Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Marian (16-12-2020 23:48:23)
Running from C:\Users\maria\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-11-27 19:45:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4254316458-2841474531-1994623767-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4254316458-2841474531-1994623767-503 - Limited - Disabled)
Guest (S-1-5-21-4254316458-2841474531-1994623767-501 - Limited - Disabled)
Marian (S-1-5-21-4254316458-2841474531-1994623767-1001 - Administrator - Enabled) => C:\Users\maria
WDAGUtilityAccount (S-1-5-21-4254316458-2841474531-1994623767-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{63FED867-23CB-4AC7-9F22-64AD80FA0DA7}) (Version: 2.16.7113.0 - UL) Hidden
3DMark (HKLM-x32\...\{b6a95974-3bca-4571-9656-98b7350cb823}) (Version: 2.16.7113.0 - UL)
4K Video Downloader (HKLM\...\{98A3B156-22C4-4B5A-9590-77DBF094BC71}) (Version: 4.13.5.3950 - Open Media LLC)
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Action! (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\Mirillis Action!) (Version: 4.13.1 - Mirillis)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
aquasuite (HKLM-x32\...\aquasuite5) (Version: X - Aqua Computer GmbH u. Co. KG)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 3.2.4 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.15.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{c6059da6-7c2c-4aff-99e6-a524262404ad}) (Version: 1.1.15.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{a75323e1-f1a4-4aff-a7ce-3858cbc1c0d2}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.69.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{1ed19b57-ef0e-474d-946f-aac911f8b0e3}) (Version: 1.0.69.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.58 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.3.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4e2ab86c-b539-4b1d-bacd-a434371143fb}) (Version: 0.0.3.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{161cc9f2-e50c-4561-a999-15cf3133a1d3}) (Version: 2.0.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 1.04.21 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.35 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.54 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{db73e7a9-d4ff-4857-a29c-4f6414eb8aca}) (Version: 1.0.54 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.13 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.13 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.24 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{af3f5fef-4152-4f2a-a932-1df532a9a697}) (Version: 3.04.24 - ASUSTeK Computer Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.0.581 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{95555783-E5F3-40B2-99C7-7345C39EFF76}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{2945B729-98C9-4A18-A24E-AD5D84BB9A8E}) (Version: 2.13.594 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2019 - Capture (x64) (HKLM\...\{3834C5F6-5079-4C23-B8B1-F0884A02690F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Common (x64) (HKLM\...\{E26C03B7-3DCF-46FD-9432-B8DAB1C34AEF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Connect (x64) (HKLM\...\{B850B42F-249D-4C94-8536-B08205EB5C77}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Custom Data (x64) (HKLM\...\{FD08312C-7147-4417-9C0A-DE3C45DB56B5}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - CZ (x64) (HKLM\...\{702CEF90-9C4C-48F3-8105-950E3BBE0172}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Draw (x64) (HKLM\...\{0A15F4D7-3B53-45C1-BB67-23F27FF8B75B}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - EN (x64) (HKLM\...\{43EBAA78-1F47-4627-8F0D-5DA8630B4056}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Filters (x64) (HKLM\...\{DB0939C5-03D1-474D-8F60-2EFEE40EA114}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Font Manager (x64) (HKLM\...\{CEE73B7E-2900-4C8B-BEF8-8E6B05C7703C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM (x64) (HKLM\...\{A3BA4B57-A263-476E-B787-B5267F35201F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content CZ (x64) (HKLM\...\{05FDF5A8-802D-44EF-B475-92EE19B77502}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content EN (x64) (HKLM\...\{E5A6F812-B03B-4054-BDC9-E92B1BC6B052}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content PL (x64) (HKLM\...\{52290C71-F654-4B59-9C05-628F24690A22}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content RU (x64) (HKLM\...\{C0DFC477-D301-4E8C-B439-E57116182B68}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content TR (x64) (HKLM\...\{EB0B0BB1-4425-4E33-81B0-8F7CFECD94B9}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - PHOTO-PAINT (x64) (HKLM\...\{E1DB8CE4-D01D-48AF-B0C3-189B9000756C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - PL (x64) (HKLM\...\{09C54395-05BF-47BE-9E33-64C3B93435B4}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - RU (x64) (HKLM\...\{3CC914F8-7FA5-4275-842B-A6C3DD87BD05}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Setup Files (x64) (HKLM\...\{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - VBA (x64) (HKLM\...\{E633140C-B07F-4EF6-8316-BEA221E359EF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Workspaces (x64) (HKLM\...\{CBF86165-DBBB-4DA7-9070-3AFC86EA4745}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Writing Tools (x64) (HKLM\...\{F37A71D2-9B69-45E5-B6B1-DE9D98C197FC}) (Version: 21.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 (64-Bit) (HKLM\...\_{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0.0.593 - Corel Corporation)
CorelDRAW Graphics Suite 2019 (HKLM\...\{DC01BBC9-8212-45F7-A89B-FBDD4BC2B6B7}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 -TR (x64) (HKLM\...\{151CDAA2-2BF5-490B-BB12-229840E3B664}) (Version: 21.0 - Corel Corporation) Hidden
CPUID ROG CPU-Z 1.94 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
CRYENGINE Launcher (HKLM-x32\...\{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}) (Version: 1.0.0 - Crytek GmbH)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.28.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{d22b5310-9f1e-43a8-8547-58fa44742994}) (Version: 1.1.28.0 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Excel (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Futuremark SystemInfo (HKLM-x32\...\{E9B9FD7E-0431-47F5-B506-D78691B88ECD}) (Version: 5.34.869.0 - Futuremark)
GAYA-VIENNA-LOWW (HKLM-x32\...\GAYA-LOWW-V1-0-43192882-C5D5-4649-990A-3528528CD7A6_is1) (Version: 1.0.0.0 - SimMarket)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Network Connections 25.5.0.7 (HKLM\...\PROSetDX) (Version: 25.5.0.7 - Intel)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{511a62a9-1ff0-4cc5-adfe-4a5bd044a3c0}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
ManyCam 4.1.0 (HKLM-x32\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.222.137.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.12527.21330 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 sk) (HKLM\...\Mozilla Firefox 83.0 (x64 sk)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team)
MSI Afterburner 4.6.3 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.3 Beta 4 - MSI Co., LTD)
NahimicAPI 64-bit (HKLM\...\{AEC7880F-673E-458E-B3E0-A64BA9CE88D3}) (Version: 1.0.15.0 - Nahimic)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafický ovládač 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Odinštalovať tlačiareň EPSON L382 Series (HKLM\...\EPSON L382 Series) (Version:  - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Opera Stable 72.0.3815.400 (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\Opera 72.0.3815.400) (Version: 72.0.3815.400 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.89.45622 - Electronic Arts, Inc.)
Outlook (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ovládací panel NVIDIA 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.89 - NVIDIA Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.1 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{e38442c0-a433-48c2-84e2-51ac0b30c3ab}) (Version: 1.0.9.1 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{8839fbd5-69f9-41c5-a1cf-cdfbec966d66}) (Version: 1.0.6.3 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{c8f7044c-7f48-404a-9a5d-9f038f28a789}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
PowerPoint (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
qBittorrent 4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8960.1 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.18 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
ROG Armoury (HKLM-x32\...\{FE703E21-A9E0-4DB3-9115-404175C8222F}) (Version: 3.00.44 - ASUSTeK Computer Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.10.0 - ASUSTek COMPUTER INC.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.13 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version:  - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 116.2.10277 - Ubisoft)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.1 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{68fb2ff9-0618-4948-b68f-9f95e5687067}) (Version: 1.0.0.1 - PD)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.2.1) (HKLM\...\Wondershare Filmora X_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Word (HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_3.2.4.0_x64__qmba6cd70vzyy [2020-11-28] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_2.1.3.0_x64__qmba6cd70vzyy [2020-11-28] (ASUSTeK COMPUTER INC.)
Backgammon 16 games -> C:\Program Files\WindowsApps\12923BoyanPaskalev.Backgammon16games_1.2.93.0_x64__t56wbdx5pbvdt [2020-12-15] (Boyan Paskalev) [MS Ad]
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-01] (Microsoft Corporation)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2020.4.42.0_x64__t5j2fzbtdg37r [2020-12-12] (DTS, Inc.)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2020-12-01] (Realtek Semiconductor Corp)
Sonic Radar 3 -> C:\Program Files\WindowsApps\A-Volute.28054DF1F58B4_3.16.13.0_x64__w2gh52qy24etm [2020-12-03] (A-Volute)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.13.0_x64__w2gh52qy24etm [2020-12-03] (A-Volute)
Wake On Lan -> C:\Program Files\WindowsApps\SepiroLtd.WakeOnLan_1.0.0.0_neutral__17ajh9t5de4sc [2020-11-28] (Sepiro Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4254316458-2841474531-1994623767-1001_Classes\CLSID\{90ca5189-999a-4634-8da4-f7dd871e684a}\localserver32 -> C:\Program Files\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG -> Aqua Computer GmbH & Co. KG)
CustomCLSID: HKU\S-1-5-21-4254316458-2841474531-1994623767-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2020-07-08 17:42 - 2020-07-08 17:42 - 000477696 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2020-07-08 17:42 - 2020-07-08 17:42 - 000471040 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2020-07-14 17:16 - 2020-07-14 17:16 - 000454656 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2020-11-28 21:27 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-11-28 21:27 - 2019-06-26 16:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll
2020-04-22 15:35 - 2020-04-22 15:35 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-12-13 19:34 - 2019-05-02 15:48 - 002183680 _____ () [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\EzULIB_UFB.dll
2020-11-17 18:55 - 2020-11-17 18:55 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2020-11-17 18:55 - 2020-11-17 18:55 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2020-11-17 18:56 - 2020-11-17 18:56 - 000655360 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2020-11-17 18:55 - 2020-11-17 18:55 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2020-11-17 18:55 - 2020-11-17 18:55 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2020-11-28 21:27 - 2019-10-24 11:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2020-12-13 19:34 - 2019-05-02 15:48 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\AsMultiLang.dll
2019-10-27 07:41 - 2019-10-27 07:41 - 001631744 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\aquasuite\Content\x64\SQLite.Interop.dll
2020-11-28 21:27 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2020-11-28 21:27 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2020-11-28 21:28 - 2020-05-14 15:15 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2020-11-28 21:28 - 2020-05-14 15:15 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2020-11-28 22:42 - 2020-11-28 22:41 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-11-28 22:42 - 2020-11-28 22:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-11-28 22:42 - 2020-11-28 22:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-06 21:11 - 2020-11-28 22:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-12-13 19:34 - 2019-05-02 15:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\Interrupt\InterruptTransfer.dll
2020-12-13 19:34 - 2020-02-10 10:27 - 000129024 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\InstallShield\FilterDriver\AsFilterDriver.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [140]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\sharepoint.com -> hxxps://hendn2f-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2020-11-29 00:23 - 2020-11-29 00:23 - 000000374 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maria\AppData\Roaming\ACD Systems\ACDSee\ACD tapeta.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "Asus Headset Svc32"
HKLM\...\StartupApproved\Run: => "Asus Headset Svc64"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\StartupFolder: => "Update Service.lnk"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-4254316458-2841474531-1994623767-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{58A721CD-C7CE-4E8A-AABF-5F71987E9604}C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{474027E7-3A74-4638-B6C5-9E3147EAE23E}C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{18B6300F-3ED2-4075-8B38-990503AF9BB4}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7B3DEE17-CB9A-4797-952F-C540597A5D46}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{C4C04408-FED2-4C91-A0C4-8A6F5577291A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{771B7CCD-FCAF-41D0-AE2B-E4B4D3721D07}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{14631C64-C1EC-4A24-BF7D-9AF57EAAA9A3}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [TCP Query User{15193CDD-6D5E-487D-9596-25D922B3E26F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [UDP Query User{2D3FD4A6-1EFD-44B5-AF8D-8CE00D33FEAD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [{2AF74309-6254-4F56-9AC3-0BF532C5B385}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2A5F3-CB30-4E4E-942E-95AA6E6B1259}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCEEEFD5-F577-4955-B5AC-D72650429C9B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{986F0570-5D99-442A-BE6F-64174E014C3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1BFC6AD-D74B-43FA-BC6A-4C18225AD4D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{303BDCFF-E118-4A6D-8A93-42AA673DBBA3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B806B166-5A7D-44A5-9908-0CFD1BBC80FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08D6842B-7A35-4A16-A28A-B12104CDB758}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2E4EE89-5572-4C5B-8EF2-60567C4D28E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{59A020D2-EFA8-4DC4-AF53-2C9BF7BB3331}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3E4E791B-DF76-4AE4-92E5-89BA50DC3A1B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{8D26C5A2-0FB4-42FA-8D49-745110337D6D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [UDP Query User{6E083D94-6D90-4010-8CF5-FA0AD716B243}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [{224A3640-97A8-4CF3-95E6-54A37BBC67D7}] => (Allow) E:\Steam\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{A0730632-76F8-4A34-AB9C-4225438F7F0B}] => (Allow) E:\Steam\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{48411440-5394-4698-9F56-A38992C7A275}] => (Allow) F:\Program Files\steamapps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [{20C25EA7-CCB1-40E2-A487-6942B6D3CFDF}] => (Allow) F:\Program Files\steamapps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [TCP Query User{CB188B7B-68F6-423B-987D-CD7D4F3E9102}C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{4D831D75-1661-4110-A7D0-B0B96C4E7284}C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\maria\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D55D1913-B25A-4B3A-B86C-E7719B88E786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6C57560A-DCB1-4851-ACBD-96F5BBFA8628}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2A794481-529F-4C38-B0D7-5A958527DC06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F95A1E4A-6E08-44A5-B994-7156B3D581FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F918DB6C-A022-47B9-BE13-A379AF427370}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{D63C461A-8209-4FD2-A890-8B72FBA2030D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{180FB0D9-9210-45A9-85F2-3FED59235888}] => (Block) C:\Users\maria\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDRW.exe => No File
FirewallRules: [{76602E5F-F89E-4A05-9267-4A1DA795CA68}] => (Allow) E:\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{EF3DAB65-4A0A-4DEE-B7C3-BB879B9135D9}] => (Allow) E:\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{33278A95-5BC2-451A-A6AC-F360BF532BBC}] => (Allow) E:\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{482BDDFF-C35A-4DCA-B122-D15793644D63}] => (Allow) E:\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A2FD2301-AA69-4B15-8D3B-4DAB1782B0C7}] => (Allow) E:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{65C54B34-CFEA-42C7-91E3-084BCF4991E0}] => (Allow) E:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EE5730E7-C713-4B60-B76D-D514E14E7062}] => (Allow) E:\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E042661-3762-4B3C-93B4-28569E90CF6F}] => (Allow) E:\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [TCP Query User{ED46526A-8505-47DB-9689-4D0309C900B9}C:\program files (x86)\crytek\cryengine launcher\crytek\neon_noir_ray_tracing_benchmark_2527\bin\win_x64_release\gamelauncher.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\neon_noir_ray_tracing_benchmark_2527\bin\win_x64_release\gamelauncher.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{E70E84E0-DDAD-436E-AF03-AE397467038A}C:\program files (x86)\crytek\cryengine launcher\crytek\neon_noir_ray_tracing_benchmark_2527\bin\win_x64_release\gamelauncher.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\neon_noir_ray_tracing_benchmark_2527\bin\win_x64_release\gamelauncher.exe (Crytek GmbH) [File not signed]
FirewallRules: [{AC430464-4DCF-44E1-A9DF-3AA088CF17EC}] => (Allow) E:\Steam\steamapps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{181B541A-6E08-4E9C-BD3E-CE553A89EFF5}] => (Allow) E:\Steam\steamapps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{7B61DFBC-ACEB-4207-A315-A92ADD8A0C53}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{E8C27F7B-F689-4064-894F-A3D3E6460754}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{AA5217E8-989B-4B87-B64C-255ED41D7E27}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{9A6C80FF-74CF-4BD5-A0CC-300F7FAD73B1}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{22FDE7E5-78D8-488B-B4DA-8560C45EEF50}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{FE0BAA50-85D5-42A2-9B29-DC09009E05DE}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{5A949B70-7E12-4992-8749-90094C8E6B2E}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{E82EA5BA-E278-497E-8770-20020F64BBEB}] => (Allow) E:\Steam\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{EFFF8435-93C0-4DB5-B57B-E1EEC1D6A876}] => (Allow) E:\Games\Crysis 3\Bin32\Crysis3.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{D936264D-1AA9-40F1-BB38-7341CD0866D3}] => (Allow) E:\Games\Crysis 3\Bin32\Crysis3.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [TCP Query User{F780D489-1DD7-4086-B581-420A8B627FA5}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{ADDEA74A-BD08-42BD-96D4-BFC8915256DA}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1E2B0801-B978-41D7-AA68-E45F3E9BF33C}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{0F907F39-3387-4001-8F20-4782EB474273}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{6ABA8648-5329-4C43-9986-EB6BBAB20DA5}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{47CC990B-F80B-4DAA-B370-345DF4A23FD4}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{92260BA2-D742-4B1E-A5B5-3B9E38429641}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E8F5D978-E7DC-4705-9703-9745EDAF2ABC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FE5917E6-6353-45C8-9E07-7EAA98FFDCB1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1E71AFC2-E865-4610-9347-20DB7AC1BE6A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E35FDE1F-2088-483F-B40D-010044887EA6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8782E22F-C727-4F8A-AE89-3376280865C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4285EC8-30CC-4FFF-95B3-096AF18AB5E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DAAA73ED-1BA2-47E4-AD2C-665DCA766DCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AFD43C43-18AC-4EDB-93A8-86FADE82E86E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F0AC61F-D879-4C36-940B-139ADD866967}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A07F037C-CB8A-44C2-B9F5-B6D19FBCE0E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3B45418-5499-4846-B38C-6357224D1C74}] => (Allow) E:\Steam\steamapps\common\Alan Wake\AlanWake.exe () [File not signed]
FirewallRules: [{EDFF59F3-4E17-4590-888E-8D0764E1373F}] => (Allow) E:\Steam\steamapps\common\Alan Wake\AlanWake.exe () [File not signed]
FirewallRules: [{815EF136-25B7-47A6-8FD8-0E52283DABF1}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Watermark Remover\Apowersoft Watermark Remover.exe => No File
FirewallRules: [{E5F10DD0-89D2-4180-8A63-C0EC0788687D}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Watermark Remover\Apowersoft Watermark Remover.exe => No File
FirewallRules: [{42BF1428-5DF6-46B3-A4A9-BE9347C43C24}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe => No File
FirewallRules: [{163B7E7F-F781-4F1A-A26A-B83136C14A7B}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe => No File
FirewallRules: [{E0A9BD32-7E08-49F3-9188-60EB972F2E5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A64AE3E2-E2F9-4883-A1E1-5E5A09481DFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C8CB705-3880-401D-A0ED-18DE7C21FF47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{969863E3-A714-4DFB-AE1C-7F5756F8B6DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

13-12-2020 19:33:47 Installed ROG Armoury
13-12-2020 20:43:31 Installed ProtonVPN
14-12-2020 19:48:01 Installed 4K Video Downloader
16-12-2020 20:34:40 Installed DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/16/2020 11:35:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/16/2020 10:47:15 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/16/2020 10:00:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wmiprvse.exe, verzia: 10.0.19041.546, časová značka: 0x5da7ab91
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0x80131623
Odstup chyby: 0x00007ffdd91a200f
Identifikácia chybujúceho procesu: 0xf50
Čas spustenia chybujúcej aplikácie: 0x01d6d3ee8a566d69
Cesta chybujúcej aplikácie: C:\Windows\system32\wbem\wmiprvse.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 541c389a-1544-4136-882b-4251eab855e2
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/16/2020 10:00:54 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
 System.IO.FileLoadException: 
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
   at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (12/16/2020 10:00:52 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (12/16/2020 10:00:52 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (12/16/2020 10:00:52 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (12/16/2020 09:32:41 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.


System errors:
=============
Error: (12/16/2020 11:35:07 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/16/2020 11:19:39 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/16/2020 11:11:46 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/16/2020 10:47:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/16/2020 06:38:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (12/16/2020 06:38:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container bola ukončená s nasledujúcou chybou: 
A generic command executable returned a result that indicates failure.

Error: (12/16/2020 05:48:24 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/16/2020 05:48:07 PM) (Source: DCOM) (EventID: 10010) (User: MARIAN-PC)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-12-16 23:35:58.5710000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NetWire.XA!MTB&threatid=2147745644&enterprise=0
Name: Behavior:Win32/NetWire.XA!MTB
ID: 2147745644
Severity: Závažná
Category: Podozrivé správanie
Path: behavior:_pid:14444:53547682582636; process:_pid:14444,ProcessStart:132526317583100127
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Unknown
Process Name: C:\Windows\winini\main_dll.exe
Security intelligence Version: AV: 1.329.510.0, AS: 1.329.510.0, NIS: 1.329.510.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-16 23:35:58.5520000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NetWire.XA!MTB&threatid=2147745644&enterprise=0
Name: Behavior:Win32/NetWire.XA!MTB
ID: 2147745644
Severity: Závažná
Category: Podozrivé správanie
Path: behavior:_pid:14444:53547682582636; process:_pid:14444,ProcessStart:132526317583100127
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Unknown
Process Name: Unknown
Security intelligence Version: AV: 1.329.510.0, AS: 1.329.510.0, NIS: 1.329.510.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-16 23:20:28.5720000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NetWire.XA!MTB&threatid=2147745644&enterprise=0
Name: Behavior:Win32/NetWire.XA!MTB
ID: 2147745644
Severity: Závažná
Category: Podozrivé správanie
Path: behavior:_pid:12684:53547682582636; process:_pid:12684,ProcessStart:132526308280858376
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Unknown
Process Name: C:\Windows\winini\main_dll.exe
Security intelligence Version: AV: 1.329.510.0, AS: 1.329.510.0, NIS: 1.329.510.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-16 23:20:28.5470000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NetWire.XA!MTB&threatid=2147745644&enterprise=0
Name: Behavior:Win32/NetWire.XA!MTB
ID: 2147745644
Severity: Závažná
Category: Podozrivé správanie
Path: behavior:_pid:12684:53547682582636; process:_pid:12684,ProcessStart:132526308280858376
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Unknown
Process Name: Unknown
Security intelligence Version: AV: 1.329.510.0, AS: 1.329.510.0, NIS: 1.329.510.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-16 23:12:39.0610000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NetWire.XA!MTB&threatid=2147745644&enterprise=0
Name: Behavior:Win32/NetWire.XA!MTB
ID: 2147745644
Severity: Závažná
Category: Podozrivé správanie
Path: behavior:_pid:14144:53547682582636; process:_pid:14144,ProcessStart:132526303588875511
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: Unknown
Process Name: C:\Windows\winini\main_dll.exe
Security intelligence Version: AV: 1.329.510.0, AS: 1.329.510.0, NIS: 1.329.510.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4

CodeIntegrity:
===================================

Date: 2020-12-16 23:35:52.9470000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.9420000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.9360000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.9280000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.9190000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.9070000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.8960000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-16 23:35:52.8760000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 3003 12/04/2020
Motherboard: ASUSTeK COMPUTER INC. ROG CROSSHAIR VIII DARK HERO
Processor: AMD Ryzen 9 5900X 12-Core Processor 
Percentage of memory in use: 17%
Total physical RAM: 32678.25 MB
Available physical RAM: 26811.66 MB
Total Virtual: 37542.25 MB
Available Virtual: 29000.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:277.54 GB) NTFS
Drive d: (data) (Fixed) (Total:1863 GB) (Free:749.98 GB) NTFS
Drive e: (install) (Fixed) (Total:1863 GB) (Free:891.06 GB) NTFS
Drive f: (capture) (Fixed) (Total:476.94 GB) (Free:342.23 GB) NTFS

\\?\Volume{b4a7465c-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{b4a7465c-0000-0000-0000-805174000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================