Systém sa správa podivne
Napsal: 27 dub 2019 09:13
Ahojte, v poslednej dobe mám problémy so systémom, ako sú náhodné spomalenia, niekedy sa na moment "sekne" myš keď PC otváram programy (predtým to nerobilo) a najnovšie sa PC nevypína úplne. Zastane to na modrej obrazovke s nápisom VYPÍNAM a ďalej sa nepohne. PC treba následne vypnúť natrvrdo tlačítkom. ROvnako pri reštartovaní. Kvoli tomu sa nedajú ani win aktualizácie doinštalovať.
Ten posledný problém je práve dôvod, prečo som prišiel poprosiť o radu sem Dole log s FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2019
Ran by rafanides (administrator) on DESKTOP-VUVLGPG (27-04-2019 10:05:41)
Running from C:\Users\rafanides\Downloads
Loaded Profiles: rafanides (Available Profiles: rafanides & lukas)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Y Gaming Precision Mouse] => C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe [376320 2015-08-18] () [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Policies\Explorer: [DisallowCpl] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000C27E7-43A5-4DB9-A0DB-90DA790A0C66} - System32\Tasks\Standby list => C:\Users\rafanides\Downloads\EmptyStandbyList.exe [139424 2018-09-26] (Wen Jia Liu -> )
Task: {1AD97B1E-091D-4BD7-8AC2-0D90DBE208DB} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {1B13E417-38C8-4D47-8BC9-EF9185EB1361} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D0034DD-466D-4B43-A51D-1ECB81E63AB4} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {4B4CD290-B335-4074-9C80-B4A9BB96184F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50E2BD97-539A-494F-A530-9E59329D76C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {694CC87F-05C9-4873-AFDB-75602AB67CE6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {714BA034-C79A-42A3-8FD8-0E5092CC0278} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {789759A0-D50C-455D-BBCD-71CDAE94CB6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDB82AE-5D20-4EEB-86E8-6023C92D962C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88BB2B1C-95B8-4DFB-9537-8B9C54275C31} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-1003 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8E8F09DC-5161-4AA1-902A-3F806BB0F2F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8EAEADE6-1266-46FE-AA22-1959386F5FB2} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [258568 2019-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A8FE25E7-B8CF-4DC1-81A3-3956F2B629ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB92594E-5D2B-4D11-99A7-FE1F8705D13C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9DA834D-7C66-4F98-AEE2-5CFDB64F234C} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {C3E3DF77-FC2C-4FDA-A8FD-012293F18A90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0B5620B-7F3D-498D-B36B-D16B367C326F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-500 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D176AFB7-1788-4F9A-AB32-4EA44612A1B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E13FDF8A-95E5-4C5D-8274-0521D70E44DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E89C3803-1B37-4A8B-B0AF-8C0DFE9C7BB7} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8824c212-e4a6-494c-97c9-cc5228a0350b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default [2018-11-03]
FF Extension: (Avira Browser Safety) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\abs@avira.com [2018-11-03] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\passwordmanager@avira.com [2018-11-03] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Prezentace) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-08]
CHR Extension: (Dokumenty) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-08]
CHR Extension: (Disk Google) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-08]
CHR Extension: (Tabulky) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Gmail) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-08-21] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-03-10] (BioWare -> BioWare)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S3 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S4 NahimicService; C:\Windows\System32\NahimicService.exe [1166792 2018-09-28] (A-Volute -> Nahimic)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-01-04] (Even Balance, Inc. -> )
S4 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2019-01-04] (Even Balance, Inc. -> )
S4 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_48720fcc117e5841\RstMwService.exe [1969168 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-08-21] (ASUSTeK Computer Inc. -> )
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2018-08-12] (ASUSTeK Computer Inc. -> )
S0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1092112 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [73232 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R3 LenovoYMouse; C:\Windows\system32\drivers\LenovoYMouse.sys [32776 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz146; \??\C:\Windows\temp\cpuz146\cpuz146_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_V3.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 10:05 - 2019-04-27 10:05 - 000019204 _____ C:\Users\rafanides\Downloads\FRST.txt
2019-04-27 10:04 - 2019-04-27 10:05 - 000000000 ____D C:\FRST
2019-04-27 10:04 - 2019-04-27 10:04 - 002429952 _____ (Farbar) C:\Users\rafanides\Downloads\FRST64.exe
2019-04-27 09:44 - 2019-04-27 09:44 - 000000000 ____D C:\Program Files\CUAssistant
2019-04-26 10:26 - 2019-04-26 10:26 - 001197783 _____ C:\Windows\unins000.exe
2019-04-26 10:26 - 2019-04-26 10:26 - 000047900 _____ C:\Windows\unins000.dat
2019-04-25 23:43 - 2019-04-25 23:43 - 000000627 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:43 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 ____D C:\Users\rafanides\Downloads\bin64
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.dat
2019-04-25 23:41 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.exe
2019-04-19 16:12 - 2019-04-26 22:43 - 000000000 ____D C:\Users\rafanides\Downloads\ISLC v1.0.1.1
2019-04-19 16:12 - 2019-04-19 16:12 - 000343928 _____ (Igor Pavlov) C:\Users\rafanides\Downloads\ISLC v1.0.1.1.exe
2019-04-15 16:03 - 2019-04-15 16:03 - 000000000 ____D C:\Users\rafanides\AppData\Local\Risen2
2019-04-15 15:23 - 2019-04-15 15:23 - 000000221 _____ C:\Users\rafanides\Desktop\Risen 2 - Dark Waters.url
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotopak
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\Program Files (x86)\FOTOPAK s.r.o
2019-04-09 21:18 - 2019-04-13 16:27 - 000000000 ____D C:\Users\rafanides\Downloads\shutter
2019-04-03 12:39 - 2019-04-03 12:39 - 000000000 ____D C:\Users\rafanides\AppData\Local\NVIDIA
2019-03-30 12:33 - 2019-03-31 18:55 - 000000000 ____D C:\Program Files\7-Zip
2019-03-30 12:33 - 2019-03-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-03-29 12:59 - 2019-03-29 13:00 - 074907648 _____ C:\Manual of Monsters.pdf
2019-03-28 18:01 - 2019-03-28 18:15 - 173389325 _____ C:\Monster Guide.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 10:05 - 2018-07-19 19:26 - 007359228 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-27 10:05 - 2018-05-01 10:09 - 000759904 _____ C:\Windows\system32\perfh019.dat
2019-04-27 10:05 - 2018-05-01 10:09 - 000151262 _____ C:\Windows\system32\perfc019.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000766018 _____ C:\Windows\system32\prfh0816.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000151956 _____ C:\Windows\system32\prfc0816.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000775754 _____ C:\Windows\system32\perfh013.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000153842 _____ C:\Windows\system32\perfc013.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000441740 _____ C:\Windows\system32\perfh014.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000076934 _____ C:\Windows\system32\perfc014.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000718362 _____ C:\Windows\system32\perfh00E.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000162160 _____ C:\Windows\system32\perfc00E.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000542302 _____ C:\Windows\system32\perfh008.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000088658 _____ C:\Windows\system32\perfc008.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000731456 _____ C:\Windows\system32\perfh007.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000149604 _____ C:\Windows\system32\perfc007.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000716072 _____ C:\Windows\system32\perfh005.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000144864 _____ C:\Windows\system32\perfc005.dat
2019-04-27 10:05 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-04-27 10:02 - 2019-01-20 11:55 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-27 10:02 - 2018-08-08 10:11 - 000000000 ____D C:\Users\rafanides\AppData\Local\Packages
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-04-27 10:01 - 2018-12-31 15:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-27 10:01 - 2018-08-08 21:28 - 000000000 ____D C:\Users\rafanides\AppData\Local\CrashDumps
2019-04-27 10:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 10:00 - 2018-07-19 19:10 - 000245096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-04-27 09:50 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-04-27 09:49 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-04-27 09:45 - 2018-07-20 07:34 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 09:44 - 2018-11-27 17:29 - 000000000 ____D C:\Program Files\rempl
2019-04-27 09:44 - 2018-07-20 07:34 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 09:42 - 2019-01-16 18:30 - 000004220 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F03DB28D-1D92-4CD9-86D2-467BC591C7A0}
2019-04-26 10:26 - 2018-12-16 14:59 - 000000000 ____D C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Lenovo
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-25 23:27 - 2018-08-12 14:04 - 000000000 ____D C:\Program Files\Samsung
2019-04-19 22:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SystemApps
2019-04-18 17:03 - 2018-08-17 22:14 - 000007597 _____ C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
2019-04-15 16:03 - 2018-08-08 10:34 - 000000000 ____D C:\Users\rafanides\AppData\Local\D3DSCache
2019-04-12 09:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-04-12 09:30 - 2018-09-19 16:10 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-11 09:53 - 2018-08-08 10:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 09:53 - 2018-08-08 10:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 12:16 - 2018-09-11 18:59 - 000000000 ____D C:\Users\rafanides\AppData\Local\ElevatedDiagnostics
2019-04-08 19:27 - 2018-08-08 10:46 - 000000753 _____ C:\Users\rafanides\Downloads\List.txt
2019-04-07 19:35 - 2019-01-28 13:24 - 000000000 ____D C:\Program Files\Rockstar Games
2019-04-07 19:12 - 2018-09-19 18:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 13:59 - 2018-08-08 10:10 - 000000000 ____D C:\Users\rafanides
2019-04-03 12:05 - 2019-02-18 21:35 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-04-02 19:48 - 2019-03-25 10:00 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\uTorrent
2019-03-31 18:56 - 2019-03-25 16:41 - 000000000 ____D C:\Users\rafanides\AppData\LocalLow\uTorrent
2019-03-28 14:15 - 2019-03-26 10:14 - 000002214 _____ C:\Users\rafanides\Desktop\TS4_x64 – odkaz.lnk
2019-03-28 13:47 - 2018-08-08 10:41 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 13:47 - 2018-08-08 10:41 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2018-12-28 14:18 - 2018-12-28 14:25 - 001065984 _____ () C:\Users\rafanides\AppData\Local\file__0.localstorage
2018-08-17 22:14 - 2019-04-18 17:03 - 000007597 _____ () C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\AppData\Local\Temp\Gw2.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2019
Ran by rafanides (27-04-2019 10:06:09)
Running from C:\Users\rafanides\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-08-08 07:11:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1012113897-4000490067-1847883471-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1012113897-4000490067-1847883471-503 - Limited - Disabled)
Guest (S-1-5-21-1012113897-4000490067-1847883471-501 - Limited - Disabled)
lukas (S-1-5-21-1012113897-4000490067-1847883471-1003 - Administrator - Enabled) => C:\Users\lukas
rafanides (S-1-5-21-1012113897-4000490067-1847883471-1002 - Administrator - Enabled) => C:\Users\rafanides
WDAGUtilityAccount (S-1-5-21-1012113897-4000490067-1847883471-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Awakening Velanna Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Velanna Redesigned©) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Wynne) (Version: - )
Fotopak (HKLM\...\{9D0B4090-6A7C-4810-8F6F-3D6220A5364E}) (Version: 2.0.17.0 - FOTOPAK s.r.o.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.3.42665.45362 (2019-02-08 15:16) - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Y Gaming Precision Mouse (HKLM-x32\...\{B8C29C6B-49AE-438A-8544-DF0534AE666B}}_is1) (Version: 1.19 - Lenovo Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8480 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{03FE2BA9-9538-4195-83E3-09B43901141E}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-02 11:16 - 2018-05-02 11:16 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe
2018-05-03 11:30 - 2018-05-03 11:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2018-07-20 08:00 - 2017-08-21 09:25 - 001360016 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2018-05-02 11:12 - 2018-05-02 11:12 - 000453120 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Provider.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000671232 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\Ncs2InstUtility.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000636928 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Core.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 001620480 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\CoreAgnt.dll
2018-05-02 11:07 - 2018-05-02 11:07 - 004749824 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\NcsColib.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000419328 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2018-05-02 11:09 - 2018-05-02 11:09 - 000411136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\Rule.DLL
2018-05-02 11:10 - 2018-05-02 11:10 - 000902144 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\VlanAgent.dll
2019-04-26 10:26 - 2015-08-18 12:19 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
2018-12-27 00:09 - 2015-07-28 11:43 - 000388096 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
2018-07-20 08:12 - 2019-04-27 10:00 - 000043304 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rafanides\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Sonic Studio 3"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Sonic Studio 3"
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BCFAD999-7597-4B8C-8641-671D24DDD74F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BB5FA31E-9C35-4447-B5AB-A16CF571484A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F37D5D4D-0191-495F-A012-3D1B436BC23B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{255A04EE-5CC4-41F8-8DB1-8EEDB3218F2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BE1158C4-BD9B-45F8-B4B6-02E151CB71C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{687DC944-78B5-4A6B-91FC-DD3763242938}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2633FCB-201A-4DA4-98AB-66624203F900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{60B9CA37-B194-4D5A-B2F0-72150A78E19F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{255062DB-F2BA-4AA1-80C8-B0EBB441C75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{0A492A06-AA0D-4EE1-BDCC-AFFD15CCD169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{2609FE3B-5045-4D13-87D9-4661DD6EEE40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C543E9C1-464B-4A38-B47A-3A2DE62BD9B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{34817D33-4128-4D1D-893C-A5CEF8C7BB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{47109121-2B82-4280-989A-0608932C6A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{71828AB3-D345-4852-9BDF-565B601E1F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{56BA7035-73A2-4849-997B-8430220EE910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{94AFD7CD-C9D4-413C-80DE-4C5BCB515968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{26CA21CA-68DE-41CE-B00E-AD577ADE1F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{2E338A06-5D91-4301-A4D8-C9278E9A40B9}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{84CE57A3-EFCF-472E-A467-BD55B2C12855}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{44DBD664-6B83-41F9-B36D-6AAA10BFC8BC}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{FD8E6EC0-119D-4E7A-BF8E-91062E45697E}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{3C86A243-C89C-4C22-8C81-5F186AAE91FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{52523188-EEAC-43D9-AAB0-AFAEA8CBB41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
FirewallRules: [{BF7677F1-D23C-4865-AB4C-690F7CDB938D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
==================== Restore Points =========================
10-04-2019 09:18:04 Nainštalované Fotopak
15-04-2019 16:02:36 Installed DirectX
15-04-2019 16:02:59 Nainštalované Microsoft Visual C++ 2005 Redistributable
16-04-2019 20:00:55 Installed DirectX
16-04-2019 20:01:23 Nainštalované Microsoft Visual C++ 2005 Redistributable
26-04-2019 18:31:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2019 10:01:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x19cc
Čas spustenia chybujúcej aplikácie: 0x01d4fccf790599da
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 8625c2c2-567b-4d7b-bad1-bde56d28ca1b
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x558
Čas spustenia chybujúcej aplikácie: 0x01d4fccf772266ad
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: bb6fc625-58db-4278-a6ae-cbca81972fd4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0xb34
Čas spustenia chybujúcej aplikácie: 0x01d4fccf7540ed3d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 89262519-f7a5-46c6-8f6a-bbe3b1dbe2d4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1698
Čas spustenia chybujúcej aplikácie: 0x01d4fccf704f687d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: ce604c44-ec7f-4b70-9554-07eacf4d2ab0
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/25/2019 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 53eb1196-aed1-41bb-8770-1a8b13fe5f11
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/25/2019 10:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc0000005
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 50835f7a-75f6-438d-b500-9ca4cd6cdca1
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/24/2019 11:14:41 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263
Error: (04/24/2019 11:14:08 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263
System errors:
=============
Error: (04/27/2019 10:02:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Není k dispozici
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:02:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:01:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-02 Aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4346084).
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4493464).
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4493478).
Error: (04/27/2019 10:00:20 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (04/27/2019 09:58:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Audiosrv zlyhalo kvôli nasledujúcej chybe:
The service did not start due to a logon failure.
Windows Defender:
===================================
Date: 2019-01-20 15:31:09.888
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F93F25E-EB81-43D7-826C-2AEBD59D109F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-20 12:19:14.683
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C2E5D014-41BB-494E-AD1A-DCC93AF955F5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-10 22:28:56.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD48BACD-743B-409C-94F6-8C5A9F141744}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-07 16:24:37.033
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AAB68BFF-1A07-4307-B805-A28EAADC87B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-26 18:30:02.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC45D283-D197-49BE-8CED-1CF677CE7D2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-20 10:46:51.391
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-19 21:08:34.428
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-18 19:30:23.415
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-17 10:43:54.407
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-16 17:43:54.878
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
CodeIntegrity:
===================================
Date: 2019-04-26 18:32:25.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-26 11:53:36.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-25 20:21:28.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-23 11:58:19.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-21 16:26:06.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-20 11:15:30.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-19 12:50:24.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-18 18:19:40.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1002 07/02/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX Z370-F GAMING
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 7%
Total physical RAM: 32703.26 MB
Available physical RAM: 30336.95 MB
Total Virtual: 32703.26 MB
Available Virtual: 29364.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:418.63 GB) (Free:229.7 GB) NTFS
Drive d: () (Fixed) (Total:2794.5 GB) (Free:2714.39 GB) NTFS
\\?\Volume{1e6e5daa-c8ee-408b-9c42-38b8ddd7ae27}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{73bd2b3f-b017-4ddc-957f-c15d0cd1fc50}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ten posledný problém je práve dôvod, prečo som prišiel poprosiť o radu sem Dole log s FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2019
Ran by rafanides (administrator) on DESKTOP-VUVLGPG (27-04-2019 10:05:41)
Running from C:\Users\rafanides\Downloads
Loaded Profiles: rafanides (Available Profiles: rafanides & lukas)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
() [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Y Gaming Precision Mouse] => C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe [376320 2015-08-18] () [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Policies\Explorer: [DisallowCpl] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000C27E7-43A5-4DB9-A0DB-90DA790A0C66} - System32\Tasks\Standby list => C:\Users\rafanides\Downloads\EmptyStandbyList.exe [139424 2018-09-26] (Wen Jia Liu -> )
Task: {1AD97B1E-091D-4BD7-8AC2-0D90DBE208DB} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {1B13E417-38C8-4D47-8BC9-EF9185EB1361} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D0034DD-466D-4B43-A51D-1ECB81E63AB4} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {49B51C83-7DDB-4856-B348-92E34352CB76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {4B4CD290-B335-4074-9C80-B4A9BB96184F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50E2BD97-539A-494F-A530-9E59329D76C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {67AA8135-7349-4DDB-BA27-662DE7EA000C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-08] (Google Inc -> Google Inc.)
Task: {694CC87F-05C9-4873-AFDB-75602AB67CE6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {714BA034-C79A-42A3-8FD8-0E5092CC0278} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {789759A0-D50C-455D-BBCD-71CDAE94CB6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDB82AE-5D20-4EEB-86E8-6023C92D962C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88BB2B1C-95B8-4DFB-9537-8B9C54275C31} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-1003 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8E8F09DC-5161-4AA1-902A-3F806BB0F2F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8EAEADE6-1266-46FE-AA22-1959386F5FB2} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [258568 2019-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A8FE25E7-B8CF-4DC1-81A3-3956F2B629ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB92594E-5D2B-4D11-99A7-FE1F8705D13C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9DA834D-7C66-4F98-AEE2-5CFDB64F234C} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {C3E3DF77-FC2C-4FDA-A8FD-012293F18A90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0B5620B-7F3D-498D-B36B-D16B367C326F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012113897-4000490067-1847883471-500 => C:\Users\rafanides\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D176AFB7-1788-4F9A-AB32-4EA44612A1B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E13FDF8A-95E5-4C5D-8274-0521D70E44DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E89C3803-1B37-4A8B-B0AF-8C0DFE9C7BB7} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8824c212-e4a6-494c-97c9-cc5228a0350b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default [2018-11-03]
FF Extension: (Avira Browser Safety) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\abs@avira.com [2018-11-03] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\rafanides\AppData\Roaming\Mozilla\Firefox\Profiles\yE8PsowC.default\Extensions\passwordmanager@avira.com [2018-11-03] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Prezentace) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-08]
CHR Extension: (Dokumenty) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-08]
CHR Extension: (Disk Google) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-08]
CHR Extension: (Tabulky) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Gmail) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\rafanides\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-08-21] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-03-10] (BioWare -> BioWare)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S3 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S4 NahimicService; C:\Windows\System32\NahimicService.exe [1166792 2018-09-28] (A-Volute -> Nahimic)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-01-04] (Even Balance, Inc. -> )
S4 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2019-01-04] (Even Balance, Inc. -> )
S4 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_48720fcc117e5841\RstMwService.exe [1969168 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [737248 2018-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-08-21] (ASUSTeK Computer Inc. -> )
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2018-08-12] (ASUSTeK Computer Inc. -> )
S0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1092112 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [73232 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R3 LenovoYMouse; C:\Windows\system32\drivers\LenovoYMouse.sys [32776 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz146; \??\C:\Windows\temp\cpuz146\cpuz146_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_V3.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 10:05 - 2019-04-27 10:05 - 000019204 _____ C:\Users\rafanides\Downloads\FRST.txt
2019-04-27 10:04 - 2019-04-27 10:05 - 000000000 ____D C:\FRST
2019-04-27 10:04 - 2019-04-27 10:04 - 002429952 _____ (Farbar) C:\Users\rafanides\Downloads\FRST64.exe
2019-04-27 09:44 - 2019-04-27 09:44 - 000000000 ____D C:\Program Files\CUAssistant
2019-04-26 10:26 - 2019-04-26 10:26 - 001197783 _____ C:\Windows\unins000.exe
2019-04-26 10:26 - 2019-04-26 10:26 - 000047900 _____ C:\Windows\unins000.dat
2019-04-25 23:43 - 2019-04-25 23:43 - 000000627 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2019-04-25 23:43 - 2019-04-25 23:43 - 000000000 ____D C:\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:43 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Guild Wars 2
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 ____D C:\Users\rafanides\Downloads\bin64
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.tmp
2019-04-25 23:42 - 2019-04-25 23:42 - 000000000 _____ C:\Users\rafanides\Downloads\Gw2.dat
2019-04-25 23:41 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\Downloads\Gw2Setup-64.exe
2019-04-19 16:12 - 2019-04-26 22:43 - 000000000 ____D C:\Users\rafanides\Downloads\ISLC v1.0.1.1
2019-04-19 16:12 - 2019-04-19 16:12 - 000343928 _____ (Igor Pavlov) C:\Users\rafanides\Downloads\ISLC v1.0.1.1.exe
2019-04-15 16:03 - 2019-04-15 16:03 - 000000000 ____D C:\Users\rafanides\AppData\Local\Risen2
2019-04-15 15:23 - 2019-04-15 15:23 - 000000221 _____ C:\Users\rafanides\Desktop\Risen 2 - Dark Waters.url
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotopak
2019-04-10 09:18 - 2019-04-10 09:18 - 000000000 ____D C:\Program Files (x86)\FOTOPAK s.r.o
2019-04-09 21:18 - 2019-04-13 16:27 - 000000000 ____D C:\Users\rafanides\Downloads\shutter
2019-04-03 12:39 - 2019-04-03 12:39 - 000000000 ____D C:\Users\rafanides\AppData\Local\NVIDIA
2019-03-30 12:33 - 2019-03-31 18:55 - 000000000 ____D C:\Program Files\7-Zip
2019-03-30 12:33 - 2019-03-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-03-29 12:59 - 2019-03-29 13:00 - 074907648 _____ C:\Manual of Monsters.pdf
2019-03-28 18:01 - 2019-03-28 18:15 - 173389325 _____ C:\Monster Guide.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 10:05 - 2018-07-19 19:26 - 007359228 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-27 10:05 - 2018-05-01 10:09 - 000759904 _____ C:\Windows\system32\perfh019.dat
2019-04-27 10:05 - 2018-05-01 10:09 - 000151262 _____ C:\Windows\system32\perfc019.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000766018 _____ C:\Windows\system32\prfh0816.dat
2019-04-27 10:05 - 2018-05-01 10:06 - 000151956 _____ C:\Windows\system32\prfc0816.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000775754 _____ C:\Windows\system32\perfh013.dat
2019-04-27 10:05 - 2018-05-01 10:02 - 000153842 _____ C:\Windows\system32\perfc013.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000441740 _____ C:\Windows\system32\perfh014.dat
2019-04-27 10:05 - 2018-05-01 10:01 - 000076934 _____ C:\Windows\system32\perfc014.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000718362 _____ C:\Windows\system32\perfh00E.dat
2019-04-27 10:05 - 2018-05-01 09:55 - 000162160 _____ C:\Windows\system32\perfc00E.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000542302 _____ C:\Windows\system32\perfh008.dat
2019-04-27 10:05 - 2018-05-01 09:45 - 000088658 _____ C:\Windows\system32\perfc008.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000731456 _____ C:\Windows\system32\perfh007.dat
2019-04-27 10:05 - 2018-05-01 09:43 - 000149604 _____ C:\Windows\system32\perfc007.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000716072 _____ C:\Windows\system32\perfh005.dat
2019-04-27 10:05 - 2018-04-12 17:50 - 000144864 _____ C:\Windows\system32\perfc005.dat
2019-04-27 10:05 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-04-27 10:02 - 2019-01-20 11:55 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-27 10:02 - 2018-08-08 10:11 - 000000000 ____D C:\Users\rafanides\AppData\Local\Packages
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-27 10:02 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-04-27 10:01 - 2018-12-31 15:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-27 10:01 - 2018-08-08 21:28 - 000000000 ____D C:\Users\rafanides\AppData\Local\CrashDumps
2019-04-27 10:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 10:00 - 2018-07-19 19:10 - 000245096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-27 10:00 - 2018-07-19 19:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\lt-LT
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\et-EE
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-04-27 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-04-27 09:50 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-04-27 09:49 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-04-27 09:45 - 2018-07-20 07:34 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 09:44 - 2018-11-27 17:29 - 000000000 ____D C:\Program Files\rempl
2019-04-27 09:44 - 2018-07-20 07:34 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 09:42 - 2019-01-16 18:30 - 000004220 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F03DB28D-1D92-4CD9-86D2-467BC591C7A0}
2019-04-26 10:26 - 2018-12-16 14:59 - 000000000 ____D C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\Lenovo
2019-04-26 10:26 - 2018-10-24 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-04-25 23:27 - 2018-08-12 14:04 - 000000000 ____D C:\Program Files\Samsung
2019-04-19 22:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SystemApps
2019-04-18 17:03 - 2018-08-17 22:14 - 000007597 _____ C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
2019-04-15 16:03 - 2018-08-08 10:34 - 000000000 ____D C:\Users\rafanides\AppData\Local\D3DSCache
2019-04-12 09:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-04-12 09:30 - 2018-09-19 16:10 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-11 09:53 - 2018-08-08 10:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 09:53 - 2018-08-08 10:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 12:16 - 2018-09-11 18:59 - 000000000 ____D C:\Users\rafanides\AppData\Local\ElevatedDiagnostics
2019-04-08 19:27 - 2018-08-08 10:46 - 000000753 _____ C:\Users\rafanides\Downloads\List.txt
2019-04-07 19:35 - 2019-01-28 13:24 - 000000000 ____D C:\Program Files\Rockstar Games
2019-04-07 19:12 - 2018-09-19 18:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 13:59 - 2018-08-08 10:10 - 000000000 ____D C:\Users\rafanides
2019-04-03 12:05 - 2019-02-18 21:35 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-04-02 19:48 - 2019-03-25 10:00 - 000000000 ____D C:\Users\rafanides\AppData\Roaming\uTorrent
2019-03-31 18:56 - 2019-03-25 16:41 - 000000000 ____D C:\Users\rafanides\AppData\LocalLow\uTorrent
2019-03-28 14:15 - 2019-03-26 10:14 - 000002214 _____ C:\Users\rafanides\Desktop\TS4_x64 – odkaz.lnk
2019-03-28 13:47 - 2018-08-08 10:41 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 13:47 - 2018-08-08 10:41 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2018-12-28 14:18 - 2018-12-28 14:25 - 001065984 _____ () C:\Users\rafanides\AppData\Local\file__0.localstorage
2018-08-17 22:14 - 2019-04-18 17:03 - 000007597 _____ () C:\Users\rafanides\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2019-04-25 23:42 - 2019-04-25 23:42 - 034408104 _____ (ArenaNet) C:\Users\rafanides\AppData\Local\Temp\Gw2.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2019
Ran by rafanides (27-04-2019 10:06:09)
Running from C:\Users\rafanides\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-08-08 07:11:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1012113897-4000490067-1847883471-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1012113897-4000490067-1847883471-503 - Limited - Disabled)
Guest (S-1-5-21-1012113897-4000490067-1847883471-501 - Limited - Disabled)
lukas (S-1-5-21-1012113897-4000490067-1847883471-1003 - Administrator - Enabled) => C:\Users\lukas
rafanides (S-1-5-21-1012113897-4000490067-1847883471-1002 - Administrator - Enabled) => C:\Users\rafanides
WDAGUtilityAccount (S-1-5-21-1012113897-4000490067-1847883471-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Awakening Velanna Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Awakening Velanna Redesigned©) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\Dragon Age Redesigned© Wynne) (Version: - )
Fotopak (HKLM\...\{9D0B4090-6A7C-4810-8F6F-3D6220A5364E}) (Version: 2.0.17.0 - FOTOPAK s.r.o.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.3.42665.45362 (2019-02-08 15:16) - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Y Gaming Precision Mouse (HKLM-x32\...\{B8C29C6B-49AE-438A-8544-DF0534AE666B}}_is1) (Version: 1.19 - Lenovo Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8480 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{03FE2BA9-9538-4195-83E3-09B43901141E}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-02 11:16 - 2018-05-02 11:16 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe
2018-05-03 11:30 - 2018-05-03 11:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2018-07-20 08:00 - 2017-08-21 09:25 - 001360016 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2018-05-02 11:12 - 2018-05-02 11:12 - 000453120 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Provider.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000671232 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\Ncs2InstUtility.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000636928 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Core.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 001620480 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\CoreAgnt.dll
2018-05-02 11:07 - 2018-05-02 11:07 - 004749824 _____ (Intel(R) Corporation) [File not signed] C:\Windows\SYSTEM32\NcsColib.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000419328 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2018-05-02 11:09 - 2018-05-02 11:09 - 000411136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\Rule.DLL
2018-05-02 11:10 - 2018-05-02 11:10 - 000902144 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\VlanAgent.dll
2019-04-26 10:26 - 2015-08-18 12:19 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\hid.exe
2018-12-27 00:09 - 2015-07-28 11:43 - 000388096 _____ () [File not signed] C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
2018-07-20 08:12 - 2019-04-27 10:00 - 000043304 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2018-07-20 08:12 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rafanides\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Sonic Studio 3"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Sonic Studio 3"
HKU\S-1-5-21-1012113897-4000490067-1847883471-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BCFAD999-7597-4B8C-8641-671D24DDD74F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BB5FA31E-9C35-4447-B5AB-A16CF571484A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F37D5D4D-0191-495F-A012-3D1B436BC23B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{255A04EE-5CC4-41F8-8DB1-8EEDB3218F2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BE1158C4-BD9B-45F8-B4B6-02E151CB71C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{687DC944-78B5-4A6B-91FC-DD3763242938}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2633FCB-201A-4DA4-98AB-66624203F900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{60B9CA37-B194-4D5A-B2F0-72150A78E19F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{255062DB-F2BA-4AA1-80C8-B0EBB441C75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{0A492A06-AA0D-4EE1-BDCC-AFFD15CCD169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{2609FE3B-5045-4D13-87D9-4661DD6EEE40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C543E9C1-464B-4A38-B47A-3A2DE62BD9B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen\bin\Risen.exe (Piranha Bytes) [File not signed]
FirewallRules: [{34817D33-4128-4D1D-893C-A5CEF8C7BB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{47109121-2B82-4280-989A-0608932C6A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{71828AB3-D345-4852-9BDF-565B601E1F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{56BA7035-73A2-4849-997B-8430220EE910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{94AFD7CD-C9D4-413C-80DE-4C5BCB515968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{26CA21CA-68DE-41CE-B00E-AD577ADE1F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{2E338A06-5D91-4301-A4D8-C9278E9A40B9}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{84CE57A3-EFCF-472E-A467-BD55B2C12855}] => (Allow) C:\Users\rafanides\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{44DBD664-6B83-41F9-B36D-6AAA10BFC8BC}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{FD8E6EC0-119D-4E7A-BF8E-91062E45697E}C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\the.sims.4strangerville.incl.all.dlc\the sims 4 strangerville\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{3C86A243-C89C-4C22-8C81-5F186AAE91FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{52523188-EEAC-43D9-AAB0-AFAEA8CBB41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
FirewallRules: [{BF7677F1-D23C-4865-AB4C-690F7CDB938D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes)
==================== Restore Points =========================
10-04-2019 09:18:04 Nainštalované Fotopak
15-04-2019 16:02:36 Installed DirectX
15-04-2019 16:02:59 Nainštalované Microsoft Visual C++ 2005 Redistributable
16-04-2019 20:00:55 Installed DirectX
16-04-2019 20:01:23 Nainštalované Microsoft Visual C++ 2005 Redistributable
26-04-2019 18:31:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2019 10:01:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x19cc
Čas spustenia chybujúcej aplikácie: 0x01d4fccf790599da
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 8625c2c2-567b-4d7b-bad1-bde56d28ca1b
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x558
Čas spustenia chybujúcej aplikácie: 0x01d4fccf772266ad
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: bb6fc625-58db-4278-a6ae-cbca81972fd4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0xb34
Čas spustenia chybujúcej aplikácie: 0x01d4fccf7540ed3d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: 89262519-f7a5-46c6-8f6a-bbe3b1dbe2d4
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/27/2019 10:01:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Názov chybujúceho modulu: SearchUI.exe, verzia: 10.0.17134.407, časová značka: 0x5bdaa40f
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000001b6a95
Identifikácia chybujúceho procesu: 0x1698
Čas spustenia chybujúcej aplikácie: 0x01d4fccf704f687d
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta chybujúceho modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identifikácia hlásenia: ce604c44-ec7f-4b70-9554-07eacf4d2ab0
Celé meno chybujúceho balíka: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (04/25/2019 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 53eb1196-aed1-41bb-8770-1a8b13fe5f11
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/25/2019 10:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Názov chybujúceho modulu: Tray.exe, verzia: 1.0.0.1, časová značka: 0x55b6fa55
Kód výnimky: 0xc0000005
Odstup chyby: 0x00005083
Identifikácia chybujúceho procesu: 0x1c8c
Čas spustenia chybujúcej aplikácie: 0x01d4fba56d68511d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Lenovo Y Gaming Precision Mouse\Tray.exe
Identifikácia hlásenia: 50835f7a-75f6-438d-b500-9ca4cd6cdca1
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/24/2019 11:14:41 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263
Error: (04/24/2019 11:14:08 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-VUVLGPG)
Description: httphttp-2147467263
System errors:
=============
Error: (04/27/2019 10:02:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Není k dispozici
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:02:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:01:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VUVLGPG)
Description: The specifické pro aplikaci permission settings do not grant Místní Spuštění permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-VUVLGPG\rafanides SID (S-1-5-21-1012113897-4000490067-1847883471-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-02 Aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4346084).
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4493464).
Error: (04/27/2019 10:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f0922: 2019-04 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4493478).
Error: (04/27/2019 10:00:20 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (04/27/2019 09:58:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Audiosrv zlyhalo kvôli nasledujúcej chybe:
The service did not start due to a logon failure.
Windows Defender:
===================================
Date: 2019-01-20 15:31:09.888
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F93F25E-EB81-43D7-826C-2AEBD59D109F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-20 12:19:14.683
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C2E5D014-41BB-494E-AD1A-DCC93AF955F5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-10 22:28:56.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD48BACD-743B-409C-94F6-8C5A9F141744}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-07 16:24:37.033
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AAB68BFF-1A07-4307-B805-A28EAADC87B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-26 18:30:02.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC45D283-D197-49BE-8CED-1CF677CE7D2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-20 10:46:51.391
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-19 21:08:34.428
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3241.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-18 19:30:23.415
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-17 10:43:54.407
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Date: 2019-01-16 17:43:54.878
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3004.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070422
Error description: Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
CodeIntegrity:
===================================
Date: 2019-04-26 18:32:25.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-26 11:53:36.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-25 20:21:28.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-23 11:58:19.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-21 16:26:06.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-20 11:15:30.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-19 12:50:24.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2019-04-18 18:19:40.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1002 07/02/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX Z370-F GAMING
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 7%
Total physical RAM: 32703.26 MB
Available physical RAM: 30336.95 MB
Total Virtual: 32703.26 MB
Available Virtual: 29364.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:418.63 GB) (Free:229.7 GB) NTFS
Drive d: () (Fixed) (Total:2794.5 GB) (Free:2714.39 GB) NTFS
\\?\Volume{1e6e5daa-c8ee-408b-9c42-38b8ddd7ae27}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{73bd2b3f-b017-4ddc-957f-c15d0cd1fc50}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================