RUDY Problem s PC
Napsal: 03 črc 2016 12:27
No už som na svojom učte posielam nový log sa my zdá že niečo s DHCP alebo tak niejak.....
FRST Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by L4k0 (administrator) on L4K0-PC (03-07-2016 13:22:09)
Running from C:\Users\L4k0\Desktop
Loaded Profiles: L4k0 (Available Profiles: L4k0)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Softros Systems, Inc.) C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Softros Systems, Inc.) C:\Program Files\Softros Systems\Process Blocker\Tray Informer.exe
() C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Henry++) C:\Program Files\Mem Reduct\memreduct64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\AppCertDlls: [ProcessBlocker] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll [114176 2015-04-10] (Softros Systems, inc.)
HKLM\...\AppCertDlls: [ProcessBlocker86] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll [95744 2015-04-10] (Softros Systems, inc.)
Startup: C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mem Reduct.lnk [2016-07-02]
ShortcutTarget: Mem Reduct.lnk -> C:\Program Files\Mem Reduct\memreduct64.exe (Henry++)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 199.85.126.10 199.85.127.10
Tcpip\..\Interfaces\{021C0871-D141-4C07-8E02-BDC2CE799FB0}: [DhcpNameServer] 199.85.126.10 199.85.127.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll [2016-07-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll [2016-07-02] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2016-07-03] [not signed]
Chrome:
=======
CHR Profile: C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-02]
CHR Extension: (YouTube) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-02]
CHR Extension: (Hľadať v Google) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-07-02]
CHR Extension: (Norton Security Toolbar) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2016-07-03]
CHR Extension: (Gmail) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2016-07-03]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2016-07-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 Process Blocker; C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe [2219344 2015-04-10] (Softros Systems, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4803344 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20160701.003\BHDrvx64.sys [1832176 2016-07-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-07-02] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20160701.001\IDSvia64.sys [876248 2016-07-01] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20160702.006\ENG64.SYS [138456 2016-07-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20160702.006\EX64.SYS [2148056 2016-07-02] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2016-07-02] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-08-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-07-03] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-03 13:19 - 2016-07-03 13:19 - 00001611 _____ C:\Users\L4k0\Desktop\APU-Engine.lnk
2016-07-03 13:16 - 2016-07-03 13:16 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Users\L4k0\AppData\Local\CrashDumps
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-07-03 13:07 - 2008-01-04 13:34 - 00011832 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2016-07-03 13:07 - 2008-01-04 13:34 - 00010216 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2016-07-03 13:07 - 2007-12-17 11:14 - 00014392 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys
2016-07-03 13:07 - 2006-01-10 10:50 - 00024576 ____R () C:\Windows\SysWOW64\AsIO.dll
2016-07-03 13:04 - 2016-07-03 13:04 - 00024956 _____ C:\Windows\Ascd_tmp.ini
2016-07-03 13:04 - 2016-07-03 13:04 - 00001746 _____ C:\Windows\Language_trs.ini
2016-07-03 12:43 - 2016-07-03 12:43 - 00002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-07-03 12:43 - 2016-07-03 12:43 - 00002248 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-07-03 12:43 - 2016-07-03 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-07-03 12:43 - 2016-06-01 15:12 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-07-03 12:43 - 2016-06-01 15:05 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-07-03 12:43 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-07-03 12:42 - 2016-07-03 12:43 - 00000000 ____D C:\Program Files (x86)\AVG
2016-07-03 12:41 - 2016-07-03 12:43 - 00000000 ____D C:\Users\L4k0\AppData\Local\Avg
2016-07-03 12:41 - 2016-07-03 12:43 - 00000000 ____D C:\ProgramData\Avg
2016-07-03 12:41 - 2016-07-03 12:42 - 00000000 ____D C:\Users\L4k0\AppData\Local\AvgSetupLog
2016-07-03 12:12 - 2016-07-03 12:12 - 19927624 _____ C:\Users\L4k0\Desktop\RogueKiller.exe
2016-07-03 12:12 - 2016-07-03 12:12 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-03 12:12 - 2016-07-03 12:12 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-03 10:43 - 2016-07-03 10:43 - 00001242 _____ C:\Users\L4k0\Desktop\Paint.lnk
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\Program Files\WinRAR
2016-07-02 15:55 - 2016-07-02 15:57 - 00000000 ____D C:\Users\L4k0\AppData\Local\NPE
2016-07-02 15:42 - 2016-07-02 15:43 - 00000000 ____D C:\Windows\Minidump
2016-07-02 15:42 - 2016-07-02 15:42 - 415886817 _____ C:\Windows\MEMORY.DMP
2016-07-02 15:31 - 2013-08-07 07:08 - 00078936 ____R (Symantec Corporation) C:\Windows\system32\Drivers\SymIMV.sys
2016-07-02 15:11 - 2016-07-02 17:47 - 00000885 _____ C:\Users\L4k0\Desktop\Mem Reduct.lnk
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Henry++
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Program Files\Mem Reduct
2016-07-02 14:10 - 2016-07-03 13:22 - 00011751 _____ C:\Users\L4k0\Desktop\FRST.txt
2016-07-02 14:10 - 2016-07-03 13:22 - 00000000 ____D C:\FRST
2016-07-02 14:09 - 2016-07-02 14:09 - 02390016 _____ (Farbar) C:\Users\L4k0\Desktop\FRST64.exe
2016-07-02 14:00 - 2016-07-02 14:00 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Blocker
2016-07-02 14:00 - 2016-07-02 14:00 - 00000000 ____D C:\Program Files\Softros Systems
2016-07-02 13:52 - 2016-07-02 13:52 - 00000000 ____D C:\Users\L4k0\AppData\Local\AMD
2016-07-02 13:51 - 2016-07-02 13:51 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-07-02 13:50 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-02 13:50 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-07-02 13:50 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-02 13:50 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-02 13:49 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-02 13:49 - 2016-07-02 13:49 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-07-02 13:47 - 2016-07-02 13:47 - 00749404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-02 13:45 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files\AMD
2016-07-02 13:43 - 2016-07-02 13:43 - 00000043 _____ C:\Users\L4k0\Desktop\Nový textový dokument.txt
2016-07-02 13:13 - 2016-07-02 12:19 - 00000000 ____D C:\Windows\Panther
2016-07-02 13:10 - 2016-07-02 13:10 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-02 13:10 - 2016-07-02 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-07-02 13:09 - 2016-07-03 13:14 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 13:09 - 2016-07-03 13:14 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-02 13:09 - 2016-07-02 13:10 - 00000000 ____D C:\Users\L4k0\AppData\Local\Google
2016-07-02 13:09 - 2016-07-02 13:09 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-02 13:09 - 2016-07-02 13:09 - 00003676 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-02 13:09 - 2016-07-02 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-02 12:30 - 2016-07-03 13:10 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-07-02 12:30 - 2016-07-03 13:10 - 00002501 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2016-07-02 12:30 - 2016-07-02 12:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-07-02 12:30 - 2016-07-02 12:30 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-07-02 12:30 - 2016-07-02 12:30 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-07-02 12:29 - 2016-07-03 13:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-07-02 12:29 - 2016-07-03 13:10 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2016-07-02 12:29 - 2016-07-02 15:55 - 00000000 ____D C:\ProgramData\Norton
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2016-07-02 12:21 - 2016-07-02 12:21 - 00057560 _____ C:\Users\L4k0\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-02 12:19 - 2016-07-02 12:19 - 00000020 ___SH C:\Users\L4k0\ntuser.ini
2016-07-02 12:19 - 2016-07-02 12:19 - 00000000 ____D C:\Users\L4k0\AppData\Local\VirtualStore
2016-07-02 12:19 - 2016-07-02 12:19 - 00000000 ____D C:\Users\L4k0
2016-07-02 12:19 - 2010-11-21 17:10 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Media Center Programs
2016-07-02 12:17 - 2016-07-02 12:17 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-07-02 12:17 - 2016-07-02 12:17 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-07-02 12:15 - 2016-07-02 12:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-03 13:14 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-03 13:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-03 13:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-03 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-03 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-02 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-02 13:27 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-02 13:12 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-07-02 13:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-02 13:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-02 12:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-02 12:14 - 2009-07-14 06:45 - 00274736 _____ C:\Windows\system32\FNTCACHE.DAT
Some files in TEMP:
====================
C:\Users\L4k0\AppData\Local\Temp\dllnt_dump.dll
C:\Users\L4k0\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\L4k0\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\L4k0\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-02 16:31
==================== End of FRST.txt ============================
ADDTION Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by L4k0 (2016-07-03 13:22:31)
Running from C:\Users\L4k0\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-07-02 10:19:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3446584074-721549401-2035689353-500 - Administrator - Disabled)
Guest (S-1-5-21-3446584074-721549401-2035689353-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3446584074-721549401-2035689353-1002 - Limited - Enabled)
L4k0 (S-1-5-21-3446584074-721549401-2035689353-1000 - Administrator - Enabled) => C:\Users\L4k0
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.00.25 - )
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 26.0.1410.40 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Mem Reduct (HKLM-x32\...\memreduct) (Version: 3.0.436 - Henry++)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Process Blocker 1.0.13.0 (HKLM\...\{FEC52075-E418-400D-A25C-AE7F366A9C2C}) (Version: 1.0.13.0 - Softros Systems, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {26A850C4-4ADA-4A3C-9145-5B8213738C5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-02] (Google Inc.)
Task: {547882E9-A1B8-4CA3-AAD6-5C8E7F771F22} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {846A2378-04F3-4DF5-9D5A-C278CFB72535} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2009-06-04] ()
Task: {DB8507D6-FDD7-4F27-8018-5E24C6C05222} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-02] (Google Inc.)
Task: {E32FF4EE-2059-43B3-8A61-95E5B1A3F170} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {F8ABECC2-5E0C-4FC5-9724-F01D7C404D93} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-03 13:07 - 2009-06-04 15:10 - 05777408 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-03 13:07 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2016-07-03 13:07 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2016-07-03 13:07 - 2009-02-03 19:57 - 00106496 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\Calibrate.dll
2016-07-03 12:42 - 2016-07-03 12:41 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 00598480 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\libglesv2.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 00124368 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\libegl.dll
2016-07-02 13:10 - 2013-03-20 08:04 - 04050896 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\pdf.dll
2016-07-02 13:10 - 2013-03-20 08:04 - 00390096 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\ppGoogleNaClPluginChrome.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 01606096 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3446584074-721549401-2035689353-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 199.85.126.10 - 199.85.127.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BC2EF894-D26C-4A10-B57E-6EF57F7A9036}] => (Allow) C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2016 01:14:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/03/2016 01:14:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/03/2016 01:11:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2016 01:07:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.EXE, verzia: 6.1.7601.17514, časová značka: 0x4ce7a144
Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x000003fefc046790
Identifikácia chybného procesu: 0x49c
Čas spustenia chybnej aplikácie: 0xExplorer.EXE0
Cesta chybnej aplikácie: Explorer.EXE1
Cesta chybného modulu: Explorer.EXE2
Identifikácia hlásenia: Explorer.EXE3
Error: (07/02/2016 06:53:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 06:53:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 06:50:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2016 06:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Process Blocker.exe, verzia: 1.0.13.0, časová značka: 0x5527afc8
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.17514, časová značka: 0x4ce7c8f9
Kód výnimky: 0xc0000024
Odstup chyby: 0x00000000000cd7d8
Identifikácia chybného procesu: 0x598
Čas spustenia chybnej aplikácie: 0xProcess Blocker.exe0
Cesta chybnej aplikácie: Process Blocker.exe1
Cesta chybného modulu: Process Blocker.exe2
Identifikácia hlásenia: Process Blocker.exe3
Error: (07/02/2016 05:55:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 05:55:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (07/03/2016 01:17:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:17:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:15:31 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}5{883FF1FC-09E1-48E5-8E54-E2469ACB0CFD}
Error: (07/03/2016 01:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:10:54 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (07/03/2016 01:10:42 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}5{ECF5BF46-E3B6-449A-B56B-43F58F867814}
Error: (07/03/2016 01:10:42 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}5{56EA1054-1959-467F-BE3B-A2A787C4B6EA}
Error: (07/03/2016 12:59:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 12:59:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 20%
Total physical RAM: 8191.11 MB
Available physical RAM: 6476.59 MB
Total Virtual: 16380.43 MB
Available Virtual: 14368.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.19 GB) (Free:88.67 GB) NTFS
Drive d: () (Fixed) (Total:348.47 GB) (Free:347.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4D154D14)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
FRST Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by L4k0 (administrator) on L4K0-PC (03-07-2016 13:22:09)
Running from C:\Users\L4k0\Desktop
Loaded Profiles: L4k0 (Available Profiles: L4k0)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Softros Systems, Inc.) C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Softros Systems, Inc.) C:\Program Files\Softros Systems\Process Blocker\Tray Informer.exe
() C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Henry++) C:\Program Files\Mem Reduct\memreduct64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\AppCertDlls: [ProcessBlocker] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll [114176 2015-04-10] (Softros Systems, inc.)
HKLM\...\AppCertDlls: [ProcessBlocker86] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll [95744 2015-04-10] (Softros Systems, inc.)
Startup: C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mem Reduct.lnk [2016-07-02]
ShortcutTarget: Mem Reduct.lnk -> C:\Program Files\Mem Reduct\memreduct64.exe (Henry++)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 199.85.126.10 199.85.127.10
Tcpip\..\Interfaces\{021C0871-D141-4C07-8E02-BDC2CE799FB0}: [DhcpNameServer] 199.85.126.10 199.85.127.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll [2016-07-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll [2016-07-02] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2016-07-03] [not signed]
Chrome:
=======
CHR Profile: C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-02]
CHR Extension: (YouTube) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-02]
CHR Extension: (Hľadať v Google) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-07-02]
CHR Extension: (Norton Security Toolbar) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2016-07-03]
CHR Extension: (Gmail) - C:\Users\L4k0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2016-07-03]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2016-07-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 Process Blocker; C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe [2219344 2015-04-10] (Softros Systems, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4803344 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20160701.003\BHDrvx64.sys [1832176 2016-07-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-07-02] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20160701.001\IDSvia64.sys [876248 2016-07-01] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20160702.006\ENG64.SYS [138456 2016-07-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20160702.006\EX64.SYS [2148056 2016-07-02] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2016-07-02] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-08-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-07-03] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-03 13:19 - 2016-07-03 13:19 - 00001611 _____ C:\Users\L4k0\Desktop\APU-Engine.lnk
2016-07-03 13:16 - 2016-07-03 13:16 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Users\L4k0\AppData\Local\CrashDumps
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-03 13:07 - 2016-07-03 13:07 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-07-03 13:07 - 2008-01-04 13:34 - 00011832 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2016-07-03 13:07 - 2008-01-04 13:34 - 00010216 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2016-07-03 13:07 - 2007-12-17 11:14 - 00014392 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys
2016-07-03 13:07 - 2006-01-10 10:50 - 00024576 ____R () C:\Windows\SysWOW64\AsIO.dll
2016-07-03 13:04 - 2016-07-03 13:04 - 00024956 _____ C:\Windows\Ascd_tmp.ini
2016-07-03 13:04 - 2016-07-03 13:04 - 00001746 _____ C:\Windows\Language_trs.ini
2016-07-03 12:43 - 2016-07-03 12:43 - 00002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-07-03 12:43 - 2016-07-03 12:43 - 00002248 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-07-03 12:43 - 2016-07-03 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-07-03 12:43 - 2016-06-01 15:12 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-07-03 12:43 - 2016-06-01 15:05 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-07-03 12:43 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-07-03 12:42 - 2016-07-03 12:43 - 00000000 ____D C:\Program Files (x86)\AVG
2016-07-03 12:41 - 2016-07-03 12:43 - 00000000 ____D C:\Users\L4k0\AppData\Local\Avg
2016-07-03 12:41 - 2016-07-03 12:43 - 00000000 ____D C:\ProgramData\Avg
2016-07-03 12:41 - 2016-07-03 12:42 - 00000000 ____D C:\Users\L4k0\AppData\Local\AvgSetupLog
2016-07-03 12:12 - 2016-07-03 12:12 - 19927624 _____ C:\Users\L4k0\Desktop\RogueKiller.exe
2016-07-03 12:12 - 2016-07-03 12:12 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-03 12:12 - 2016-07-03 12:12 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-03 10:43 - 2016-07-03 10:43 - 00001242 _____ C:\Users\L4k0\Desktop\Paint.lnk
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-02 18:29 - 2016-07-02 18:29 - 00000000 ____D C:\Program Files\WinRAR
2016-07-02 15:55 - 2016-07-02 15:57 - 00000000 ____D C:\Users\L4k0\AppData\Local\NPE
2016-07-02 15:42 - 2016-07-02 15:43 - 00000000 ____D C:\Windows\Minidump
2016-07-02 15:42 - 2016-07-02 15:42 - 415886817 _____ C:\Windows\MEMORY.DMP
2016-07-02 15:31 - 2013-08-07 07:08 - 00078936 ____R (Symantec Corporation) C:\Windows\system32\Drivers\SymIMV.sys
2016-07-02 15:11 - 2016-07-02 17:47 - 00000885 _____ C:\Users\L4k0\Desktop\Mem Reduct.lnk
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Henry++
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Program Files\Mem Reduct
2016-07-02 14:10 - 2016-07-03 13:22 - 00011751 _____ C:\Users\L4k0\Desktop\FRST.txt
2016-07-02 14:10 - 2016-07-03 13:22 - 00000000 ____D C:\FRST
2016-07-02 14:09 - 2016-07-02 14:09 - 02390016 _____ (Farbar) C:\Users\L4k0\Desktop\FRST64.exe
2016-07-02 14:00 - 2016-07-02 14:00 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Blocker
2016-07-02 14:00 - 2016-07-02 14:00 - 00000000 ____D C:\Program Files\Softros Systems
2016-07-02 13:52 - 2016-07-02 13:52 - 00000000 ____D C:\Users\L4k0\AppData\Local\AMD
2016-07-02 13:51 - 2016-07-02 13:51 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-02 13:50 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-07-02 13:50 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-02 13:50 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-07-02 13:50 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-02 13:50 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-02 13:49 - 2016-07-02 13:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-02 13:49 - 2016-07-02 13:49 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-07-02 13:47 - 2016-07-02 13:47 - 00749404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-02 13:45 - 2016-07-02 13:50 - 00000000 ____D C:\Program Files\AMD
2016-07-02 13:43 - 2016-07-02 13:43 - 00000043 _____ C:\Users\L4k0\Desktop\Nový textový dokument.txt
2016-07-02 13:13 - 2016-07-02 12:19 - 00000000 ____D C:\Windows\Panther
2016-07-02 13:10 - 2016-07-02 13:10 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-02 13:10 - 2016-07-02 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-07-02 13:09 - 2016-07-03 13:14 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 13:09 - 2016-07-03 13:14 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-02 13:09 - 2016-07-02 13:10 - 00000000 ____D C:\Users\L4k0\AppData\Local\Google
2016-07-02 13:09 - 2016-07-02 13:09 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-02 13:09 - 2016-07-02 13:09 - 00003676 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-02 13:09 - 2016-07-02 13:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-02 12:30 - 2016-07-03 13:10 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-07-02 12:30 - 2016-07-03 13:10 - 00002501 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2016-07-02 12:30 - 2016-07-02 12:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-07-02 12:30 - 2016-07-02 12:30 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-07-02 12:30 - 2016-07-02 12:30 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-07-02 12:29 - 2016-07-03 13:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-07-02 12:29 - 2016-07-03 13:10 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2016-07-02 12:29 - 2016-07-02 15:55 - 00000000 ____D C:\ProgramData\Norton
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-07-02 12:29 - 2016-07-02 12:29 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2016-07-02 12:21 - 2016-07-02 12:21 - 00057560 _____ C:\Users\L4k0\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-02 12:19 - 2016-07-02 12:19 - 00000020 ___SH C:\Users\L4k0\ntuser.ini
2016-07-02 12:19 - 2016-07-02 12:19 - 00000000 ____D C:\Users\L4k0\AppData\Local\VirtualStore
2016-07-02 12:19 - 2016-07-02 12:19 - 00000000 ____D C:\Users\L4k0
2016-07-02 12:19 - 2010-11-21 17:10 - 00000000 ____D C:\Users\L4k0\AppData\Roaming\Media Center Programs
2016-07-02 12:17 - 2016-07-02 12:17 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-07-02 12:17 - 2016-07-02 12:17 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-07-02 12:15 - 2016-07-02 12:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-03 13:14 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-03 13:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-03 13:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-03 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-03 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-02 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-02 13:27 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-02 13:12 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-07-02 13:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-02 13:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-02 12:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-02 12:14 - 2009-07-14 06:45 - 00274736 _____ C:\Windows\system32\FNTCACHE.DAT
Some files in TEMP:
====================
C:\Users\L4k0\AppData\Local\Temp\dllnt_dump.dll
C:\Users\L4k0\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\L4k0\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\L4k0\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-02 16:31
==================== End of FRST.txt ============================
ADDTION Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by L4k0 (2016-07-03 13:22:31)
Running from C:\Users\L4k0\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-07-02 10:19:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3446584074-721549401-2035689353-500 - Administrator - Disabled)
Guest (S-1-5-21-3446584074-721549401-2035689353-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3446584074-721549401-2035689353-1002 - Limited - Enabled)
L4k0 (S-1-5-21-3446584074-721549401-2035689353-1000 - Administrator - Enabled) => C:\Users\L4k0
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.00.25 - )
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 26.0.1410.40 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Mem Reduct (HKLM-x32\...\memreduct) (Version: 3.0.436 - Henry++)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Process Blocker 1.0.13.0 (HKLM\...\{FEC52075-E418-400D-A25C-AE7F366A9C2C}) (Version: 1.0.13.0 - Softros Systems, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {26A850C4-4ADA-4A3C-9145-5B8213738C5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-02] (Google Inc.)
Task: {547882E9-A1B8-4CA3-AAD6-5C8E7F771F22} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {846A2378-04F3-4DF5-9D5A-C278CFB72535} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2009-06-04] ()
Task: {DB8507D6-FDD7-4F27-8018-5E24C6C05222} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-02] (Google Inc.)
Task: {E32FF4EE-2059-43B3-8A61-95E5B1A3F170} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {F8ABECC2-5E0C-4FC5-9724-F01D7C404D93} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-03 13:07 - 2009-06-04 15:10 - 05777408 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-03 13:07 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2016-07-03 13:07 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2016-07-03 13:07 - 2009-02-03 19:57 - 00106496 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\Calibrate.dll
2016-07-03 12:42 - 2016-07-03 12:41 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 00598480 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\libglesv2.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 00124368 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\libegl.dll
2016-07-02 13:10 - 2013-03-20 08:04 - 04050896 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\pdf.dll
2016-07-02 13:10 - 2013-03-20 08:04 - 00390096 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\ppGoogleNaClPluginChrome.dll
2016-07-02 13:10 - 2013-03-20 08:03 - 01606096 _____ () C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3446584074-721549401-2035689353-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\L4k0\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 199.85.126.10 - 199.85.127.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BC2EF894-D26C-4A10-B57E-6EF57F7A9036}] => (Allow) C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2016 01:14:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/03/2016 01:14:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/03/2016 01:11:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2016 01:07:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.EXE, verzia: 6.1.7601.17514, časová značka: 0x4ce7a144
Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x000003fefc046790
Identifikácia chybného procesu: 0x49c
Čas spustenia chybnej aplikácie: 0xExplorer.EXE0
Cesta chybnej aplikácie: Explorer.EXE1
Cesta chybného modulu: Explorer.EXE2
Identifikácia hlásenia: Explorer.EXE3
Error: (07/02/2016 06:53:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 06:53:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 06:50:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2016 06:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Process Blocker.exe, verzia: 1.0.13.0, časová značka: 0x5527afc8
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.17514, časová značka: 0x4ce7c8f9
Kód výnimky: 0xc0000024
Odstup chyby: 0x00000000000cd7d8
Identifikácia chybného procesu: 0x598
Čas spustenia chybnej aplikácie: 0xProcess Blocker.exe0
Cesta chybnej aplikácie: Process Blocker.exe1
Cesta chybného modulu: Process Blocker.exe2
Identifikácia hlásenia: Process Blocker.exe3
Error: (07/02/2016 05:55:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/02/2016 05:55:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (07/03/2016 01:17:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:17:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:15:31 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}5{883FF1FC-09E1-48E5-8E54-E2469ACB0CFD}
Error: (07/03/2016 01:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 01:10:54 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (07/03/2016 01:10:42 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}5{ECF5BF46-E3B6-449A-B56B-43F58F867814}
Error: (07/03/2016 01:10:42 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}5{56EA1054-1959-467F-BE3B-A2A787C4B6EA}
Error: (07/03/2016 12:59:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Error: (07/03/2016 12:59:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Secure Socket Tunneling Protocol Service, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058 = Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 20%
Total physical RAM: 8191.11 MB
Available physical RAM: 6476.59 MB
Total Virtual: 16380.43 MB
Available Virtual: 14368.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.19 GB) (Free:88.67 GB) NTFS
Drive d: () (Fixed) (Total:348.47 GB) (Free:347.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4D154D14)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================