Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Systém sa správa podivne

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Systém sa správa podivne

#1 Příspěvek od rulerkelso »

Ahojte, v poslednej dobe mám problémy so systémom, ako sú náhodné spomalenia, niekedy sa na moment "sekne" myš keď PC otváram programy (predtým to nerobilo) a najnovšie sa PC nevypína úplne. Zastane to na modrej obrazovke s nápisom VYPÍNAM a ďalej sa nepohne. PC treba následne vypnúť natrvrdo tlačítkom. ROvnako pri reštartovaní. Kvoli tomu sa nedajú ani win aktualizácie doinštalovať.
Ten posledný problém je práve dôvod, prečo som prišiel poprosiť o radu sem :?: Dole log s FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2019
Ran by rafanides (administrator) on DESKTOP-VUVLGPG (27-04-2019 10:05:41)
Running from C:\Users\rafanides\Downloads
Loaded Profiles: rafanides (Available Profiles: rafanides & lukas)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Y Gaming Precision Mouse] => C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe [376320 2015-08-18] () [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Policies\Explorer: [DisallowCpl] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000C27E7-43A5-4DB9-A0DB-90DA790A0C66} - System32\Tasks\Standby list => C:\Users\rafanides\Downloads\EmptyStandbyList.exe [139424 2018-09-26] (Wen Jia Liu -> )
Task: {1AD97B1E-091D-4BD7-8AC2-0D90DBE208DB} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {1B13E417-38C8-4D47-8BC9-EF9185EB1361} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D0034DD-466D-4B43-A51D-1ECB81E63AB4} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {4B4CD290-B335-4074-9C80-B4A9BB96184F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50E2BD97-539A-494F-A530-9E59329D76C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {694CC87F-05C9-4873-AFDB-75602AB67CE6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {714BA034-C79A-42A3-8FD8-0E5092CC0278} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {789759A0-D50C-455D-BBCD-71CDAE94CB6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDB82AE-5D20-4EEB-86E8-6023C92D962C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88BB2B1C-95B8-4DFB-9537-8B9C54275C31} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-1003 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8E8F09DC-5161-4AA1-902A-3F806BB0F2F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8EAEADE6-1266-46FE-AA22-1959386F5FB2} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [258568 2019-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A8FE25E7-B8CF-4DC1-81A3-3956F2B629ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB92594E-5D2B-4D11-99A7-FE1F8705D13C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9DA834D-7C66-4F98-AEE2-5CFDB64F234C} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {C3E3DF77-FC2C-4FDA-A8FD-012293F18A90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0B5620B-7F3D-498D-B36B-D16B367C326F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-500 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D176AFB7-1788-4F9A-AB32-4EA44612A1B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E13FDF8A-95E5-4C5D-8274-0521D70E44DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E89C3803-1B37-4A8B-B0AF-8C0DFE9C7BB7} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8824c212-e4a6-494c-97c9-cc5228a0350b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default [2018-11-03]
FF Extension: (Avira Browser Safety) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\abs@avira.com [2018-11-03] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\passwordmanager@avira.com [2018-11-03] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Prezentace) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-08]
CHR Extension: (Dokumenty) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-08]
CHR Extension: (Disk Google) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-08]
CHR Extension: (Tabulky) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Gmail) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-08-21] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-03-10] (BioWare -> BioWare)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S3 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S4 NahimicService; C:\Windows\System32\NahimicService.exe [1166792 2018-09-28] (A-Volute -> Nahimic)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-01-04] (Even Balance, Inc. -> )
S4 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2019-01-04] (Even Balance, Inc. -> )
S4 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_48720fcc117e5841\RstMwService.exe [1969168 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-08-21] (ASUSTeK Computer Inc. -> )
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2018-08-12] (ASUSTeK Computer Inc. -> )
S0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1092112 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [73232 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R3 LenovoYMouse; C:\Windows\system32\drivers\LenovoYMouse.sys [32776 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz146; \??\C:\Windows\temp\cpuz146\cpuz146_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_V3.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-27 10:05 - 2019-04-27 10:05 - 000019204 _____ C:\Users\rafanides\Downloads\FRST.txt
2019-04-27 10:04 - 2019-04-27 10:05 - 000000000 ____D C:\FRST
2019-04-27 10:04 - 2019-04-27 10:04 - 002429952 _____ (Farbar) C:\Users\rafanides\Downloads\FRST64.exe
2019-04-27 09:44 - 2019-04-27 09:44 - 000000000 ____D C:\Program Files\CUAssistant
2019-04-26 10:26 - 2019-04-26 10:26 - 001197783 _____ C:\Windows\unins000.exe
2019-04-26 10:26 - 2019-04-26 10:26 - 000047900 _____ C:\Windows\unins000.dat
2019-04-25 23:43 - 2019-04-25 23:43 - 000000627 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:43 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 ____D C:\Users\rafanides\Downloads\bin64
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.dat
2019-04-25 23:41 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.exe
2019-04-19 16:12 - 2019-04-26 22:43 - 000000000 ____D C:\Users\rafanides\Downloads\ISLC v1.0.1.1
2019-04-19 16:12 - 2019-04-19 16:12 - 000343928 _____ (Igor Pavlov) C:\Users\rafanides\Downloads\ISLC v1.0.1.1.exe
2019-04-15 16:03 - 2019-04-15 16:03 - 000000000 ____D C:\Users\rafanides\AppData\Local\Risen2
2019-04-15 15:23 - 2019-04-15 15:23 - 000000221 _____ C:\Users\rafanides\Desktop\Risen 2 - Dark Waters.url
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotopak
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\Program Files (x86)\FOTOPAK s.r.o
2019-04-09 21:18 - 2019-04-13 16:27 - 000000000 ____D C:\Users\rafanides\Downloads\shutter
2019-04-03 12:39 - 2019-04-03 12:39 - 000000000 ____D C:\Users\rafanides\AppData\Local\NVIDIA
2019-03-30 12:33 - 2019-03-31 18:55 - 000000000 ____D C:\Program Files\7-Zip
2019-03-30 12:33 - 2019-03-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-03-29 12:59 - 2019-03-29 13:00 - 074907648 _____ C:\Manual of Monsters.pdf
2019-03-28 18:01 - 2019-03-28 18:15 - 173389325 _____ C:\Monster Guide.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-27 10:05 - 2018-07-19 19:26 - 007359228 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-27 10:05 - 2018-05-01 10:09 - 000759904 _____ C:\Windows\system32\perfh019.dat
2019-04-27 10:05 - 2018-05-01 10:09 - 000151262 _____ C:\Windows\system32\perfc019.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000766018 _____ C:\Windows\system32\prfh0816.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000151956 _____ C:\Windows\system32\prfc0816.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000775754 _____ C:\Windows\system32\perfh013.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000153842 _____ C:\Windows\system32\perfc013.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000441740 _____ C:\Windows\system32\perfh014.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000076934 _____ C:\Windows\system32\perfc014.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000718362 _____ C:\Windows\system32\perfh00E.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000162160 _____ C:\Windows\system32\perfc00E.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000542302 _____ C:\Windows\system32\perfh008.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000088658 _____ C:\Windows\system32\perfc008.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000731456 _____ C:\Windows\system32\perfh007.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000149604 _____ C:\Windows\system32\perfc007.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000716072 _____ C:\Windows\system32\perfh005.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000144864 _____ C:\Windows\system32\perfc005.dat
2019-04-27 10:05 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-04-27 10:02 - 2019-01-20 11:55 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-27 10:02 - 2018-08-08 10:11 - 000000000 ____D C:\Users\rafanides\AppData\Local\Packages
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-04-27 10:01 - 2018-12-31 15:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-27 10:01 - 2018-08-08 21:28 - 000000000 ____D C:\Users\rafanides\AppData\Local\CrashDumps
2019-04-27 10:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 10:00 - 2018-07-19 19:10 - 000245096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-04-27 09:50 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-04-27 09:49 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-04-27 09:45 - 2018-07-20 07:34 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 09:44 - 2018-11-27 17:29 - 000000000 ____D C:\Program Files\rempl
2019-04-27 09:44 - 2018-07-20 07:34 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 09:42 - 2019-01-16 18:30 - 000004220 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F03DB28D-1D92-4CD9-86D2-467BC591C7A0}
2019-04-26 10:26 - 2018-12-16 14:59 - 000000000 ____D C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Lenovo
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-25 23:27 - 2018-08-12 14:04 - 000000000 ____D C:\Program Files\Samsung
2019-04-19 22:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SystemApps
2019-04-18 17:03 - 2018-08-17 22:14 - 000007597 _____ C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
2019-04-15 16:03 - 2018-08-08 10:34 - 000000000 ____D C:\Users\rafanides\AppData\Local\D3DSCache
2019-04-12 09:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-04-12 09:30 - 2018-09-19 16:10 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-11 09:53 - 2018-08-08 10:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 09:53 - 2018-08-08 10:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 12:16 - 2018-09-11 18:59 - 000000000 ____D C:\Users\rafanides\AppData\Local\ElevatedDiagnostics
2019-04-08 19:27 - 2018-08-08 10:46 - 000000753 _____ C:\Users\rafanides\Downloads\List.txt
2019-04-07 19:35 - 2019-01-28 13:24 - 000000000 ____D C:\Program Files\Rockstar Games
2019-04-07 19:12 - 2018-09-19 18:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 13:59 - 2018-08-08 10:10 - 000000000 ____D C:\Users\rafanides
2019-04-03 12:05 - 2019-02-18 21:35 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-04-02 19:48 - 2019-03-25 10:00 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\uTorrent
2019-03-31 18:56 - 2019-03-25 16:41 - 000000000 ____D C:\Users\rafanides\AppData\LocalLow\uTorrent
2019-03-28 14:15 - 2019-03-26 10:14 - 000002214 _____ C:\Users\rafanides\Desktop\TS4_x64 – odkaz.lnk
2019-03-28 13:47 - 2018-08-08 10:41 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 13:47 - 2018-08-08 10:41 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2018-12-28 14:18 - 2018-12-28 14:25 - 001065984 _____ () C:\Users\rafanides\AppData\Local\file__0.localstorage
2018-08-17 22:14 - 2019-04-18 17:03 - 000007597 _____ () C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\AppData\Local\Temp\Gw2.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2019
Ran by rafanides (27-04-2019 10:06:09)
Running from C:\Users\rafanides\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-08-08 07:11:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1012113897-4000490067-1847883471-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1012113897-4000490067-1847883471-503 - Limited - Disabled)
Guest (S-1-5-21-1012113897-4000490067-1847883471-501 - Limited - Disabled)
lukas (S-1-5-21-1012113897-4000490067-1847883471-1003 - Administrator - Enabled) => C:\Users\lukas
rafanides (S-1-5-21-1012113897-4000490067-1847883471-1002 - Administrator - Enabled) => C:\Users\rafanides
WDAGUtilityAccount (S-1-5-21-1012113897-4000490067-1847883471-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Awakening Velanna Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Velanna Redesigned©) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Wynne) (Version: - )
Fotopak (HKLM\...\{9D0B4090-6A7C-4810-8F6F-3D6220A5364E}) (Version: 2.0.17.0 - FOTOPAK s.r.o.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.3.42665.45362 (2019-02-08 15:16) - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Y Gaming Precision Mouse (HKLM-x32\...\{B8C29C6B-49AE-438A-8544-DF0534AE666B}}_is1) (Version: 1.19 - Lenovo Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8480 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{03FE2BA9-9538-4195-83E3-09B43901141E}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-02 11:16 - 2018-05-02 11:16 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe
2018-05-03 11:30 - 2018-05-03 11:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2018-07-20 08:00 - 2017-08-21 09:25 - 001360016 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2018-05-02 11:12 - 2018-05-02 11:12 - 000453120 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Provider.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000671232 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\Ncs2InstUtility.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000636928 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Core.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 001620480 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\CoreAgnt.dll
2018-05-02 11:07 - 2018-05-02 11:07 - 004749824 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\NcsColib.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000419328 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2018-05-02 11:09 - 2018-05-02 11:09 - 000411136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\Rule.DLL
2018-05-02 11:10 - 2018-05-02 11:10 - 000902144 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\VlanAgent.dll
2019-04-26 10:26 - 2015-08-18 12:19 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
2018-12-27 00:09 - 2015-07-28 11:43 - 000388096 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
2018-07-20 08:12 - 2019-04-27 10:00 - 000043304 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rafanides\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Sonic Studio 3"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Sonic Studio 3"
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BCFAD999-7597-4B8C-8641-671D24DDD74F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BB5FA31E-9C35-4447-B5AB-A16CF571484A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F37D5D4D-0191-495F-A012-3D1B436BC23B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{255A04EE-5CC4-41F8-8DB1-8EEDB3218F2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BE1158C4-BD9B-45F8-B4B6-02E151CB71C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{687DC944-78B5-4A6B-91FC-DD3763242938}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2633FCB-201A-4DA4-98AB-66624203F900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{60B9CA37-B194-4D5A-B2F0-72150A78E19F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{255062DB-F2BA-4AA1-80C8-B0EBB441C75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{0A492A06-AA0D-4EE1-BDCC-AFFD15CCD169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{2609FE3B-5045-4D13-87D9-4661DD6EEE40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C543E9C1-464B-4A38-B47A-3A2DE62BD9B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{34817D33-4128-4D1D-893C-A5CEF8C7BB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{47109121-2B82-4280-989A-0608932C6A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{71828AB3-D345-4852-9BDF-565B601E1F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{56BA7035-73A2-4849-997B-8430220EE910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{94AFD7CD-C9D4-413C-80DE-4C5BCB515968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{26CA21CA-68DE-41CE-B00E-AD577ADE1F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{2E338A06-5D91-4301-A4D8-C9278E9A40B9}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{84CE57A3-EFCF-472E-A467-BD55B2C12855}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{44DBD664-6B83-41F9-B36D-6AAA10BFC8BC}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{FD8E6EC0-119D-4E7A-BF8E-91062E45697E}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{3C86A243-C89C-4C22-8C81-5F186AAE91FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{52523188-EEAC-43D9-AAB0-AFAEA8CBB41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
FirewallRules: [{BF7677F1-D23C-4865-AB4C-690F7CDB938D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)

==================== Restore Points =========================

10-04-2019 09:18:04 Nainštalované Fotopak
15-04-2019 16:02:36 Installed DirectX
15-04-2019 16:02:59 Nainštalované Microsoft Visual C++ 2005 Redistributable
16-04-2019 20:00:55 Installed DirectX
16-04-2019 20:01:23 Nainštalované Microsoft Visual C++ 2005 Redistributable
26-04-2019 18:31:42 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2019 10:01:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x19cc
Čas spustenia chybujúcej aplikácie: 0x01d4fccf790599da
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 8625c2c2-567b-4d7b-bad1-bde56d28ca1b
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 10:01:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x558
Čas spustenia chybujúcej aplikácie: 0x01d4fccf772266ad
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: bb6fc625-58db-4278-a6ae-cbca81972fd4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 10:01:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0xb34
Čas spustenia chybujúcej aplikácie: 0x01d4fccf7540ed3d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 89262519-f7a5-46c6-8f6a-bbe3b1dbe2d4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 10:01:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1698
Čas spustenia chybujúcej aplikácie: 0x01d4fccf704f687d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: ce604c44-ec7f-4b70-9554-07eacf4d2ab0
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/25/2019 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 53eb1196-aed1-41bb-8770-1a8b13fe5f11
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/25/2019 10:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc0000005
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 50835f7a-75f6-438d-b500-9ca4cd6cdca1
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/24/2019 11:14:41 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263

Error: (04/24/2019 11:14:08 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263


System errors:
=============
Error: (04/27/2019 10:02:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Není k dispozici
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 10:02:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 10:01:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-02 Aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4346084).

Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4493464).

Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4493478).

Error: (04/27/2019 10:00:20 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (04/27/2019 09:58:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Audiosrv zlyhalo kvôli nasledujúcej chybe:
The service did not start due to a logon failure.


Windows Defender:
===================================
Date: 2019-01-20 15:31:09.888
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F93F25E-EB81-43D7-826C-2AEBD59D109F}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-20 12:19:14.683
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C2E5D014-41BB-494E-AD1A-DCC93AF955F5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-10 22:28:56.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD48BACD-743B-409C-94F6-8C5A9F141744}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-07 16:24:37.033
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AAB68BFF-1A07-4307-B805-A28EAADC87B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-26 18:30:02.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC45D283-D197-49BE-8CED-1CF677CE7D2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-20 10:46:51.391
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-19 21:08:34.428
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-18 19:30:23.415
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-17 10:43:54.407
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-16 17:43:54.878
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

CodeIntegrity:
===================================

Date: 2019-04-26 18:32:25.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-26 11:53:36.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-25 20:21:28.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-23 11:58:19.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-21 16:26:06.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 11:15:30.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 12:50:24.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-18 18:19:40.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1002 07/02/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX Z370-F GAMING
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 7%
Total physical RAM: 32703.26 MB
Available physical RAM: 30336.95 MB
Total Virtual: 32703.26 MB
Available Virtual: 29364.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:418.63 GB) (Free:229.7 GB) NTFS
Drive d: () (Fixed) (Total:2794.5 GB) (Free:2714.39 GB) NTFS

\\?\Volume{1e6e5daa-c8ee-408b-9c42-38b8ddd7ae27}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{73bd2b3f-b017-4ddc-957f-c15d0cd1fc50}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#3 Příspěvek od rulerkelso »

Vďaka za rýchlu odpoveď :) Dole log z adwcleaner.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-27-2019
# Duration: 00:00:04
# OS: Windows 10 Home
# Scanned: 31681
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Avira SafeSearch Plus

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1250 octets] - [29/09/2018 19:12:13]
AdwCleaner[S01].txt - [1580 octets] - [30/09/2018 13:01:47]
AdwCleaner[C01].txt - [1690 octets] - [30/09/2018 13:02:03]
AdwCleaner[S02].txt - [1438 octets] - [16/11/2018 21:23:06]
AdwCleaner[C02].txt - [1604 octets] - [16/11/2018 21:23:16]
AdwCleaner[S03].txt - [1615 octets] - [07/04/2019 18:17:04]
AdwCleaner[C03].txt - [1763 octets] - [07/04/2019 18:17:17]
AdwCleaner[S04].txt - [1665 octets] - [07/04/2019 18:18:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#5 Příspěvek od rulerkelso »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.04.2019
Ran by rafanides (administrator) on DESKTOP-VUVLGPG (27-04-2019 13:06:34)
Running from C:\Users\rafanides\Downloads
Loaded Profiles: rafanides (Available Profiles: rafanides & lukas)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wusa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.580_none_ead976921d8220dc\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Y Gaming Precision Mouse] => C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe [376320 2015-08-18] () [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Policies\Explorer: [DisallowCpl] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000C27E7-43A5-4DB9-A0DB-90DA790A0C66} - System32\Tasks\Standby list => C:\Users\rafanides\Downloads\EmptyStandbyList.exe [139424 2018-09-26] (Wen Jia Liu -> )
Task: {1AD97B1E-091D-4BD7-8AC2-0D90DBE208DB} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {1B13E417-38C8-4D47-8BC9-EF9185EB1361} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D0034DD-466D-4B43-A51D-1ECB81E63AB4} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {4B4CD290-B335-4074-9C80-B4A9BB96184F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50E2BD97-539A-494F-A530-9E59329D76C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {694CC87F-05C9-4873-AFDB-75602AB67CE6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {714BA034-C79A-42A3-8FD8-0E5092CC0278} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {789759A0-D50C-455D-BBCD-71CDAE94CB6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDB82AE-5D20-4EEB-86E8-6023C92D962C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88BB2B1C-95B8-4DFB-9537-8B9C54275C31} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-1003 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8E8F09DC-5161-4AA1-902A-3F806BB0F2F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8EAEADE6-1266-46FE-AA22-1959386F5FB2} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [258568 2019-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A8FE25E7-B8CF-4DC1-81A3-3956F2B629ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB92594E-5D2B-4D11-99A7-FE1F8705D13C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9DA834D-7C66-4F98-AEE2-5CFDB64F234C} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {C3E3DF77-FC2C-4FDA-A8FD-012293F18A90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0B5620B-7F3D-498D-B36B-D16B367C326F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-500 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D176AFB7-1788-4F9A-AB32-4EA44612A1B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E13FDF8A-95E5-4C5D-8274-0521D70E44DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E89C3803-1B37-4A8B-B0AF-8C0DFE9C7BB7} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8824c212-e4a6-494c-97c9-cc5228a0350b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default [2018-11-03]
FF Extension: (Avira Browser Safety) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\abs@avira.com [2018-11-03] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\passwordmanager@avira.com [2018-11-03] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Prezentace) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-08]
CHR Extension: (Dokumenty) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-08]
CHR Extension: (Disk Google) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-08]
CHR Extension: (Tabulky) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Gmail) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-08-21] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-03-10] (BioWare -> BioWare)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S3 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S4 NahimicService; C:\Windows\System32\NahimicService.exe [1166792 2018-09-28] (A-Volute -> Nahimic)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-01-04] (Even Balance, Inc. -> )
S4 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2019-01-04] (Even Balance, Inc. -> )
S4 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_48720fcc117e5841\RstMwService.exe [1969168 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-08-21] (ASUSTeK Computer Inc. -> )
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2018-08-12] (ASUSTeK Computer Inc. -> )
S0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1092112 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [73232 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R3 LenovoYMouse; C:\Windows\system32\drivers\LenovoYMouse.sys [32776 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz146; \??\C:\Windows\temp\cpuz146\cpuz146_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_V3.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-27 13:06 - 2019-04-27 13:06 - 000020733 _____ C:\Users\rafanides\Downloads\FRST.txt
2019-04-27 13:06 - 2019-04-27 13:06 - 000000000 ____D C:\Users\rafanides\Downloads\FRST-OlderVersion
2019-04-27 13:04 - 2019-04-27 13:04 - 000000000 ___HT C:\Windows\wusa.lock
2019-04-27 10:04 - 2019-04-27 13:06 - 002430464 _____ (Farbar) C:\Users\rafanides\Downloads\FRST64.exe
2019-04-27 10:04 - 2019-04-27 13:06 - 000000000 ____D C:\FRST
2019-04-27 09:44 - 2019-04-27 13:01 - 000000000 ____D C:\Program Files\CUAssistant
2019-04-26 10:26 - 2019-04-26 10:26 - 001197783 _____ C:\Windows\unins000.exe
2019-04-26 10:26 - 2019-04-26 10:26 - 000047900 _____ C:\Windows\unins000.dat
2019-04-25 23:43 - 2019-04-25 23:43 - 000000627 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:43 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 ____D C:\Users\rafanides\Downloads\bin64
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.dat
2019-04-25 23:41 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.exe
2019-04-19 16:12 - 2019-04-26 22:43 - 000000000 ____D C:\Users\rafanides\Downloads\ISLC v1.0.1.1
2019-04-19 16:12 - 2019-04-19 16:12 - 000343928 _____ (Igor Pavlov) C:\Users\rafanides\Downloads\ISLC v1.0.1.1.exe
2019-04-15 16:03 - 2019-04-15 16:03 - 000000000 ____D C:\Users\rafanides\AppData\Local\Risen2
2019-04-15 15:23 - 2019-04-15 15:23 - 000000221 _____ C:\Users\rafanides\Desktop\Risen 2 - Dark Waters.url
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotopak
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\Program Files (x86)\FOTOPAK s.r.o
2019-04-09 21:18 - 2019-04-13 16:27 - 000000000 ____D C:\Users\rafanides\Downloads\shutter
2019-04-03 12:39 - 2019-04-03 12:39 - 000000000 ____D C:\Users\rafanides\AppData\Local\NVIDIA
2019-03-30 12:33 - 2019-03-31 18:55 - 000000000 ____D C:\Program Files\7-Zip
2019-03-30 12:33 - 2019-03-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-03-29 12:59 - 2019-03-29 13:00 - 074907648 _____ C:\Manual of Monsters.pdf
2019-03-28 18:01 - 2019-03-28 18:15 - 173389325 _____ C:\Monster Guide.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-27 13:05 - 2018-07-19 19:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-27 13:04 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-04-27 12:58 - 2018-08-08 10:27 - 000000000 ____D C:\ProgramData\Packages
2019-04-27 12:58 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-27 12:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-04-27 12:56 - 2018-08-08 10:11 - 000000000 ____D C:\Users\rafanides\AppData\Local\Packages
2019-04-27 12:55 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 11:43 - 2018-08-08 21:28 - 000000000 ____D C:\Users\rafanides\AppData\Local\CrashDumps
2019-04-27 11:05 - 2019-01-20 11:55 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-27 11:05 - 2018-09-29 00:17 - 000000000 ____D C:\Users\rafanides\Downloads\antivir
2019-04-27 11:05 - 2018-07-19 19:26 - 007359228 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-27 11:05 - 2018-05-01 10:09 - 000759904 _____ C:\Windows\system32\perfh019.dat
2019-04-27 11:05 - 2018-05-01 10:09 - 000151262 _____ C:\Windows\system32\perfc019.dat
2019-04-27 11:05 - 2018-05-01 10:06 - 000766018 _____ C:\Windows\system32\prfh0816.dat
2019-04-27 11:05 - 2018-05-01 10:06 - 000151956 _____ C:\Windows\system32\prfc0816.dat
2019-04-27 11:05 - 2018-05-01 10:02 - 000775754 _____ C:\Windows\system32\perfh013.dat
2019-04-27 11:05 - 2018-05-01 10:02 - 000153842 _____ C:\Windows\system32\perfc013.dat
2019-04-27 11:05 - 2018-05-01 10:01 - 000441740 _____ C:\Windows\system32\perfh014.dat
2019-04-27 11:05 - 2018-05-01 10:01 - 000076934 _____ C:\Windows\system32\perfc014.dat
2019-04-27 11:05 - 2018-05-01 09:55 - 000718362 _____ C:\Windows\system32\perfh00E.dat
2019-04-27 11:05 - 2018-05-01 09:55 - 000162160 _____ C:\Windows\system32\perfc00E.dat
2019-04-27 11:05 - 2018-05-01 09:45 - 000542302 _____ C:\Windows\system32\perfh008.dat
2019-04-27 11:05 - 2018-05-01 09:45 - 000088658 _____ C:\Windows\system32\perfc008.dat
2019-04-27 11:05 - 2018-05-01 09:43 - 000731456 _____ C:\Windows\system32\perfh007.dat
2019-04-27 11:05 - 2018-05-01 09:43 - 000149604 _____ C:\Windows\system32\perfc007.dat
2019-04-27 11:05 - 2018-04-12 17:50 - 000716072 _____ C:\Windows\system32\perfh005.dat
2019-04-27 11:05 - 2018-04-12 17:50 - 000144864 _____ C:\Windows\system32\perfc005.dat
2019-04-27 11:05 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-04-27 11:00 - 2018-12-31 15:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-27 11:00 - 2018-07-19 19:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-27 10:59 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-04-27 10:25 - 2018-09-26 18:22 - 000002736 _____ C:\Windows\System32\Tasks\Standby list
2019-04-27 10:00 - 2018-07-19 19:10 - 000245096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-04-27 09:45 - 2018-07-20 07:34 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 09:44 - 2018-11-27 17:29 - 000000000 ____D C:\Program Files\rempl
2019-04-27 09:44 - 2018-07-20 07:34 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 09:42 - 2019-01-16 18:30 - 000004220 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F03DB28D-1D92-4CD9-86D2-467BC591C7A0}
2019-04-26 10:26 - 2018-12-16 14:59 - 000000000 ____D C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Lenovo
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-25 23:27 - 2018-08-12 14:04 - 000000000 ____D C:\Program Files\Samsung
2019-04-19 22:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SystemApps
2019-04-18 17:03 - 2018-08-17 22:14 - 000007597 _____ C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
2019-04-15 16:03 - 2018-08-08 10:34 - 000000000 ____D C:\Users\rafanides\AppData\Local\D3DSCache
2019-04-12 09:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-04-12 09:30 - 2018-09-19 16:10 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-11 09:53 - 2018-08-08 10:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 09:53 - 2018-08-08 10:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 12:16 - 2018-09-11 18:59 - 000000000 ____D C:\Users\rafanides\AppData\Local\ElevatedDiagnostics
2019-04-08 19:27 - 2018-08-08 10:46 - 000000753 _____ C:\Users\rafanides\Downloads\List.txt
2019-04-07 19:35 - 2019-01-28 13:24 - 000000000 ____D C:\Program Files\Rockstar Games
2019-04-07 19:12 - 2018-09-19 18:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 13:59 - 2018-08-08 10:10 - 000000000 ____D C:\Users\rafanides
2019-04-03 12:05 - 2019-02-18 21:35 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-04-02 19:48 - 2019-03-25 10:00 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\uTorrent
2019-03-31 18:56 - 2019-03-25 16:41 - 000000000 ____D C:\Users\rafanides\AppData\LocalLow\uTorrent
2019-03-28 14:15 - 2019-03-26 10:14 - 000002214 _____ C:\Users\rafanides\Desktop\TS4_x64 – odkaz.lnk
2019-03-28 13:47 - 2018-08-08 10:41 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 13:47 - 2018-08-08 10:41 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2018-12-28 14:18 - 2018-12-28 14:25 - 001065984 _____ () C:\Users\rafanides\AppData\Local\file__0.localstorage
2018-08-17 22:14 - 2019-04-18 17:03 - 000007597 _____ () C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\AppData\Local\Temp\Gw2.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
Ran by rafanides (27-04-2019 13:07:03)
Running from C:\Users\rafanides\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-08-08 07:11:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1012113897-4000490067-1847883471-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1012113897-4000490067-1847883471-503 - Limited - Disabled)
Guest (S-1-5-21-1012113897-4000490067-1847883471-501 - Limited - Disabled)
lukas (S-1-5-21-1012113897-4000490067-1847883471-1003 - Administrator - Enabled) => C:\Users\lukas
rafanides (S-1-5-21-1012113897-4000490067-1847883471-1002 - Administrator - Enabled) => C:\Users\rafanides
WDAGUtilityAccount (S-1-5-21-1012113897-4000490067-1847883471-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Awakening Velanna Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Velanna Redesigned©) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Wynne) (Version: - )
Fotopak (HKLM\...\{9D0B4090-6A7C-4810-8F6F-3D6220A5364E}) (Version: 2.0.17.0 - FOTOPAK s.r.o.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.3.42665.45362 (2019-02-08 15:16) - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Y Gaming Precision Mouse (HKLM-x32\...\{B8C29C6B-49AE-438A-8544-DF0534AE666B}}_is1) (Version: 1.19 - Lenovo Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8480 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{03FE2BA9-9538-4195-83E3-09B43901141E}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-02 11:16 - 2018-05-02 11:16 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe
2018-07-20 08:00 - 2017-08-21 09:25 - 001360016 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2019-03-30 12:34 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-04-26 10:26 - 2015-08-18 12:19 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
2018-12-27 00:09 - 2015-07-28 11:43 - 000388096 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
2018-07-20 08:12 - 2019-04-27 11:00 - 000043304 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rafanides\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Sonic Studio 3"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Sonic Studio 3"
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BCFAD999-7597-4B8C-8641-671D24DDD74F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BB5FA31E-9C35-4447-B5AB-A16CF571484A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F37D5D4D-0191-495F-A012-3D1B436BC23B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{255A04EE-5CC4-41F8-8DB1-8EEDB3218F2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BE1158C4-BD9B-45F8-B4B6-02E151CB71C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{687DC944-78B5-4A6B-91FC-DD3763242938}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2633FCB-201A-4DA4-98AB-66624203F900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{60B9CA37-B194-4D5A-B2F0-72150A78E19F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{255062DB-F2BA-4AA1-80C8-B0EBB441C75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{0A492A06-AA0D-4EE1-BDCC-AFFD15CCD169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{2609FE3B-5045-4D13-87D9-4661DD6EEE40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C543E9C1-464B-4A38-B47A-3A2DE62BD9B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{34817D33-4128-4D1D-893C-A5CEF8C7BB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{47109121-2B82-4280-989A-0608932C6A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{71828AB3-D345-4852-9BDF-565B601E1F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{56BA7035-73A2-4849-997B-8430220EE910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{94AFD7CD-C9D4-413C-80DE-4C5BCB515968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{26CA21CA-68DE-41CE-B00E-AD577ADE1F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{2E338A06-5D91-4301-A4D8-C9278E9A40B9}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{84CE57A3-EFCF-472E-A467-BD55B2C12855}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{44DBD664-6B83-41F9-B36D-6AAA10BFC8BC}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{FD8E6EC0-119D-4E7A-BF8E-91062E45697E}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{3C86A243-C89C-4C22-8C81-5F186AAE91FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{52523188-EEAC-43D9-AAB0-AFAEA8CBB41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
FirewallRules: [{BF7677F1-D23C-4865-AB4C-690F7CDB938D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)

==================== Restore Points =========================

10-04-2019 09:18:04 Nainštalované Fotopak
15-04-2019 16:02:36 Installed DirectX
15-04-2019 16:02:59 Nainštalované Microsoft Visual C++ 2005 Redistributable
16-04-2019 20:00:55 Installed DirectX
16-04-2019 20:01:23 Nainštalované Microsoft Visual C++ 2005 Redistributable
26-04-2019 18:31:42 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2019 11:43:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1168
Čas spustenia chybujúcej aplikácie: 0x01d4fcdda15dfaeb
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 28be6738-fb80-47ff-a8ee-b33fdb0adf3e
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1f98
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7cba513ef
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: f37e32ab-3cb9-4a75-9132-353dc11126b3
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1a10
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7c9a4e04b
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: bb9eab42-8620-44d3-9f5c-6d5299f40381
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1a0c
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7c7a5ab63
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 432cb48e-766e-43fb-bfd8-5cc19b2114c2
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1a20
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7c5ac42de
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: b7731fc8-0db4-43e0-b8c7-ce6e804943b7
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x19a0
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7c27b16e0
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: f4b748e7-60e2-44a9-b120-8f5c5e470b6d
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x16f4
Čas spustenia chybujúcej aplikácie: 0x01d4fcd7c06b8687
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 7bc516c8-e970-45aa-aa61-668394726a39
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (04/27/2019 10:56:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1a8c
Čas spustenia chybujúcej aplikácie: 0x01d4fcd72398a89c
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 097e704c-85e3-4199-ae6b-151c58f400e5
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI


System errors:
=============
Error: (04/27/2019 01:05:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 12:58:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 12:16:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 11:43:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 11:07:32 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 11:07:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 11:02:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Není k dispozici
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (04/27/2019 11:01:19 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-01-20 15:31:09.888
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F93F25E-EB81-43D7-826C-2AEBD59D109F}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-20 12:19:14.683
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C2E5D014-41BB-494E-AD1A-DCC93AF955F5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-10 22:28:56.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD48BACD-743B-409C-94F6-8C5A9F141744}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-07 16:24:37.033
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AAB68BFF-1A07-4307-B805-A28EAADC87B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-26 18:30:02.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC45D283-D197-49BE-8CED-1CF677CE7D2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-20 10:46:51.391
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-19 21:08:34.428
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-18 19:30:23.415
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-17 10:43:54.407
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Date: 2019-01-16 17:43:54.878
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

CodeIntegrity:
===================================

Date: 2019-04-27 12:49:42.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-26 18:32:25.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-26 11:53:36.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-25 20:21:28.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-23 11:58:19.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-21 16:26:06.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 11:15:30.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 12:50:24.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1002 07/02/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX Z370-F GAMING
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 10%
Total physical RAM: 32703.26 MB
Available physical RAM: 29150.54 MB
Total Virtual: 32703.26 MB
Available Virtual: 28112.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:418.63 GB) (Free:223.61 GB) NTFS
Drive d: () (Fixed) (Total:2794.5 GB) (Free:2714.39 GB) NTFS

\\?\Volume{1e6e5daa-c8ee-408b-9c42-38b8ddd7ae27}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{73bd2b3f-b017-4ddc-957f-c15d0cd1fc50}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\rafanides\AppData\Local\Temp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

EmptyTemp:
End

Uložte do C:\Users\rafanides\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#7 Příspěvek od rulerkelso »

Hotovo, no keďže sa po dokončení fixu systém nereštartoval poriadne (opat bolo treba tvrdé vypnutie/zapnutie) tak neviem či proces prebehol správne až do konca.
Prikladám log :)
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
Ran by rafanides (27-04-2019 18:07:48) Run:1
Running from C:\Users\rafanides\Downloads
Loaded Profiles: rafanides (Available Profiles: rafanides & lukas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\rafanides\AppData\Local\Temp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67AA8135-7349-4DDB-BA27-662DE7EA000C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67AA8135-7349-4DDB-BA27-662DE7EA000C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49B51C83-7DDB-4856-B348-92E34352CB76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49B51C83-7DDB-4856-B348-92E34352CB76}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\rafanides\AppData\Local\Temp => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20007136 B
Java, Flash, Steam htmlcache => 377675634 B
Windows/system/drivers => 1824304 B
Edge => 7564 B
Chrome => 395990137 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 849459052 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 17825016 B
NetworkService => 0 B
rafanides => 10829818 B
lukas => 182573311 B

RecycleBin => 70518 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:07:52 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#9 Příspěvek od rulerkelso »

Aplikácie sa už spúšťajú rýchlejšie a bez zasekávania kurzora. :)
Avšak PC stále zamŕza počas reštartov/vypnutia. Bude to asi porucha samotého systému a nie vir. PC som preskenoval 2 antivirami - mb3 a roguekiller no nenaslo ziadnu hrozbu.
príkaz /sfc scannow našiel nejaké poškodené súbory a vraj ich úspešne nahradil, no problém nevyriešil.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#10 Příspěvek od Rudy »

Máte nainstalovány všechny ovladače hardwaru?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#11 Příspěvek od rulerkelso »

windows 10 si to spravuje sám alebo nie?
inštaloval som iba driver pre SSD od vyrobcu a ovladace grafiky.
Či niesu nejake konflikty medzi ovladačmi to už neviem. Nevyznám sa v tom, tak do toho nezasahujem.
Pár dní dozadu sa ešte pc vypínal normálne a neviem o ničom, čo by sa zmenilo.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#12 Příspěvek od Rudy »

Windows si to spravuje sám, pokud se jedné o systémové ovladače. Na webu výrobce komponent vašeho PC si najděte podle typu, zda existují ovladače pro win 10. Pokud ano, všechny musí být nainstalovány. Myslím, že kromě toho, co uvádíte vy, ještě ovladač chipsetu, a síť. adaptérů.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

rulerkelso
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 19 čer 2015 07:24

Re: Systém sa správa podivne

#13 Příspěvek od rulerkelso »

Čo-to som preinštaloval ako sieťové ovládače a intel management engine, no nemalo to efekt.
Možno bude nutné v tomto prípade preinštalovať OS.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Systém sa správa podivne

#14 Příspěvek od Rudy »

Zkuste ještě defragmentovat disk. Pokud by to nestačilo, otevřte přes příkazový řádek příkazem msconfig konfig. okno systému a na záložkách "Služby" a "Po spuštění" odstraňte zatžítka u všech ne-microsoftích položek (kromě ovladačů a bezpečnostního software). Nastavení uložte a restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět