Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Utoky na moje PC prosim pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Utoky na moje PC prosim pomoc
Zdravím potreboval by som pomôcť útočia na moje PC hackeri tu je screen asi cez mac.. pridajú do update antivirusu aby neslo najst virusy zapinajjú dllhost.exe asi je uz napadnutý škodlivým kodom neviem naisto conhost.exe prosim pomoc...a este predomnou zmenili nastavenia v firewale ale myskou som sa nehybal takze asi malware prosim o kontrolu logu ale neviem ako ziskam log cez aky program ?
Re: Utoky na moje PC prosim pomoc
Dobry den,
nad vasim prvnim prispevkem je velky oranzovy obdelnik s informacemi - k vygenerovani logu pouzijte utilitu FRST a vlozte oba logy (FRST.txt a Addition.txt) http://forum.viry.cz/viewtopic.php?f=13&t=133100
nad vasim prvnim prispevkem je velky oranzovy obdelnik s informacemi - k vygenerovani logu pouzijte utilitu FRST a vlozte oba logy (FRST.txt a Addition.txt) http://forum.viry.cz/viewtopic.php?f=13&t=133100
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
Hned ako som chcel stiahnúť ten porgram čo ste my poslali tak sa stalo toto : (ospravadlnujem sa za velkost screenu....) prerusilo stahovanie aj dal som full scan ale nič nenašlo
Re: Utoky na moje PC prosim pomoc
Spustte tedy jen samotny FRST.exe/FRST64.exe
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
Mam dať povoliť nejdna sa o virusovy zasah ? Chce vitvorit Windows/ERNUT.exe alebo niečo take Hned 2 Bluescreeny hackeri hned ako zistili že chcem dať kontrolu logu ?
Re: Utoky na moje PC prosim pomoc
Vytvoreni povolte - ERUNT je nastroj pro zalohu registru.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
A teraz naskocilo toto
Re: Utoky na moje PC prosim pomoc
Bud COMODO docasne vypnete nebo vsechno, co se tyka FRST, povolte. Neni treba mit obavy - utilita je pouzivana tisici lidmi po celem svete kazdy den.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
V poriadku ja len preto aby hackeri neurpavil nieco v tom programe aby ste to potom nenasli ja len preto
To prve mam tiez povolit o tom chovani viru ?,
aj toto
To prve mam tiez povolit o tom chovani viru ?,
aj toto
Naposledy upravil(a) L4k0 dne 26 čer 2016 08:05, celkem upraveno 1 x.
Re: Utoky na moje PC prosim pomoc
Ano 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
Povolil som všetko tu sú logy dufam že to nenapadli....
can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Lako100 (administrator) on LAKO100-PC (26-06-2016 08:06:32)
Running from C:\Users\Lako100\Desktop
Loaded Profiles: Lako100 (Available Profiles: Lako100)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera_crashreporter.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-15] (COMODO)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-06-25] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2016-06-25]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 8.20.247.20
Tcpip\..\Interfaces\{604E8B16-0816-4D5C-8AE4-38FA007E48EF}: [DhcpNameServer] 8.26.56.26 8.20.247.20
Internet Explorer:
==================
BHO: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-25] (AVAST Software)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-25] (AVAST Software)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-25]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Lako100\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-06-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-25] (AVAST Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [76944 2016-06-25] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-06-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-15] (COMODO)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-06-25] (Comodo Security Solutions, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-25] (AVAST Software)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-12-25] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829600 2016-06-15] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-06-15] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-06-15] (COMODO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-26 08:09 - 2016-06-26 08:09 - 00141864 _____ C:\Users\Lako100\Desktop\bluescreenview_setup.exe
2016-06-26 08:09 - 2016-06-26 08:09 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2016-06-26 08:09 - 2016-06-26 08:09 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-06-26 08:07 - 2016-06-26 08:07 - 02387456 _____ (Farbar) C:\Users\Lako100\Desktop\FRST64.exe
2016-06-26 08:07 - 2016-06-26 08:07 - 00009677 _____ C:\Users\Lako100\Desktop\FRST.txt
2016-06-26 07:19 - 2016-06-26 07:19 - 00275480 _____ C:\Windows\Minidump\062616-17674-01.dmp
2016-06-26 07:18 - 2016-06-26 07:19 - 325827865 _____ C:\Windows\MEMORY.DMP
2016-06-26 07:18 - 2016-06-26 07:19 - 00000000 ____D C:\Windows\Minidump
2016-06-26 07:18 - 2016-06-26 07:18 - 00275480 _____ C:\Windows\Minidump\062616-17472-01.dmp
2016-06-26 07:05 - 2016-06-26 08:06 - 00000000 ____D C:\FRST
2016-06-25 23:18 - 2016-06-25 23:18 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\WinRAR
2016-06-25 23:08 - 2016-06-25 23:11 - 1223874743 _____ C:\Users\Lako100\Downloads\Veci.rar
2016-06-25 23:04 - 2016-06-25 23:04 - 00000991 _____ C:\Users\Lako100\Desktop\WinRAR.lnk
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\Program Files\WinRAR
2016-06-25 22:17 - 2016-06-25 22:17 - 00000000 ____D C:\Users\Lako100\AppData\Local\CEF
2016-06-25 22:12 - 2016-06-25 22:12 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-25 22:12 - 2016-06-25 22:12 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-25 22:12 - 2016-06-25 22:12 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-25 22:12 - 2016-06-25 22:12 - 00001922 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-25 22:11 - 2016-06-25 22:11 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-25 22:09 - 2016-06-25 22:09 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-25 20:15 - 2016-06-25 20:15 - 00000000 ____D C:\Users\Lako100\AppData\Local\AMD
2016-06-25 20:14 - 2016-06-25 20:14 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-06-25 20:13 - 2016-06-25 20:13 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-25 20:13 - 2016-06-25 20:13 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-25 20:13 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-25 20:13 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-06-25 20:12 - 2016-06-25 20:12 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-06-25 20:11 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 20:09 - 2016-06-25 20:09 - 00749586 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-25 20:08 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files\AMD
2016-06-25 19:53 - 2016-06-25 20:16 - 00001450 _____ C:\Users\Lako100\Desktop\Opera.lnk
2016-06-25 19:53 - 2016-06-25 19:53 - 00004098 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1466877204
2016-06-25 19:53 - 2016-06-25 19:53 - 00001239 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-06-25 19:53 - 2016-06-25 19:53 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Opera Software
2016-06-25 19:53 - 2016-06-25 19:53 - 00000000 ____D C:\Users\Lako100\AppData\Local\Opera Software
2016-06-25 19:50 - 2016-06-25 19:51 - 00000000 ____D C:\Users\Lako100\AppData\Local\Deployment
2016-06-25 19:50 - 2016-06-25 19:50 - 00000000 ____D C:\Users\Lako100\AppData\Local\Apps\2.0
2016-06-25 19:27 - 2016-06-25 18:32 - 00000000 ____D C:\Windows\Panther
2016-06-25 18:53 - 2016-06-25 18:53 - 00732488 _____ C:\Windows\system32\perfh041.dat
2016-06-25 18:53 - 2016-06-25 18:53 - 00143082 _____ C:\Windows\system32\perfc041.dat
2016-06-25 18:53 - 2016-06-25 18:53 - 00057560 _____ C:\Users\Lako100\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-25 18:53 - 2016-06-25 18:53 - 00001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2016-06-25 18:53 - 2016-06-25 18:53 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2016-06-25 18:52 - 2016-06-25 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-06-25 18:52 - 2016-06-25 18:52 - 00000000 ____D C:\Program Files\COMODO
2016-06-25 18:51 - 2016-06-25 18:52 - 00000000 ____D C:\ProgramData\Comodo
2016-06-25 18:51 - 2016-06-25 18:51 - 00000000 ____D C:\ProgramData\Shared Space
2016-06-25 18:38 - 2016-06-25 22:22 - 00000000 ____D C:\ProgramData\Norton
2016-06-25 18:37 - 2016-06-25 18:37 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-06-25 18:35 - 2016-06-25 18:35 - 00024952 _____ C:\Windows\Ascd_tmp.ini
2016-06-25 18:35 - 2016-06-25 18:35 - 00001746 _____ C:\Windows\Language_trs.ini
2016-06-25 18:33 - 2016-06-25 18:33 - 00001443 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-25 18:33 - 2016-06-25 18:33 - 00001409 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-06-25 18:32 - 2016-06-25 18:33 - 00000000 ____D C:\Users\Lako100
2016-06-25 18:32 - 2016-06-25 18:32 - 00000020 ___SH C:\Users\Lako100\ntuser.ini
2016-06-25 18:32 - 2016-06-25 18:32 - 00000000 ____D C:\Users\Lako100\AppData\Local\VirtualStore
2016-06-25 18:29 - 2016-06-25 18:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-06-15 07:12 - 2016-06-15 07:12 - 00829600 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-06-15 07:08 - 2016-06-15 07:08 - 00793104 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-06-15 07:08 - 2016-06-15 07:08 - 00626288 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-06-15 07:08 - 2016-06-15 07:08 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-06-15 07:04 - 2016-06-15 07:04 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-06-15 07:02 - 2016-06-15 07:02 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-06-15 06:58 - 2016-06-15 06:58 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-06-15 06:57 - 2016-06-15 06:57 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-26 07:54 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-26 07:54 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-26 07:29 - 2009-07-14 07:13 - 00781544 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 07:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-26 07:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 20:13 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo-1-1-0-3-1.exe
2016-06-25 20:13 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-3-1.exe
2016-06-25 20:12 - 2016-03-21 16:45 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-06-25 20:12 - 2016-03-21 16:44 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 11625272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 09583272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 01517360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 01245416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 08843208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 07392480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-06-25 20:12 - 2016-03-21 16:39 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-06-25 20:12 - 2016-03-21 16:36 - 26345472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-06-25 20:12 - 2016-03-21 16:29 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-06-25 20:12 - 2016-03-21 16:27 - 40126976 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-06-25 20:12 - 2016-03-21 16:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-25 20:12 - 2016-03-21 16:26 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-25 20:12 - 2016-03-21 16:25 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-06-25 20:12 - 2016-03-21 16:24 - 26887168 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-06-25 20:12 - 2016-03-21 16:24 - 21730304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-06-25 20:12 - 2016-03-21 16:02 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-06-25 20:12 - 2016-03-21 16:02 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 30377984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 06884864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-06-25 20:12 - 2016-03-21 15:59 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.15.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 05398016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-06-25 20:12 - 2016-03-21 15:55 - 25069056 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-06-25 20:12 - 2016-03-21 15:54 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-06-25 20:12 - 2016-03-21 15:53 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-06-25 20:12 - 2016-03-21 15:53 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00564736 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00251392 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00162304 _____ C:\Windows\system32\atieah64.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00078336 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-06-25 20:12 - 2016-03-21 15:46 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-06-25 20:12 - 2016-03-21 15:46 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00676864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-06-25 20:12 - 2016-03-21 15:45 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-06-25 20:12 - 2016-03-21 15:44 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2016-06-25 20:12 - 2016-03-21 15:44 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-06-25 20:12 - 2016-02-24 09:58 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-06-25 20:12 - 2016-02-24 09:57 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-06-25 20:12 - 2014-09-03 14:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-06-25 20:12 - 2014-09-03 14:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-06-25 20:12 - 2013-04-10 17:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-06-25 20:12 - 2013-04-10 17:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-06-25 20:06 - 2016-03-21 16:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2016-06-25 19:27 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-06-25 18:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-25 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-25 18:28 - 2009-07-14 06:45 - 00266264 _____ C:\Windows\system32\FNTCACHE.DAT
Some files in TEMP:
====================
C:\Users\Lako100\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Lako100\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-25 18:28
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Lako100 (2016-06-26 08:07:27)
Running from C:\Users\Lako100\Desktop
Windows 7 Home Basic Service Pack 1 (X64) (2016-06-25 16:32:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2683702932-4166246277-530691839-500 - Administrator - Disabled)
Guest (S-1-5-21-2683702932-4166246277-530691839-501 - Limited - Disabled)
Lako100 (S-1-5-21-2683702932-4166246277-530691839-1000 - Administrator - Enabled) => C:\Users\Lako100
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
COMODO Firewall (HKLM\...\{37AD632E-994D-4944-B57D-A80852BCB96D}) (Version: 8.4.0.5068 - COMODO Security Solutions Inc.)
GeekBuddy (HKLM\...\{4CDCBF2D-8EF8-41C1-9438-B53E4007BF9C}) (Version: 4.27.174 - Comodo Security Solutions Inc)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Opera Stable 38.0.2220.31 (HKU\S-1-5-21-2683702932-4166246277-530691839-1000\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {577CE1A8-6302-4CFA-9C8A-F6B54D810964} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-15] (COMODO)
Task: {64AFA65E-017F-414B-91E7-B884A6C61564} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-25] (AVAST Software)
Task: {C1563EF0-55E1-4295-AC63-87294B742914} - System32\Tasks\Opera scheduled Autoupdate 1466877204 => C:\Users\Lako100\AppData\Local\Programs\Opera\launcher.exe [2016-06-25] (Opera Software)
Task: {C4049150-6919-4DCA-91BD-DA46B34C5BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-15] (COMODO)
Task: {D8344CCE-4BA6-4BAE-9620-4D64B39E5E25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-25] (AVAST Software)
Task: {F65AC88E-9272-48F3-8117-CA4D8A2CEBA0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-06-15] (COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2011-05-20 13:34 - 2011-05-20 13:34 - 01277440 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2011-05-20 13:31 - 2011-05-20 13:31 - 02869248 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2011-05-20 13:52 - 2011-05-20 13:52 - 10445312 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2016-06-02 23:40 - 2016-06-02 23:40 - 00045152 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2011-05-20 14:16 - 2011-05-20 14:16 - 01522688 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-25 22:24 - 2016-06-25 22:24 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062501\algo.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 67945512 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 02203176 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\libglesv2.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 00087080 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\amdave64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdvlk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aswBoot.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst_16.15.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GameManager64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdave32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdvlk32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\GameManager32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswHwid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswMonFlt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswRdr2.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswRvrt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswSnx.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswSP.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswStm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswVmm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\AtihdW76.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Lako100\Desktop\bluescreenview_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Lako100\Desktop\bluescreenview_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Lako100\Desktop\FRST64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Lako100\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Lako100\Downloads\Veci.rar:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2683702932-4166246277-530691839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.26.56.26 - 8.20.247.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
25-06-2016 18:52:36 Installing COMODO Firewall
25-06-2016 18:53:06 Inštalácia balíka ovládačov zariadenia: COMODO Sieťová služba
25-06-2016 20:11:24 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
25-06-2016 20:11:39 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
25-06-2016 20:13:44 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/26/2016 08:30:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 21.6.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 13f4
Start Time: 01d1cf7402802e25
Termination Time: 1
Application Path: C:\Users\Lako100\Desktop\FRST64.exe
Report Id: 7843c239-3b67-11e6-b390-90e6ba0b0288
Error: (06/26/2016 07:29:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:29:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:20:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2016 07:07:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 21.6.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 13b8
Start Time: 01d1cf680a839b30
Termination Time: 2
Application Path: C:\Users\Lako100\Desktop\FRST64.exe
Report Id: e8a2743a-3b5b-11e6-b3d0-90e6ba0b0288
Error: (06/26/2016 07:02:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:02:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 06:57:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2016 10:28:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/25/2016 10:28:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (06/26/2016 07:19:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff80002c7e513, 0xfffff8800656af70, 0x0000000000000000)C:\Windows\MEMORY.DMP062616-17674-01
Error: (06/26/2016 07:19:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:18:55 on 26. 6. 2016 was unexpected.
Error: (06/26/2016 07:18:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000001 (0x0000000074e22e09, 0x0000000000000000, 0x000000000000ffff, 0xfffff88007375ca0)C:\Windows\MEMORY.DMP062616-17472-01
Error: (06/26/2016 07:18:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:17:42 on 26. 6. 2016 was unexpected.
CodeIntegrity:
===================================
Date: 2016-06-26 07:19:46.875
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:46.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:45.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmdguard.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:44.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:43.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:43.610
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:40.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmdguard.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:40.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-25 22:23:51.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-25 22:23:50.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 34%
Total physical RAM: 8191.11 MB
Available physical RAM: 5386.24 MB
Total Virtual: 16380.43 MB
Available Virtual: 12956.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.19 GB) (Free:88.52 GB) NTFS
Drive d: () (Fixed) (Total:348.47 GB) (Free:348.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4D154D14)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Lako100 (administrator) on LAKO100-PC (26-06-2016 08:06:32)
Running from C:\Users\Lako100\Desktop
Loaded Profiles: Lako100 (Available Profiles: Lako100)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera_crashreporter.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-15] (COMODO)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-06-25] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2016-06-25]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 8.20.247.20
Tcpip\..\Interfaces\{604E8B16-0816-4D5C-8AE4-38FA007E48EF}: [DhcpNameServer] 8.26.56.26 8.20.247.20
Internet Explorer:
==================
BHO: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-25] (AVAST Software)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-25] (AVAST Software)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-25]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Lako100\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-06-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-25] (AVAST Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [76944 2016-06-25] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-06-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-15] (COMODO)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-06-25] (Comodo Security Solutions, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-25] (AVAST Software)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-12-25] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829600 2016-06-15] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-06-15] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-06-15] (COMODO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-26 08:09 - 2016-06-26 08:09 - 00141864 _____ C:\Users\Lako100\Desktop\bluescreenview_setup.exe
2016-06-26 08:09 - 2016-06-26 08:09 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2016-06-26 08:09 - 2016-06-26 08:09 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-06-26 08:07 - 2016-06-26 08:07 - 02387456 _____ (Farbar) C:\Users\Lako100\Desktop\FRST64.exe
2016-06-26 08:07 - 2016-06-26 08:07 - 00009677 _____ C:\Users\Lako100\Desktop\FRST.txt
2016-06-26 07:19 - 2016-06-26 07:19 - 00275480 _____ C:\Windows\Minidump\062616-17674-01.dmp
2016-06-26 07:18 - 2016-06-26 07:19 - 325827865 _____ C:\Windows\MEMORY.DMP
2016-06-26 07:18 - 2016-06-26 07:19 - 00000000 ____D C:\Windows\Minidump
2016-06-26 07:18 - 2016-06-26 07:18 - 00275480 _____ C:\Windows\Minidump\062616-17472-01.dmp
2016-06-26 07:05 - 2016-06-26 08:06 - 00000000 ____D C:\FRST
2016-06-25 23:18 - 2016-06-25 23:18 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\WinRAR
2016-06-25 23:08 - 2016-06-25 23:11 - 1223874743 _____ C:\Users\Lako100\Downloads\Veci.rar
2016-06-25 23:04 - 2016-06-25 23:04 - 00000991 _____ C:\Users\Lako100\Desktop\WinRAR.lnk
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2016-06-25 23:04 - 00000000 ____D C:\Program Files\WinRAR
2016-06-25 22:17 - 2016-06-25 22:17 - 00000000 ____D C:\Users\Lako100\AppData\Local\CEF
2016-06-25 22:12 - 2016-06-25 22:12 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-25 22:12 - 2016-06-25 22:12 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-25 22:12 - 2016-06-25 22:12 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-25 22:12 - 2016-06-25 22:12 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-25 22:12 - 2016-06-25 22:12 - 00001922 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-25 22:12 - 2016-06-25 22:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-25 22:11 - 2016-06-25 22:11 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-25 22:09 - 2016-06-25 22:09 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-25 20:15 - 2016-06-25 20:15 - 00000000 ____D C:\Users\Lako100\AppData\Local\AMD
2016-06-25 20:14 - 2016-06-25 20:14 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-06-25 20:13 - 2016-06-25 20:13 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-25 20:13 - 2016-06-25 20:13 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-25 20:13 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-25 20:13 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-25 20:13 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-06-25 20:12 - 2016-06-25 20:12 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-06-25 20:11 - 2016-06-25 20:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 20:09 - 2016-06-25 20:09 - 00749586 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-25 20:08 - 2016-06-25 20:13 - 00000000 ____D C:\Program Files\AMD
2016-06-25 19:53 - 2016-06-25 20:16 - 00001450 _____ C:\Users\Lako100\Desktop\Opera.lnk
2016-06-25 19:53 - 2016-06-25 19:53 - 00004098 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1466877204
2016-06-25 19:53 - 2016-06-25 19:53 - 00001239 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-06-25 19:53 - 2016-06-25 19:53 - 00000000 ____D C:\Users\Lako100\AppData\Roaming\Opera Software
2016-06-25 19:53 - 2016-06-25 19:53 - 00000000 ____D C:\Users\Lako100\AppData\Local\Opera Software
2016-06-25 19:50 - 2016-06-25 19:51 - 00000000 ____D C:\Users\Lako100\AppData\Local\Deployment
2016-06-25 19:50 - 2016-06-25 19:50 - 00000000 ____D C:\Users\Lako100\AppData\Local\Apps\2.0
2016-06-25 19:27 - 2016-06-25 18:32 - 00000000 ____D C:\Windows\Panther
2016-06-25 18:53 - 2016-06-25 18:53 - 00732488 _____ C:\Windows\system32\perfh041.dat
2016-06-25 18:53 - 2016-06-25 18:53 - 00143082 _____ C:\Windows\system32\perfc041.dat
2016-06-25 18:53 - 2016-06-25 18:53 - 00057560 _____ C:\Users\Lako100\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-25 18:53 - 2016-06-25 18:53 - 00001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2016-06-25 18:53 - 2016-06-25 18:53 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2016-06-25 18:52 - 2016-06-25 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-06-25 18:52 - 2016-06-25 18:52 - 00000000 ____D C:\Program Files\COMODO
2016-06-25 18:51 - 2016-06-25 18:52 - 00000000 ____D C:\ProgramData\Comodo
2016-06-25 18:51 - 2016-06-25 18:51 - 00000000 ____D C:\ProgramData\Shared Space
2016-06-25 18:38 - 2016-06-25 22:22 - 00000000 ____D C:\ProgramData\Norton
2016-06-25 18:37 - 2016-06-25 18:37 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-06-25 18:35 - 2016-06-25 18:35 - 00024952 _____ C:\Windows\Ascd_tmp.ini
2016-06-25 18:35 - 2016-06-25 18:35 - 00001746 _____ C:\Windows\Language_trs.ini
2016-06-25 18:33 - 2016-06-25 18:33 - 00001443 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-25 18:33 - 2016-06-25 18:33 - 00001409 _____ C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-06-25 18:32 - 2016-06-25 18:33 - 00000000 ____D C:\Users\Lako100
2016-06-25 18:32 - 2016-06-25 18:32 - 00000020 ___SH C:\Users\Lako100\ntuser.ini
2016-06-25 18:32 - 2016-06-25 18:32 - 00000000 ____D C:\Users\Lako100\AppData\Local\VirtualStore
2016-06-25 18:29 - 2016-06-25 18:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-06-15 07:12 - 2016-06-15 07:12 - 00829600 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-06-15 07:12 - 2016-06-15 07:12 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-06-15 07:08 - 2016-06-15 07:08 - 00793104 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-06-15 07:08 - 2016-06-15 07:08 - 00626288 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-06-15 07:08 - 2016-06-15 07:08 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-06-15 07:04 - 2016-06-15 07:04 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-06-15 07:02 - 2016-06-15 07:02 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-06-15 06:58 - 2016-06-15 06:58 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-06-15 06:57 - 2016-06-15 06:57 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-26 07:54 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-26 07:54 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-26 07:29 - 2009-07-14 07:13 - 00781544 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 07:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-26 07:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 20:13 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo-1-1-0-3-1.exe
2016-06-25 20:13 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-3-1.exe
2016-06-25 20:12 - 2016-03-21 16:45 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-06-25 20:12 - 2016-03-21 16:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-06-25 20:12 - 2016-03-21 16:44 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 11625272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 09583272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 01517360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 01245416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-06-25 20:12 - 2016-03-21 16:43 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 08843208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-06-25 20:12 - 2016-03-21 16:42 - 07392480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-06-25 20:12 - 2016-03-21 16:39 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-06-25 20:12 - 2016-03-21 16:36 - 26345472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-06-25 20:12 - 2016-03-21 16:29 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-06-25 20:12 - 2016-03-21 16:27 - 40126976 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-06-25 20:12 - 2016-03-21 16:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-25 20:12 - 2016-03-21 16:26 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-25 20:12 - 2016-03-21 16:25 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-06-25 20:12 - 2016-03-21 16:24 - 26887168 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-06-25 20:12 - 2016-03-21 16:24 - 21730304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-06-25 20:12 - 2016-03-21 16:02 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-06-25 20:12 - 2016-03-21 16:02 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 30377984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 06884864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-06-25 20:12 - 2016-03-21 16:01 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-06-25 20:12 - 2016-03-21 15:59 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.15.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 05398016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-06-25 20:12 - 2016-03-21 15:57 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-06-25 20:12 - 2016-03-21 15:55 - 25069056 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-06-25 20:12 - 2016-03-21 15:54 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-06-25 20:12 - 2016-03-21 15:54 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-06-25 20:12 - 2016-03-21 15:53 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-06-25 20:12 - 2016-03-21 15:53 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00564736 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00251392 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-06-25 20:12 - 2016-03-21 15:49 - 00162304 _____ C:\Windows\system32\atieah64.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2016-06-25 20:12 - 2016-03-21 15:49 - 00078336 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-06-25 20:12 - 2016-03-21 15:46 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-06-25 20:12 - 2016-03-21 15:46 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00676864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-06-25 20:12 - 2016-03-21 15:45 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-06-25 20:12 - 2016-03-21 15:45 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-06-25 20:12 - 2016-03-21 15:44 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2016-06-25 20:12 - 2016-03-21 15:44 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-06-25 20:12 - 2016-02-24 09:58 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-06-25 20:12 - 2016-02-24 09:57 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-06-25 20:12 - 2014-09-03 14:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-06-25 20:12 - 2014-09-03 14:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-06-25 20:12 - 2013-04-10 17:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-06-25 20:12 - 2013-04-10 17:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-06-25 20:06 - 2016-03-21 16:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2016-06-25 19:27 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-06-25 18:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-25 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-25 18:28 - 2009-07-14 06:45 - 00266264 _____ C:\Windows\system32\FNTCACHE.DAT
Some files in TEMP:
====================
C:\Users\Lako100\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Lako100\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-25 18:28
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Lako100 (2016-06-26 08:07:27)
Running from C:\Users\Lako100\Desktop
Windows 7 Home Basic Service Pack 1 (X64) (2016-06-25 16:32:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2683702932-4166246277-530691839-500 - Administrator - Disabled)
Guest (S-1-5-21-2683702932-4166246277-530691839-501 - Limited - Disabled)
Lako100 (S-1-5-21-2683702932-4166246277-530691839-1000 - Administrator - Enabled) => C:\Users\Lako100
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
COMODO Firewall (HKLM\...\{37AD632E-994D-4944-B57D-A80852BCB96D}) (Version: 8.4.0.5068 - COMODO Security Solutions Inc.)
GeekBuddy (HKLM\...\{4CDCBF2D-8EF8-41C1-9438-B53E4007BF9C}) (Version: 4.27.174 - Comodo Security Solutions Inc)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Opera Stable 38.0.2220.31 (HKU\S-1-5-21-2683702932-4166246277-530691839-1000\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {577CE1A8-6302-4CFA-9C8A-F6B54D810964} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-15] (COMODO)
Task: {64AFA65E-017F-414B-91E7-B884A6C61564} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-25] (AVAST Software)
Task: {C1563EF0-55E1-4295-AC63-87294B742914} - System32\Tasks\Opera scheduled Autoupdate 1466877204 => C:\Users\Lako100\AppData\Local\Programs\Opera\launcher.exe [2016-06-25] (Opera Software)
Task: {C4049150-6919-4DCA-91BD-DA46B34C5BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-15] (COMODO)
Task: {D8344CCE-4BA6-4BAE-9620-4D64B39E5E25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-25] (AVAST Software)
Task: {F65AC88E-9272-48F3-8117-CA4D8A2CEBA0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-06-15] (COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2011-05-20 13:34 - 2011-05-20 13:34 - 01277440 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2011-05-20 13:31 - 2011-05-20 13:31 - 02869248 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2011-05-20 13:52 - 2011-05-20 13:52 - 10445312 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2016-06-02 23:40 - 2016-06-02 23:40 - 00045152 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2011-05-20 14:16 - 2011-05-20 14:16 - 01522688 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-25 22:24 - 2016-06-25 22:24 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062501\algo.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-25 22:12 - 2016-06-25 22:12 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 67945512 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\opera.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 02203176 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\libglesv2.dll
2016-06-25 19:53 - 2016-06-13 08:30 - 00087080 _____ () C:\Users\Lako100\AppData\Local\Programs\Opera\38.0.2220.31\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\amdave64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdvlk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aswBoot.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst_16.15.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GameManager64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdave32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdvlk32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\GameManager32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswHwid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswMonFlt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswRdr2.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswRvrt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswSnx.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswSP.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswStm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\aswVmm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\AtihdW76.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Lako100\Desktop\bluescreenview_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Lako100\Desktop\bluescreenview_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Lako100\Desktop\FRST64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Lako100\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Lako100\Downloads\Veci.rar:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2683702932-4166246277-530691839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lako100\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.26.56.26 - 8.20.247.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
25-06-2016 18:52:36 Installing COMODO Firewall
25-06-2016 18:53:06 Inštalácia balíka ovládačov zariadenia: COMODO Sieťová služba
25-06-2016 20:11:24 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
25-06-2016 20:11:39 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
25-06-2016 20:13:44 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/26/2016 08:30:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 21.6.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 13f4
Start Time: 01d1cf7402802e25
Termination Time: 1
Application Path: C:\Users\Lako100\Desktop\FRST64.exe
Report Id: 7843c239-3b67-11e6-b390-90e6ba0b0288
Error: (06/26/2016 07:29:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:29:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:20:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2016 07:07:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 21.6.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 13b8
Start Time: 01d1cf680a839b30
Termination Time: 2
Application Path: C:\Users\Lako100\Desktop\FRST64.exe
Report Id: e8a2743a-3b5b-11e6-b3d0-90e6ba0b0288
Error: (06/26/2016 07:02:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 07:02:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/26/2016 06:57:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2016 10:28:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (06/25/2016 10:28:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (06/26/2016 07:19:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff80002c7e513, 0xfffff8800656af70, 0x0000000000000000)C:\Windows\MEMORY.DMP062616-17674-01
Error: (06/26/2016 07:19:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:18:55 on 26. 6. 2016 was unexpected.
Error: (06/26/2016 07:18:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000001 (0x0000000074e22e09, 0x0000000000000000, 0x000000000000ffff, 0xfffff88007375ca0)C:\Windows\MEMORY.DMP062616-17472-01
Error: (06/26/2016 07:18:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:17:42 on 26. 6. 2016 was unexpected.
CodeIntegrity:
===================================
Date: 2016-06-26 07:19:46.875
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:46.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:45.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmdguard.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 07:19:44.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:43.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:43.610
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:40.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmdguard.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 06:56:40.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-25 22:23:51.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-06-25 22:23:50.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 34%
Total physical RAM: 8191.11 MB
Available physical RAM: 5386.24 MB
Total Virtual: 16380.43 MB
Available Virtual: 12956.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.19 GB) (Free:88.52 GB) NTFS
Drive d: () (Fixed) (Total:348.47 GB) (Free:348.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4D154D14)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Utoky na moje PC prosim pomoc
Slozku C:\WINDOWS\Minidump zkopirujte na plochu a nasledne tuto slozku zabalte do raru/zipu a upnete ji na leteckaposta.cz - link ke stazeni dejte do pristiho postu (pripadne muzete archiv k pristimu prispevku pridat jako prilohu). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
Ten Minidump píše že nevie otvoriť prístup odmietnuty aj v 7zipe
Re: Utoky na moje PC prosim pomoc
Nevadi, pokracujte AdwCleanerem.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Utoky na moje PC prosim pomoc
Pošlem vám to v priecinku bez raru v poraidku ?Bol by som rád ak by ste to pozreli prosím...
# AdwCleaner v5.200 - Log vytvorený 26/06/2016 v 09:06:43
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-25.3 [Server]
# Operačný systém : Windows 7 Home Basic Service Pack 1 (X64)
# Užívateľské meno : Lako100 - LAKO100-PC
# Spustené z : C:\Users\Lako100\Desktop\adwcleaner_5.200.exe
# Nastavenie : Skenovať
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Priečinky ] *****
***** [ Súbory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
***** [ Naplánované úlohy ] *****
***** [ Registre ] *****
***** [ Webové prehliadače ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [699 bajtov] - [26/06/2016 09:06:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [772 bajtov] ##########
# AdwCleaner v5.200 - Log vytvorený 26/06/2016 v 09:06:43
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-25.3 [Server]
# Operačný systém : Windows 7 Home Basic Service Pack 1 (X64)
# Užívateľské meno : Lako100 - LAKO100-PC
# Spustené z : C:\Users\Lako100\Desktop\adwcleaner_5.200.exe
# Nastavenie : Skenovať
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Priečinky ] *****
***** [ Súbory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
***** [ Naplánované úlohy ] *****
***** [ Registre ] *****
***** [ Webové prehliadače ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [699 bajtov] - [26/06/2016 09:06:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [772 bajtov] ##########
Přispějete na provoz fóra?