ARCGIS.exe
(forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [] => C:\Windows\Gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [358456 2010-04-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-03] (Synaptics Incorporated)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-04-05] (Intel Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [358936 2009-07-15] (Intel Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-22] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-09] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKLM\...\Run: [Gtwatch] => C:\Windows\gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [24952456 2015-12-13] (Dropbox, Inc.)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2010-03-24] (Hewlett-Packard Limited)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [389352 2010-08-09] (SANDBOXIE L.T.D)
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89856 2010-01-18] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-01-08]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Watch.lnk [2014-03-27]
ShortcutTarget: Watch.lnk -> C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe (Common Group)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{14ECA6B0-9807-413F-85C9-EC30250604EE}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{F2CD4EE9-470A-40BA-9EF4-C5DA23A2BD4F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.geofond.cz/wasgiv/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> DefaultScope {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {10EB88EC-D735-4F63-8320-53252D504002} URL = hxxp://www.google.com/search?q={searchTerms}&h ... mages&tbs=
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files\Photosynth\npPhotosynthMozilla.dll [2010-03-17] ()
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.90 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2011-03-21] (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-06-01]
FF Extension: ScrapBook - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2015-06-01]
FF Extension: Xmarks - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\foxmarks@kei.com [2015-06-01]
FF Extension: DownThemAll! - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 ArcGIS License Manager; C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Flexera Software, Inc.)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192768 2010-01-18] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\bin\AsChnl.dll [150272 2010-01-18] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-09] (COMODO)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [4715880 2009-11-20] (DisplayLink Corp.)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [362040 2010-03-24] (Hewlett-Packard Ltd)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064752 2014-07-14] (Flexera Software LLC)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520 2010-11-15] (Hewlett-Packard Company)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2010-04-13] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256616 2010-03-05] (McAfee, Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 McNeelUpdate; C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-03-05] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-07-15] (Intel Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627312 2015-11-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2010-03-08] (Hewlett-Packard Development Company L.P.)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [165488 2009-11-20] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13936 2009-11-20] (DisplayLink Corp.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed]
S3 GT681x; C:\Windows\System32\DRIVERS\GT681x.SYS [18120 2001-08-27] ( ) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
R3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [12600 2010-03-05] (SafeBoot International)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [109288 2010-03-05] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51480 2010-03-05] (SafeBoot N.V.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13032 2010-03-05] (SafeBoot International)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1810856 2008-10-09] ()
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-26 18:54 - 2015-12-26 18:55 - 00024205 _____ C:\Users\Baal\Desktop\FRST.txt
2015-12-26 13:34 - 2015-12-23 06:14 - 01743360 _____ C:\Users\Baal\Desktop\adwcleaner_5.026.exe
2015-12-26 13:13 - 2015-12-26 13:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2015-12-26 13:13 - 2015-12-26 13:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2015-12-22 15:01 - 2015-12-22 15:01 - 00143976 _____ C:\Windows\Minidump\122215-28236-01.dmp
2015-12-22 14:10 - 2015-12-22 14:10 - 00000000 ____D C:\FRST
2015-12-22 13:58 - 2015-12-22 13:59 - 00112640 _____ (forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
2015-12-22 13:54 - 2015-12-22 13:54 - 01721344 _____ (Farbar) C:\Users\Baal\Desktop\FRST.exe
2015-12-21 14:04 - 2015-12-21 14:05 - 00144024 _____ C:\Windows\Minidump\122115-28922-01.dmp
2015-12-16 11:57 - 2015-12-16 11:57 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 11:57 - 2015-12-16 11:57 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-13 13:10 - 2015-12-13 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-03 21:31 - 2015-12-03 21:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 14:46 - 2015-12-02 14:52 - 00000026 _____ C:\Users\Baal\Desktop\TODO 2015 .txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-26 18:19 - 2015-11-11 14:14 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-26 18:10 - 2012-07-24 12:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-26 17:18 - 2015-11-11 14:14 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-26 17:11 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-26 17:11 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-26 13:47 - 2015-11-11 14:19 - 00000000 ___RD C:\Users\Baal\Dropbox
2015-12-26 13:47 - 2015-11-11 14:14 - 00000000 ____D C:\Users\Baal\AppData\Local\Dropbox
2015-12-26 13:46 - 2013-02-06 23:34 - 00000180 _____ C:\ProgramData\HPWALog.txt
2015-12-26 13:42 - 2010-10-10 21:30 - 00000000 ____D C:\ProgramData\hpqLog
2015-12-26 13:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-26 13:39 - 2014-06-20 12:27 - 00000000 ____D C:\AdwCleaner
2015-12-26 13:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-26 00:13 - 2013-07-03 10:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\vlc
2015-12-24 11:28 - 2015-05-21 12:41 - 00108250 _____ C:\Users\Baal\Desktop\ADRESY.TXT
2015-12-23 05:46 - 2011-05-25 08:05 - 00001849 _____ C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2015-12-22 15:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-22 15:01 - 2011-02-23 15:22 - 00000000 ____D C:\Windows\Minidump
2015-12-21 14:04 - 2013-08-08 09:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-21 13:08 - 2015-11-06 21:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-21 12:58 - 2010-10-28 16:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\uTorrent
2015-12-21 11:21 - 2013-07-18 11:24 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-21 11:21 - 2013-07-18 11:24 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-16 11:57 - 2014-04-22 22:06 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 11:57 - 2014-01-03 22:45 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-13 13:10 - 2015-11-11 14:14 - 00000000 ____D C:\Program Files\Dropbox
2015-12-09 13:10 - 2012-07-24 12:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 13:10 - 2012-07-24 12:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-01 12:42 - 2010-10-10 14:20 - 01845764 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 12:42 - 2009-07-14 09:44 - 00795824 _____ C:\Windows\system32\perfh005.dat
2015-12-01 12:42 - 2009-07-14 09:44 - 00215502 _____ C:\Windows\system32\perfc005.dat
2015-11-29 13:17 - 2010-10-10 20:11 - 00000000 ____D C:\Users\Baal\AppData\Local\ElevatedDiagnostics
2015-11-28 19:11 - 2015-05-08 14:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2012-12-24 16:34 - 2012-12-24 16:35 - 0000343 _____ () C:\Users\Baal\AppData\Roaming\.ptbt0
2011-05-25 08:05 - 2015-12-23 05:46 - 0001849 _____ () C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\AtStart.txt
2011-10-03 08:36 - 2013-03-15 18:08 - 0006656 _____ () C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\DSwitch.txt
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\QSwitch.txt
2013-10-24 17:13 - 2013-10-24 17:13 - 0007673 _____ () C:\Users\Baal\AppData\Local\Resmon.ResmonCfg
2013-02-06 23:34 - 2015-12-26 13:46 - 0000180 _____ () C:\ProgramData\HPWALog.txt
2010-10-11 00:46 - 2012-07-06 15:04 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-07-14 06:00 - 2014-07-14 06:00 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Baal\AppData\Local\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Baal\Desktop" je 9 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Baal (administrator) on TARTAR (26-12-2015 18:54:26)
Running from C:\Users\Baal\Desktop
Loaded Profiles: Baal (Available Profiles: Baal & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Flexera Software, Inc.) C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Robert McNeel & Associates) C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Windows\Gtwatch.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\Gtwatch.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Common Group) C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(ESRI) C:\Program Files\ArcGIS\License10.1\bin\ARCGIS.exe
(forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [] => C:\Windows\Gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [358456 2010-04-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-03] (Synaptics Incorporated)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-04-05] (Intel Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [358936 2009-07-15] (Intel Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-22] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-09] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKLM\...\Run: [Gtwatch] => C:\Windows\gtwatch.exe [45056 2001-08-24] ()
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [24952456 2015-12-13] (Dropbox, Inc.)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2010-03-24] (Hewlett-Packard Limited)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [389352 2010-08-09] (SANDBOXIE L.T.D)
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89856 2010-01-18] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-01-08]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Watch.lnk [2014-03-27]
ShortcutTarget: Watch.lnk -> C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe (Common Group)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{14ECA6B0-9807-413F-85C9-EC30250604EE}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{F2CD4EE9-470A-40BA-9EF4-C5DA23A2BD4F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.geofond.cz/wasgiv/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> DefaultScope {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {10EB88EC-D735-4F63-8320-53252D504002} URL = hxxp://www.google.com/search?q={searchTerms}&h ... mages&tbs=
SearchScopes: HKU\S-1-5-21-235677658-2731025366-2357892570-1000 -> {404D6576-8651-4A48-9757-A792E32C989D} URL = hxxp://www.google.cz/search?as_q={searchTerms} ... %AD+Google
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-05-22] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files\Photosynth\npPhotosynthMozilla.dll [2010-03-17] ()
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.90 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2011-03-21] (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2010-08-13] (NOS Microsystems Ltd.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\adblockpopups@jessehakanen.net.xpi [2015-06-01]
FF Extension: ScrapBook - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2015-06-01]
FF Extension: Xmarks - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\foxmarks@kei.com [2015-06-01]
FF Extension: DownThemAll! - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Baal\AppData\Roaming\Mozilla\Firefox\Profiles\yirla2sz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 ArcGIS License Manager; C:\Program Files\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Flexera Software, Inc.)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192768 2010-01-18] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\bin\AsChnl.dll [150272 2010-01-18] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-09] (COMODO)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [4715880 2009-11-20] (DisplayLink Corp.)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [362040 2010-03-24] (Hewlett-Packard Ltd)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064752 2014-07-14] (Flexera Software LLC)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520 2010-11-15] (Hewlett-Packard Company)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2010-04-13] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256616 2010-03-05] (McAfee, Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 McNeelUpdate; C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-03-05] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-07-15] (Intel Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627312 2015-11-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2010-03-08] (Hewlett-Packard Development Company L.P.)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [165488 2009-11-20] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13936 2009-11-20] (DisplayLink Corp.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed]
S3 GT681x; C:\Windows\System32\DRIVERS\GT681x.SYS [18120 2001-08-27] ( ) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
R3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [12600 2010-03-05] (SafeBoot International)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [109288 2010-03-05] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51480 2010-03-05] (SafeBoot N.V.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13032 2010-03-05] (SafeBoot International)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1810856 2008-10-09] ()
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-26 18:54 - 2015-12-26 18:55 - 00024205 _____ C:\Users\Baal\Desktop\FRST.txt
2015-12-26 13:34 - 2015-12-23 06:14 - 01743360 _____ C:\Users\Baal\Desktop\adwcleaner_5.026.exe
2015-12-26 13:13 - 2015-12-26 13:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2015-12-26 13:13 - 2015-12-26 13:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2015-12-22 15:01 - 2015-12-22 15:01 - 00143976 _____ C:\Windows\Minidump\122215-28236-01.dmp
2015-12-22 14:10 - 2015-12-22 14:10 - 00000000 ____D C:\FRST
2015-12-22 13:58 - 2015-12-22 13:59 - 00112640 _____ (forum.viry.cz) C:\Users\Baal\Desktop\FRSTLauncher.exe
2015-12-22 13:54 - 2015-12-22 13:54 - 01721344 _____ (Farbar) C:\Users\Baal\Desktop\FRST.exe
2015-12-21 14:04 - 2015-12-21 14:05 - 00144024 _____ C:\Windows\Minidump\122115-28922-01.dmp
2015-12-16 11:57 - 2015-12-16 11:57 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 11:57 - 2015-12-16 11:57 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-13 13:10 - 2015-12-13 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-03 21:31 - 2015-12-03 21:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 14:46 - 2015-12-02 14:52 - 00000026 _____ C:\Users\Baal\Desktop\TODO 2015 .txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-26 18:19 - 2015-11-11 14:14 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-26 18:10 - 2012-07-24 12:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-26 17:18 - 2015-11-11 14:14 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-26 17:11 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-26 17:11 - 2009-07-14 05:34 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-26 13:47 - 2015-11-11 14:19 - 00000000 ___RD C:\Users\Baal\Dropbox
2015-12-26 13:47 - 2015-11-11 14:14 - 00000000 ____D C:\Users\Baal\AppData\Local\Dropbox
2015-12-26 13:46 - 2013-02-06 23:34 - 00000180 _____ C:\ProgramData\HPWALog.txt
2015-12-26 13:42 - 2010-10-10 21:30 - 00000000 ____D C:\ProgramData\hpqLog
2015-12-26 13:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-26 13:39 - 2014-06-20 12:27 - 00000000 ____D C:\AdwCleaner
2015-12-26 13:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-26 00:13 - 2013-07-03 10:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\vlc
2015-12-24 11:28 - 2015-05-21 12:41 - 00108250 _____ C:\Users\Baal\Desktop\ADRESY.TXT
2015-12-23 05:46 - 2011-05-25 08:05 - 00001849 _____ C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2015-12-22 15:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-22 15:01 - 2011-02-23 15:22 - 00000000 ____D C:\Windows\Minidump
2015-12-21 14:04 - 2013-08-08 09:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-21 13:08 - 2015-11-06 21:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-21 12:58 - 2010-10-28 16:26 - 00000000 ____D C:\Users\Baal\AppData\Roaming\uTorrent
2015-12-21 11:21 - 2013-07-18 11:24 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-21 11:21 - 2013-07-18 11:24 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-16 11:57 - 2014-04-22 22:06 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 11:57 - 2014-01-03 22:45 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 11:57 - 2013-07-18 11:24 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-13 13:10 - 2015-11-11 14:14 - 00000000 ____D C:\Program Files\Dropbox
2015-12-09 13:10 - 2012-07-24 12:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 13:10 - 2012-07-24 12:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-01 12:42 - 2010-10-10 14:20 - 01845764 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 12:42 - 2009-07-14 09:44 - 00795824 _____ C:\Windows\system32\perfh005.dat
2015-12-01 12:42 - 2009-07-14 09:44 - 00215502 _____ C:\Windows\system32\perfc005.dat
2015-11-29 13:17 - 2010-10-10 20:11 - 00000000 ____D C:\Users\Baal\AppData\Local\ElevatedDiagnostics
2015-11-28 19:11 - 2015-05-08 14:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2012-12-24 16:34 - 2012-12-24 16:35 - 0000343 _____ () C:\Users\Baal\AppData\Roaming\.ptbt0
2011-05-25 08:05 - 2015-12-23 05:46 - 0001849 _____ () C:\Users\Baal\AppData\Roaming\GhostObjGAFix.xml
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\AtStart.txt
2011-10-03 08:36 - 2013-03-15 18:08 - 0006656 _____ () C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\DSwitch.txt
2010-10-10 21:52 - 2010-10-10 21:52 - 0000000 _____ () C:\Users\Baal\AppData\Local\QSwitch.txt
2013-10-24 17:13 - 2013-10-24 17:13 - 0007673 _____ () C:\Users\Baal\AppData\Local\Resmon.ResmonCfg
2013-02-06 23:34 - 2015-12-26 13:46 - 0000180 _____ () C:\ProgramData\HPWALog.txt
2010-10-11 00:46 - 2012-07-06 15:04 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-07-14 06:00 - 2014-07-14 06:00 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Baal\AppData\Local\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Baal\Desktop" je 9 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Bluescreen of death Firefox 43
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
SearchScopes: HKLM -> DefaultScope value is missing
C:\Users\Baal\AppData\Roaming\.ptbt0
C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\KGyGaAvL.sys
C:\Users\Baal\AppData\Local\Temp
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
wilgefortz
- Návštěvník
- Příspěvky: 64
- Registrován: 04 čer 2007 13:29
Re: Bluescreen of death Firefox 43
Fix result of Farbar Recovery Scan Tool (x86) Version:20-12-2015
Ran by Baal (2015-12-26 23:09:32) Run:1
Running from C:\Users\Baal\Desktop
Loaded Profiles: Baal (Available Profiles: Baal & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
SearchScopes: HKLM -> DefaultScope value is missing
C:\Users\Baal\AppData\Roaming\.ptbt0
C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\KGyGaAvL.sys
C:\Users\Baal\AppData\Local\Temp
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
End
*****************
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully.
"HKU\S-1-5-21-235677658-2731025366-2357892570-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94785925-0ddc-11e0-88ac-963e66427347}" => key removed successfully.
HKCR\CLSID\{94785925-0ddc-11e0-88ac-963e66427347} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\Baal\AppData\Roaming\.ptbt0 => moved successfully
C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
"C:\Users\Baal\AppData\Local\Temp" folder move:
Could not move "C:\Users\Baal\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-26 23:15:56)
C:\Users\Baal\AppData\Local\Temp => moved successfully
==== End of Fixlog 23:15:56 ====
Ran by Baal (2015-12-26 23:09:32) Run:1
Running from C:\Users\Baal\Desktop
Loaded Profiles: Baal (Available Profiles: Baal & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Run: [] => [X]
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\Policies\Explorer: []
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\...\MountPoints2: {94785925-0ddc-11e0-88ac-963e66427347} - G:\LaunchU3.exe -a
SearchScopes: HKLM -> DefaultScope value is missing
C:\Users\Baal\AppData\Roaming\.ptbt0
C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\KGyGaAvL.sys
C:\Users\Baal\AppData\Local\Temp
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
End
*****************
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKU\S-1-5-21-235677658-2731025366-2357892570-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully.
"HKU\S-1-5-21-235677658-2731025366-2357892570-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94785925-0ddc-11e0-88ac-963e66427347}" => key removed successfully.
HKCR\CLSID\{94785925-0ddc-11e0-88ac-963e66427347} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\Baal\AppData\Roaming\.ptbt0 => moved successfully
C:\Users\Baal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
"C:\Users\Baal\AppData\Local\Temp" folder move:
Could not move "C:\Users\Baal\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-26 23:15:56)
C:\Users\Baal\AppData\Local\Temp => moved successfully
==== End of Fixlog 23:15:56 ====
-
wilgefortz
- Návštěvník
- Příspěvky: 64
- Registrován: 04 čer 2007 13:29
Re: Bluescreen of death Firefox 43
Přestal fungovat dropbox
bn.BUILD_KEY: Dropbox
bn.VERSION: 3.12.5
bn.DROPBOXEXT_VERSION: 28
bn.is_frozen: True
pid: 6244
cwd: u'C:\\Windows\\system32'
real_path=u'C:\\Windows\\system32'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
HOME: None
appdata: u'C:\\Users\\Baal\\AppData\\Local\\Dropbox\\instance1'
real_path=u'C:\\Users\\Baal\\AppData\\Local\\Dropbox\\instance1'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
dropbox_path: u'C:\\Users\\Baal\\Dropbox'
real_path=u'C:\\Users\\Baal\\Dropbox'
mode=040555 uid=0 gid=0
parent mode=040777 uid=0 gid=0
sys_executable: 'C:\\Program Files\\Dropbox\\Client\\Dropbox.exe'
real_path='C:\\Program Files\\Dropbox\\Client\\Dropbox.exe'
mode=0100777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
trace.__file__: 'C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\\dropbox\\client\\ui\\common\\boot_error.pyo'
real_path='C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\\dropbox\\client\\ui\\common\\boot_error.pyo'
not found
parent not found
TMP: C:\Users\Baal\AppData\Local\Temp
TEMP: C:\Users\Baal\AppData\Local\Temp
tempdir: 'c:\\windows\\system32'
real_path='c:\\windows\\system32'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
Traceback (most recent call last):
File "dropbox\client\main.pyo", line 387, in wrapper
File "dropbox\client\main.pyo", line 3222, in finish_dropbox_boot
File "dropbox\client\configuration\manager.pyo", line 317, in update_account_info
File "dropbox\client\config.pyo", line 55, in __setitem__
File "dropbox\sqlite3_helpers.pyo", line 153, in execute
OperationalError: unable to open database file
bn.BUILD_KEY: Dropbox
bn.VERSION: 3.12.5
bn.DROPBOXEXT_VERSION: 28
bn.is_frozen: True
pid: 6244
cwd: u'C:\\Windows\\system32'
real_path=u'C:\\Windows\\system32'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
HOME: None
appdata: u'C:\\Users\\Baal\\AppData\\Local\\Dropbox\\instance1'
real_path=u'C:\\Users\\Baal\\AppData\\Local\\Dropbox\\instance1'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
dropbox_path: u'C:\\Users\\Baal\\Dropbox'
real_path=u'C:\\Users\\Baal\\Dropbox'
mode=040555 uid=0 gid=0
parent mode=040777 uid=0 gid=0
sys_executable: 'C:\\Program Files\\Dropbox\\Client\\Dropbox.exe'
real_path='C:\\Program Files\\Dropbox\\Client\\Dropbox.exe'
mode=0100777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
trace.__file__: 'C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\\dropbox\\client\\ui\\common\\boot_error.pyo'
real_path='C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\\dropbox\\client\\ui\\common\\boot_error.pyo'
not found
parent not found
TMP: C:\Users\Baal\AppData\Local\Temp
TEMP: C:\Users\Baal\AppData\Local\Temp
tempdir: 'c:\\windows\\system32'
real_path='c:\\windows\\system32'
mode=040777 uid=0 gid=0
parent mode=040777 uid=0 gid=0
Traceback (most recent call last):
File "dropbox\client\main.pyo", line 387, in wrapper
File "dropbox\client\main.pyo", line 3222, in finish_dropbox_boot
File "dropbox\client\configuration\manager.pyo", line 317, in update_account_info
File "dropbox\client\config.pyo", line 55, in __setitem__
File "dropbox\sqlite3_helpers.pyo", line 153, in execute
OperationalError: unable to open database file
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Bluescreen of death Firefox 43
Osobně ho sice nepoužívám, ale pokud na tom trváte, zkuste ho přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?