Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2021
Ran by ondre (28-03-2021 18:51:35)
Running from C:\Users\ondre\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2020-11-19 12:30:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-105755324-134231014-3445628484-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-105755324-134231014-3445628484-503 - Limited - Disabled)
Guest (S-1-5-21-105755324-134231014-3445628484-501 - Limited - Disabled)
ondre (S-1-5-21-105755324-134231014-3445628484-1001 - Administrator - Enabled) => C:\Users\ondre
WDAGUtilityAccount (S-1-5-21-105755324-134231014-3445628484-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AlterCam (HKLM-x32\...\{358AF097-92D1-4750-80E1-F71904AC8CE2}_is1) (Version: 5.5 - Bolide® Software)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 3.3.7 - ASUS)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.4.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{29f5bb52-3759-4b80-bdeb-bf6d881f3687}) (Version: 2.4.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.03 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{3ee3abea-aaa5-4bdb-a8a3-cbbbed892bb1}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{0fc56b57-bf6d-45dc-928b-4bc661c8c773}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.39 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.14 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.14 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.32 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{1dd27167-f40c-47db-9e8f-b2f5d210f173}) (Version: 3.04.32 - ASUSTeK Computer Inc.)
Balíček ovladače systému Windows - Microsoft (WUDFRd) WPD  (09/19/2012 5.2.5326.4762) (HKLM\...\A7BACDBBED86FA3AAB26DC77FE3E243F77D587A1) (Version: 09/19/2012 5.2.5326.4762 - Microsoft)
Balíček ovladače systému Windows - Microsoft Modem  (07/01/2001 5.1.2535.0) (HKLM\...\B5D12F78F784C79744947AE1538727D18EC63BDB) (Version: 07/01/2001 5.1.2535.0 - Microsoft)
Balíček ovladače systému Windows - Miracle Team (usbser) Ports  (11/5/2013 2.0.1136.0) (HKLM\...\9CBA1B44E7B8BF391ABC8C63EF66DB2A2DAA5FA4) (Version: 11/5/2013 2.0.1136.0 - Miracle Team)
Balíček ovladače systému Windows - Miracle Team (WinUSB) AndroidUsbDeviceClass  (11/5/2013 4.0.0000.00000) (HKLM\...\93CAA51E2FB5008FCCE467BE0C1D50A0446DAB66) (Version: 11/5/2013 4.0.0000.00000 - Miracle Team)
Balíček ovladače systému Windows - Miracle Team (WinUSB) AndroidUsbDeviceClass  (11/5/2013 4.0.0000.00000) (HKLM\...\E8E7A52180B4EE3B01B6F2D0722797C88C110056) (Version: 11/5/2013 4.0.0000.00000 - Miracle Team)
Balíček ovladače systému Windows - Miracle Team . Net  (11/5/2013 1.1129.00) (HKLM\...\402DD6C0A53FABB77CC8C57A6F62387D92037335) (Version: 11/5/2013 1.1129.00 - Miracle Team .)
Brother P-touch Editor 5.4 (HKLM-x32\...\{3D6B8787-51B7-45F3-B730-79875DA88764}) (Version: 5.4.0010 - Brother Industries, Ltd.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Discord (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Electrum (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\Electrum) (Version: 4.0.5 - Electrum Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Excel (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
ManyCam 7.7.0 (HKLM-x32\...\ManyCam) (Version: 7.7.0 - Visicom Media Inc.)
Messenger 83.5.128 (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 83.5.128 - Facebook, Inc.)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft PowerPoint 2019 - cs-cz (HKLM\...\PowerPoint2019Retail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Miracle Thunder [OFFICIAL - FREE] 2.82 (HKLM-x32\...\Miracle Thunder [OFFICIAL - FREE] 2.82) (Version: 2.82 - Gsm_X_Team)
NetLimiter 4 (HKLM\...\{2E79037C-E13E-4FB6-B05F-979627C53E76}) (Version: 4.1.6.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.1.6.0) (Version: 4.1.6.0 - Locktime Software)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PicoTorrent (HKLM\...\{CDD0C06F-FF3D-47B2-A376-E5EC3960377D}) (Version: 0.24.0 - PicoTorrent contributors) Hidden
PicoTorrent (HKLM-x32\...\{750f4ced-1cb6-4f0f-ae2d-771508ab10e5}) (Version: 0.24.0 - PicoTorrent contributors.)
PowerPoint (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Realtek USB Audio (HKLM\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.213 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.0.3 - ASUSTeK COMPUTER INC.)
Roblox Player for ondre (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.16.0 - ASUSTek COMPUTER INC.)
TomTom MyDrive Connect 4.2.11.4200 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.11.4200 - TomTom)
USB Serial Port Driver (x64) (HKLM-x32\...\{53012BD2-D1A3-4530-9AE2-B0C503B5C1C2}) (Version: 2013.30.0.313 - Nokia)
Virtual Serial Port Driver 9.0 (Build 9.0.575) (HKLM\...\Virtual Serial Port Driver_is1) (Version:  - ELTIMA Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Word (HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_3.3.7.0_x64__qmba6cd70vzyy [2021-01-21] (ASUSTeK COMPUTER INC.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\appup.intelgraphicscontrolpanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-11-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.3.18.0_x64__qmba6cd70vzyy [2021-03-05] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-02] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.223.0_x64__dt26b99r8h8gj [2020-11-19] (Realtek Semiconductor Corp)
ROG Aura -> C:\Program Files\WindowsApps\B9ECED6F.ROGAura_2.1.25.0_x86__qmba6cd70vzyy [2020-11-22] (ASUSTeK COMPUTER INC.) [Startup Task]
ROG Aura Core -> C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy [2020-11-22] (ASUSTeK COMPUTER INC.) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-05] (Spotify AB) [Startup Task]
Video Converter - PRO -> C:\Program Files\WindowsApps\21336V3TApps.VideoConverter-FREE_2.0.25.0_x64__bzg06mxvgh4fa [2020-12-03] (V3TApps)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-105755324-134231014-3445628484-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ondre\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-105755324-134231014-3445628484-1001_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\ondre\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-105755324-134231014-3445628484-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-05-05] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-05-05] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_8b3975f7b9f36d28\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-105755324-134231014-3445628484-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2020-12-28 22:33 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2020-10-20 17:36 - 2020-12-11 17:29 - 006159480 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] D:\Games\Genshin Impact\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-105755324-134231014-3445628484-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ondre\Downloads\954446.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
WiFi: VMware Bridge Protocol -> vmware_bridge (enabled) 
WiFi: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Bluetooth Network Connection: VMware Bridge Protocol -> vmware_bridge (enabled) 
NordLynx: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
Ethernet 2: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-105755324-134231014-3445628484-1001\...\StartupApproved\Run: => "NordVPN"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0A0037B1-3888-43EF-88CA-E5A270C890CC}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{64602325-9EB7-46A1-A136-E445A63F257D}] => (Allow) E:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A4D2F033-BE9F-4034-B2FB-C94DE7E954A5}] => (Allow) E:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EAC3C15B-3417-4D29-8F23-34A47124422A}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4BDA54C2-5A02-4534-97EB-7E9EB849EB9F}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{60A61560-DCFF-48E5-B537-0B91BCD38FF3}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{2E5D12ED-4686-4DBF-8317-0696FCFA1BF4}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{12F94C4F-FE6D-4DA2-A46B-934A51265059}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{5BA80D94-E88F-429C-9FDB-E141FCDBA612}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [TCP Query User{4ED6D1DC-BD71-49D4-99B5-1587CCB4579A}C:\users\ondre\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ondre\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3469412-E8CC-4274-92FF-6BE71EB5B8D5}C:\users\ondre\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ondre\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6702DFEA-31A2-4E0D-B286-F05C2DDC2D0F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{6E5007E0-827A-4963-A4F0-381A44C6753F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1A6500E7-0C6C-4B42-918B-371CD262B419}] => (Allow) E:\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{12F6078A-AA37-4B3C-9AE1-C3071DB2A263}] => (Allow) E:\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{C57F1722-E996-4B8E-985F-DA51D2CBBC58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FD5BC5F-AE12-4F3B-AE83-48CB5C01CB1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B73CB05-8259-4F1A-9E31-958255FAFA79}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A11E6678-C9B0-49D8-80A9-202B21B3441C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5C830DFE-FCD9-47CF-94B1-6F3B578F7BC4}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C1EF5D70-785C-4EA7-903A-FD21804BE79E}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{A0BCA0BA-D780-4512-8871-AF13C4E299F9}] => (Allow) E:\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]
FirewallRules: [{88DCBCB4-2F4E-4E03-B78A-29C42C4B0763}] => (Allow) E:\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]
FirewallRules: [{67DCBD77-F9F5-4A25-8FB5-642ED7AE49A9}] => (Allow) E:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{A98DFA36-703A-4A58-9821-049A3EBC18FF}] => (Allow) E:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{CA7F6859-DA0B-4668-8DB5-FD8C9121178F}] => (Allow) D:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CEA71958-F57F-414B-8843-B1CBA418AB28}] => (Allow) D:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7F952D0A-5DF7-4C57-9B63-7009BC19A522}] => (Allow) E:\Steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [{8C85615D-4E28-4B32-9AFE-49EF355E6663}] => (Allow) E:\Steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [TCP Query User{14952FF7-385B-4347-80D1-87100C7EED02}C:\program files\picotorrent\picotorrent.exe] => (Allow) C:\program files\picotorrent\picotorrent.exe () [File not signed]
FirewallRules: [UDP Query User{68971FB3-64E6-47B1-8701-F25C4CCEA9DD}C:\program files\picotorrent\picotorrent.exe] => (Allow) C:\program files\picotorrent\picotorrent.exe () [File not signed]
FirewallRules: [TCP Query User{AB1A27C5-13CE-426E-8B2B-7B05BEA254D2}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{59F187D3-F430-4C10-A3D4-45787CAFD5EB}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3AFA7B89-DBB1-41FF-B8AE-5168BE1CF87E}] => (Allow) E:\Steam\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{AB172A72-5C06-4137-B58C-762CDE59104F}] => (Allow) E:\Steam\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [TCP Query User{8564EB1B-7095-477F-ABAF-539203BB08A1}E:\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) E:\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{7F8E2AA3-DF13-4D32-8303-006EF2FFF269}E:\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) E:\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{FADCCCCC-E913-4A4E-9893-152386E8F385}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1164A0F-EDB3-4E67-9E20-9D3BDC0039EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C42C0BB-A176-4568-BAE5-8CDB94E4C127}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{699BDE64-8EEA-42EF-A19A-80805FA38790}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D81EABE7-6FC0-4E0D-897E-ED668F8333A1}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C474D374-0765-4DF4-A892-FE6074C98B23}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{55E1D175-A848-4992-88BF-CC6BFF6D7756}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{524A2B7A-4136-4E96-A679-3A5AB28A74CE}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C02451FE-2D05-4308-8DE4-207E857B8F56}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{BB573FAF-94BA-48A2-8E49-DEEF4FB67552}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{2B6ABEAD-0B8E-429B-BBE3-B2B418EDAFFE}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{35D223FB-CE69-40E9-9ED7-9691CCA7F3E5}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{D5CB7082-76E8-45F3-8BEE-5F2F1A4B447F}] => (Allow) C:\Program Files\PicoTorrent\PicoTorrent.exe () [File not signed]
FirewallRules: [{687C99F6-93D7-49ED-B335-4EDABF62F0FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA943F12-BA0D-4C30-AEDA-A09B2F68342E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77079DD4-E56F-42E1-823A-8DF7CD56BC42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C14534F-B9DE-4CE9-8C51-4D98331663B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA9ADF97-066B-4296-B7E6-E571C4D1F6C3}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [TCP Query User{AFB3EF00-095F-4504-8C3C-8F91BD323751}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe (Visicom Media Inc.) [File not signed]
FirewallRules: [UDP Query User{F0881BA0-58B7-4A4F-8BB7-533CB6131A20}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe (Visicom Media Inc.) [File not signed]
FirewallRules: [{5F34C2C1-41C3-4E72-AA4C-B15686D15ED5}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{236D4996-0B17-4466-BD41-A16685CF9DF1}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{33F0F3EF-7C6B-4ADA-BBC2-8CDA6B344E02}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{BE2049BA-7356-4A8A-B84F-B3DF695AE734}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{0DF11192-E1EB-48CD-A814-3208DE130A19}] => (Allow) E:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{A2ED98B9-FDA6-4DFF-B61F-DCBF24038E08}] => (Allow) E:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{0B8B9F0F-88E2-45CD-8663-31E0955D2590}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{123B1F78-9009-420D-BF8F-28A5D7BABFCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{141B5B2B-8F32-464A-BEBA-033AEEF00F11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA80D9E4-7267-4574-8BE6-7CD330318C7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B4C7321-EB4F-4654-8FA6-BBE278E43DCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08A583F8-07AC-48AC-B675-51CADC93081F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8218135-8871-4D9E-B619-DEA97CA35C6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD0EEAD4-C6EE-4A49-B25C-EB3A98C41275}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9BD250A-E2B3-4C46-A8E0-7A60C1FC4573}] => (Allow) E:\Steam\steamapps\common\Mafia III\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{67983FFD-5144-452E-900C-1175EBD489F4}] => (Allow) E:\Steam\steamapps\common\Mafia III\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{092C0057-8F37-4F73-A3CB-0958DC34536B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{18542AEB-61D0-42CC-9EB1-D22AF788E1E9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DF9885D-3B03-4C22-86AF-1FE0668F7DFE}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{E70E5F1A-C375-4961-8250-AA5957C8F3FE}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{6399D4F5-3F51-43F2-98E0-509F2287E898}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{3FA52CAB-2E6C-4B0B-B759-7E257060D02C}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{A5564EF2-E607-449A-9F34-1B23DCB5E7FA}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )

==================== Restore Points =========================

11-03-2021 14:37:38 Windows Modules Installer
19-03-2021 15:29:30 Scheduled Checkpoint
28-03-2021 15:00:25 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/27/2021 06:19:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x5958
Čas spuštění chybující aplikace: 0x01d72324fd73f5cf
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: 910ab170-9a19-4921-8a7b-58c50705e27a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2021 09:04:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x3b0
Čas spuštění chybující aplikace: 0x01d7220e4870a0dc
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: 3619fbc5-3973-48c1-a7f1-acdb856c7da9
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2021 08:56:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x569c
Čas spuštění chybující aplikace: 0x01d72143fcf98aa6
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: da2231a8-75da-4a88-80fa-4fe807cad76c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/23/2021 09:54:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x3f04
Čas spuštění chybující aplikace: 0x01d71fb9b7c1156f
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: 689a79dd-45c4-4e90-8464-7cd7ed8ba80b
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/22/2021 11:00:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x2ff8
Čas spuštění chybující aplikace: 0x01d71ef9cd6d05be
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: 01943847-7721-487d-b4e7-7e362c84722f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/22/2021 11:00:09 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (03/21/2021 07:06:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x368c
Čas spuštění chybující aplikace: 0x01d71e748f3d79fb
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: b8618d40-ef24-4498-bf0b-0e2f696b70a6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/19/2021 08:55:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Název chybujícího modulu: ManyCam.exe, verze: 7.7.0.32, časové razítko: 0x5f8ed55b
Kód výjimky: 0xc0000005
Posun chyby: 0x00368e8b
ID chybujícího procesu: 0x4550
Čas spuštění chybující aplikace: 0x01d71c8cd0f93856
Cesta k chybující aplikaci: C:\Program Files (x86)\ManyCam\ManyCam.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ManyCam\ManyCam.exe
ID zprávy: 95c60959-8785-4668-bace-e7917068a9b1
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/28/2021 04:33:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NetLimiter 4 Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ROG Live Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba LGHUB Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restart the service.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ARMOURY CRATE Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restart the service.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba nordvpn-service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (03/28/2021 04:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba VMware USB Arbitration Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.


Windows Defender:
================
Date: 2021-03-28 14:59:22
Description: 
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {27226FE6-7656-42AD-B580-A01FF9AFE62B}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-27 17:55:03
Description: 
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {3BEACCF7-6762-458C-B375-654493D8751C}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-26 11:52:19
Description: 
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {ABD3B2C8-C3B7-44B4-8802-0285D8E494F9}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-25 10:50:40
Description: 
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {C34BDF8B-5ECE-46AE-A826-3A5D535E5CFC}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-23 10:23:17
Description: 
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {C2E7E0E4-238D-4F1E-B612-520D7FEF9FD1}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
﻿
CodeIntegrity:
===============
Date: 2021-02-22 13:56:08
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. GX502GV.308 02/15/2020
Motherboard: ASUSTeK COMPUTER INC. GX502GV
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 29%
Total physical RAM: 32690.29 MB
Available physical RAM: 22936.78 MB
Total Virtual: 37554.29 MB
Available Virtual: 24050.26 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:204.1 GB) (Free:82.99 GB) NTFS
Drive d: (Hentai) (Fixed) (Total:261.64 GB) (Free:93.09 GB) NTFS
Drive e: (Games) (Fixed) (Total:476.67 GB) (Free:122.14 GB) NTFS

\\?\Volume{5d34c9b9-6746-44ce-bc0e-c97f170930a2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: F6D2C73E)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0F662ECB)

Partition: GPT.

==================== End of Addition.txt =======================