VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spotify používáno cizím člověkem, prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=156654

Stránka 1 z 1

Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 21 pro 2019 21:56
od Arcane
Ahoj, v posledních pár týdnech mám problé mse spotify, že mi záhadně hraje hudba na neznámém zařízení. Zkoušel jsem odhlásit všechna spuštěná přihlášení, změnil všude hesla, ale i tak se problém neustále opakuje. Prosím tedy o kontrolu logů, jestli se tam nemůže nacházet něco podezřelého jako například keylogger nebo tak něco. Děkuji a hezké svátky. Níže přikládám logy z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by Arcan (administrator) on ARCANE-PC (21-12-2019 21:54:27)
Running from C:\Users\Arcan\Desktop
Loaded Profiles: Arcan (Available Profiles: Arcan)
Platform: Windows 10 Pro Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe
() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.5.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kristjan Skutta -> ) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Kristjan Skutta -> ) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\wallpaper32.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NZXT, Inc. -> ) C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(Ozone) [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\Monitor.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB -> Spotify Ltd) C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> ) C:\Windows\Temp\nsdF8F5.tmp\TvUpdateInfo.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Ozone Strike Pro Spectra Driver] => C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\Monitor.exe [479232 2017-06-30] (Ozone) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405205\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433155\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405254\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433213\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405280\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433266\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [GoogleChromeAutoLaunch_C5A3A8DAB5AA577136C840E6149900F8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Spotify] => C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Steam] => D:\Arcane\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [EpicGamesLauncher] => "D:\Arcane\Hry\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662912 2019-07-28] (NZXT, Inc. -> NZXT)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [KeepAliveHD] => C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe [463360 2017-05-29] () [File not signed]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Winlogon: [Shell]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [GoogleChromeAutoLaunch_C5A3A8DAB5AA577136C840E6149900F8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [Spotify] => C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [Steam] => D:\Arcane\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [EpicGamesLauncher] => "D:\Arcane\Hry\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662912 2019-07-28] (NZXT, Inc. -> NZXT)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Run: [KeepAliveHD] => C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe [463360 2017-05-29] () [File not signed]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Winlogon: [Shell]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [GoogleChromeAutoLaunch_C5A3A8DAB5AA577136C840E6149900F8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [Spotify] => C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [Steam] => D:\Arcane\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [EpicGamesLauncher] => "D:\Arcane\Hry\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662912 2019-07-28] (NZXT, Inc. -> NZXT)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Run: [KeepAliveHD] => C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe [463360 2017-05-29] () [File not signed]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215433317\...\Winlogon: [Shell]
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-08-02]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0190603A-5242-47FF-AFF9-9DFEFD2D7AA7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {01E21C19-B68D-443C-B6FE-E066D4DF0F2C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02849200-103C-4200-9543-FAAAAA79F0CF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DEB539-CFBA-4F0E-8969-903ED9B2E062} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-10-29] () [File not signed]
Task: {06E48D37-E781-45AC-8C85-3DEB63EAC18F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1DB23B27-2405-4A27-901D-4C980BBB8C93} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {20485FE8-1D7B-4454-810F-3CB94DF65307} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20645CFD-D8E6-4D31-A386-EE4AC868AF06} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A6D710A-02E6-40B0-8C45-555471C44629} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B4F591E-E3AE-4EAE-AA4B-26644C906831} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d49cbd7c8b6cb9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3E68AB35-F419-4E51-800E-C9BB573BDF0C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {3EA1AE8F-3E9F-40AF-B69F-57C0644E1E5D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E7543B8-CD75-4E86-87C6-B7ADA6E8CC74} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {56562D71-3422-42D8-BDE7-3516992E05ED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57178676-E492-4A13-9836-FA396CCC1E6F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {596B115B-CB1E-4756-9FEC-DE2F1853F85B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {64E1CED0-CF73-4642-9860-945B97991512} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {66320CFA-8F41-4271-B3E9-256479139339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {6EB16D80-EA82-426A-84DA-32145013EF7E} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe [344128 2019-07-28] (NZXT, Inc. -> )
Task: {73AB6257-D3E5-404A-80B0-65F5270F87CC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D42BB88-FBF6-409B-B492-2C4BCA332A29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
"C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" was unlocked. <==== ATTENTION
Task: {8DC7B68E-F8CA-417D-912A-0394FED79BE1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97AEA8FF-D9EE-493D-8641-1708585C099E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D214596F-7731-4588-83F4-32347F51AAE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {D341CA44-8066-4466-95D4-40FE5F1625BD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D54FB05B-99C0-4214-B454-41700D06D269} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D88A1B17-30F8-4C5F-84D1-CF9596724E8F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1BDBC2F-D7B3-44E2-9E85-787EA2A5D605} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {ED418824-73A2-4795-BC9C-5ED28E344481} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F8BF733D-A2A7-44B2-9C2B-3C6D8788994B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5beff028-7886-4d80-8624-9d880a1a7664}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66c5e5e9-de68-492b-ac91-d1d0697d8f5f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-09006 ... gsc.page=1
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-09006 ... gsc.page=1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\Arcan\Downloads

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Prezentace) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (BetterTTV) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-12-21]
CHR Extension: (Dokumenty) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Disk Google) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-26]
CHR Extension: (YouTube) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (uBlock Origin) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-30]
CHR Extension: (Augmented Steam) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2019-10-30]
CHR Extension: (FrankerFaceZ) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2018-12-26]
CHR Extension: (Full Page Screen Capture) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-12-01]
CHR Extension: (Tabulky) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (Postman) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2018-12-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-26]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2018-12-26]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-12-21]
CHR Extension: (JetBrains IDE Support) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhgeddbohgjknpmjagkdomcpobmllji [2019-01-26]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2019-10-12]
CHR Extension: (Better Youtube Subscriptions) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgicdngjllamjgijagdkoalhkpplipnd [2018-12-26]
CHR Extension: (Mapy Google) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-12-26]
CHR Extension: (Twitch Now) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-12-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-10-30]
CHR Extension: (Gmail) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR Profile: C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-26]
CHR HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe [415680 2018-09-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [206720 2018-09-05] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [530208 2019-05-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1335744 2018-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-06-22] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 Wallpaper Engine Service; D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [354808 2018-12-11] (Kristjan Skutta -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-10-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-12-21] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34496 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30416 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [14728 2018-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [733472 2019-05-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_eb2e336f678f7f83\nvlddmkm.sys [22744696 2019-12-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-12-21] (Noriyuki MIYAZAKI -> OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 21:54 - 2019-12-21 21:55 - 000057013 _____ C:\Users\Arcan\Desktop\FRST.txt
2019-12-21 21:54 - 2019-12-21 21:55 - 000000000 ____D C:\FRST
2019-12-21 21:53 - 2019-12-21 21:53 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-21 21:52 - 2019-12-21 21:52 - 001883976 _____ (Malwarebytes) C:\Users\Arcan\Desktop\MBSetup.exe
2019-12-21 21:51 - 2019-12-21 21:51 - 002264064 _____ (Farbar) C:\Users\Arcan\Desktop\FRST64.exe
2019-12-21 21:50 - 2019-12-21 21:53 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-20 23:33 - 2019-12-20 23:39 - 000000000 ____D C:\Users\Arcan\AppData\Local\UnravelTwo
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ____D C:\Users\Arcan\AppData\Local\Electronic Arts
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNRAVEL™ two
2019-12-18 18:17 - 2019-12-18 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\Program Files\iTunes
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\Program Files\iPod
2019-12-12 01:10 - 2019-12-12 01:10 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 01:10 - 2019-12-12 01:10 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 01:10 - 2019-12-12 01:10 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000450976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000352512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 011842976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 010167216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000825928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 040511064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 035380104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 017458824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 015027776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 005380744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 002074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001729520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444141.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001567688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001491544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444141.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001482408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001370280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001144944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001064408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000813656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000685800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000659088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000556680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-11-27 00:56 - 2019-11-27 00:56 - 000000430 __RSH C:\ProgramData\ntuser.pol
2019-11-27 00:51 - 2019-11-27 00:51 - 000104064 _____ C:\WINDOWS\system32\energy-report.html
2019-11-27 00:21 - 2019-11-27 00:22 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\KeepAliveHD
2019-11-27 00:21 - 2019-11-27 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeepAliveHD
2019-11-27 00:21 - 2019-11-27 00:21 - 000000000 ____D C:\Program Files (x86)\Megabit
2019-11-23 11:20 - 2019-11-23 11:20 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 21:53 - 2019-08-28 20:45 - 000000000 ____D C:\Users\Arcan\AppData\Local\cache
2019-12-21 21:53 - 2019-08-11 23:02 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-21 21:53 - 2019-08-11 23:02 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-21 21:51 - 2018-12-26 04:10 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\qBittorrent
2019-12-21 21:46 - 2018-12-26 02:17 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Spotify
2019-12-21 21:44 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 21:44 - 2018-12-26 02:18 - 000000000 ____D C:\Users\Arcan\AppData\Local\Spotify
2019-12-21 21:42 - 2018-12-26 02:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-21 21:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 21:24 - 2019-06-23 00:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-21 12:25 - 2018-12-26 01:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-21 12:07 - 2018-12-26 01:28 - 000000000 ____D C:\Users\Arcan\AppData\Local\Packages
2019-12-21 00:34 - 2019-06-23 00:25 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 00:34 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-21 00:34 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-21 00:34 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 00:30 - 2019-01-05 10:06 - 000308736 _____ C:\WINDOWS\SysWOW64\NVAPIHelper.dll
2019-12-21 00:29 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 00:29 - 2018-12-26 03:18 - 000000000 ___RD C:\Users\Arcan\iCloudDrive
2019-12-21 00:29 - 2018-12-26 02:00 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\CAM
2019-12-21 00:29 - 2018-12-26 01:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-21 00:29 - 2018-12-26 01:28 - 000000000 ___RD C:\Users\Arcan\3D Objects
2019-12-21 00:28 - 2019-06-23 00:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 00:28 - 2019-06-23 00:16 - 000442976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-21 00:28 - 2019-03-19 12:59 - 000000000 ____D C:\WINDOWS\OCR
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-21 00:28 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-21 00:27 - 2018-12-26 02:16 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Origin
2019-12-21 00:27 - 2018-12-26 02:16 - 000000000 ____D C:\ProgramData\Origin
2019-12-21 00:27 - 2018-12-26 01:53 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-21 00:26 - 2018-12-26 01:54 - 000000000 ____D C:\Users\Arcan\AppData\Local\Battle.net
2019-12-20 23:31 - 2019-02-09 19:14 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\DS4Windows
2019-12-20 22:34 - 2018-12-26 01:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-20 22:24 - 2018-12-26 02:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-20 22:24 - 2018-12-26 02:18 - 000000000 ____D C:\Program Files (x86)\Origin
2019-12-20 22:24 - 2018-12-26 02:16 - 000000000 ____D C:\Users\Arcan\AppData\Local\Origin
2019-12-19 21:38 - 2018-12-26 01:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 07:31 - 2019-10-03 11:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-17 07:31 - 2019-10-03 11:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-16 21:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-16 21:14 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2019-12-15 19:22 - 2018-12-26 04:19 - 000000000 ____D C:\Users\Arcan\AppData\Local\ElevatedDiagnostics
2019-12-13 21:32 - 2019-06-23 00:21 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 21:32 - 2019-06-23 00:21 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 22:00 - 2018-12-26 01:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 02:34 - 2018-12-26 03:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-12 01:14 - 2018-12-26 03:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 01:12 - 2018-12-26 03:15 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-09 20:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-09 19:45 - 2018-12-27 00:01 - 000000000 ____D C:\Users\Arcan\AppData\Local\CrashDumps
2019-12-08 18:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-08 13:19 - 2018-12-26 02:14 - 000000000 ____D C:\Users\Arcan\AppData\Local\LogMeIn Hamachi
2019-12-08 13:17 - 2019-07-13 17:06 - 000000000 ____D C:\temp
2019-12-08 13:16 - 2018-12-26 01:39 - 000000000 ____D C:\Users\Arcan\AppData\Local\NVIDIA
2019-12-07 20:57 - 2018-12-26 03:28 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\TS3Client
2019-12-07 00:22 - 2018-12-26 02:18 - 000000000 ____D C:\Users\Arcan\AppData\Local\D3DSCache
2019-12-04 19:33 - 2018-12-26 02:52 - 000000000 ____D C:\Users\Arcan\AppData\LocalLow\noio
2019-12-04 18:36 - 2018-12-26 04:24 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-03 21:33 - 2019-09-12 18:51 - 004937792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-03 21:33 - 2019-09-12 18:51 - 004205784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-01 14:19 - 2018-12-26 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-11-27 21:47 - 2018-12-26 02:52 - 000000000 ____D C:\Users\Arcan\Documents\my games
2019-11-27 19:20 - 2019-06-23 00:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-27 00:55 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-11-27 00:19 - 2019-02-16 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2019-11-25 00:15 - 2019-10-16 23:27 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2019-11-25 00:15 - 2019-10-16 23:27 - 000032768 _____ C:\ProgramData\Documents\crash_dump.bin
2019-11-21 01:56 - 2019-09-12 18:51 - 000056258 _____ C:\WINDOWS\system32\nvinfo.pb

==================== Files in the root of some directories ========

2018-12-26 04:23 - 2018-11-07 11:45 - 000000033 _____ () C:\Users\Arcan\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 04:23 - 2015-08-09 15:21 - 000001006 _____ () C:\Users\Arcan\AppData\Roaming\ARCANE-PC.MTBF.txt
2018-12-26 04:23 - 2019-01-27 14:04 - 000000009 _____ () C:\Users\Arcan\AppData\Roaming\update.dat
2018-12-26 04:23 - 2016-06-26 21:03 - 000003320 _____ () C:\Users\Arcan\AppData\Roaming\VoiceMeeterDefault.xml
2018-12-26 04:23 - 2019-07-25 22:10 - 000000600 _____ () C:\Users\Arcan\AppData\Roaming\winscp.rnd
2018-12-26 04:24 - 2015-08-04 20:00 - 000000004 _____ () C:\Users\Arcan\AppData\Roaming\Microsoft\notaut.txt
2018-12-26 03:47 - 2018-12-26 03:47 - 000000410 _____ () C:\Users\Arcan\AppData\Local\oobelibMkey.log
2018-12-26 04:19 - 2018-09-23 14:40 - 000000600 _____ () C:\Users\Arcan\AppData\Local\PUTTY.RND
2018-12-26 04:19 - 2017-12-10 16:53 - 000007605 _____ () C:\Users\Arcan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 21 pro 2019 21:56
od Arcane
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by Arcan (21-12-2019 21:55:45)
Running from C:\Users\Arcan\Desktop
Windows 10 Pro Version 1909 18363.535 (X64) (2019-06-22 23:21:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1894648835-3668780281-2537145207-500 - Administrator - Disabled)
Arcan (S-1-5-21-1894648835-3668780281-2537145207-1001 - Administrator - Enabled) => C:\Users\Arcan
DefaultAccount (S-1-5-21-1894648835-3668780281-2537145207-503 - Limited - Disabled)
Guest (S-1-5-21-1894648835-3668780281-2537145207-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1894648835-3668780281-2537145207-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activision(R) (HKLM-x32\...\{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.2.476 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AirServer Universal (x64) (HKLM\...\{49B2226A-F75F-4B23-924C-B220B27837AC}) (Version: 5.5.4 - App Dynamic)
Aktualizace NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{a287c686-e02e-4d5a-8e7b-4e1da1c906dd}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{ae175b21-505d-4f2f-bc21-4a07415e8b7d}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{d24837ba-2990-457b-bb70-b72614e03845}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{6121958f-8f20-44ab-b168-5fb4c336866d}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.02.43 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{ddf1d23c-e505-47e4-8108-60af9b29a845}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{84f71ba0-a021-48b9-ab12-4990572f697b}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{be8aef12-2bc5-4b18-90c4-75276c3eb3a1}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{a020e026-ac75-4f13-9b0b-bb4d8ccc1dc7}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - ASUSTeK Computer Inc.) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.22 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.21 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{abb56118-25ed-4613-b3c7-c36bb1695c67}) (Version: 1.0.21 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.02.56 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{11dd84be-e66c-4593-90cc-5910d68d0ce5}) (Version: 3.02.56 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CAM (HKLM-x32\...\{E382606E-FA6F-4503-8237-15F4F18507FE}) (Version: 3.7.8 - NZXT)
Control (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Control) (Version: - HOODLUM)
Control (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Control) (Version: - HOODLUM)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{6f09b03f-dfb3-4bfc-be78-e7e5b00f2182}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 3.65.012019.06 - Crucial)
Crucial Storage Executive (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Crucial Storage Executive 3.60.082018.04) (Version: 3.65.012019.06 - Crucial)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Devil May Cry 5 (HKLM-x32\...\Devil May Cry 5_is1) (Version: - )
Discord (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Discord) (Version: 0.0.305 - Discord Inc.)
Drum Controller Standard Tuning Kit (HKLM-x32\...\InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision)
EaseUS Partition Master 13.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
iCloud (HKLM\...\{4E727621-3550-4CE0-883E-F27D7D7E0D2C}) (Version: 7.16.0.15 - Apple Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{65D2540A-990F-45BC-AF4C-482488F457E4}) (Version: 12.10.3.1 - Apple Inc.)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
KeepAliveHD 1.6.2 beta (HKLM-x32\...\{8623BFAD-9E79-4188-9EB4-9740CEDD3B44}_is1) (Version: - Megabit d.o.o.)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{c43fd2d2-c80f-48c7-95e2-1986bd0922e8}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
K-Lite Mega Codec Pack 15.2.3 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.3 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Observation (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Observation) (Version: - HOODLUM)
Observation (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Observation) (Version: - HOODLUM)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Outer Wilds (HKLM-x32\...\Outer Wilds_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.41 - NVIDIA Corporation) Hidden
Ozone Strike Pro Spectra Driver (HKLM-x32\...\{DC3EFC41-ADF9-438F-83E8-0CC8BA7A68D4}) (Version: 1.0 - OZONE)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
qBittorrent 4.1.8 (HKLM-x32\...\qBittorrent) (Version: 4.1.8 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.22.3 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8666 - Realtek Semiconductor Corp.)
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - )
Spotify (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Spotify (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer)
The Dark Pictures Anthology Man of Medan (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\The Dark Pictures Anthology Man of Medan) (Version: - HOODLUM)
The Dark Pictures Anthology Man of Medan (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\The Dark Pictures Anthology Man of Medan) (Version: - HOODLUM)
The Surge 2 (HKLM-x32\...\The Surge 2_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.22.0.0 - GOG.com)
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 78.1 - Ubisoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.15.3 (HKLM-x32\...\winscp3_is1) (Version: 5.15.3 - Martin Prikryl)
Wolfenstein II The New Colossus (HKLM-x32\...\Wolfenstein II The New Colossus_is1) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-17] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.5.0_x86__1sdd7yawvg6ne [2019-10-24] (File-New-Project) [Startup Task]
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-11-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-27] (Thumbmunkeys Ltd) [MS Ad]
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2019-11-09] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B8BE80EAB5B0} -> [Creative Cloud Files] => C:\Users\Arcan\Creative Cloud Files [2018-12-26 03:58]
CustomCLSID: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-12-09] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop

==================== Loaded Modules (Whitelisted) =============

2018-10-19 17:59 - 2018-10-19 17:59 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\cpuutil.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 001955328 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\ffmpeg.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 000017920 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\libegl.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 003687936 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\libglesv2.dll
2018-12-26 02:45 - 2016-09-21 16:03 - 000061440 _____ () [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\hiddriver.dll
2018-12-26 02:45 - 2016-09-30 16:49 - 000057344 _____ () [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\lan.dll
2018-08-29 16:19 - 2018-08-29 16:19 - 000223232 _____ () [File not signed] C:\Program Files\ASUS\AacOdd\AacOddHal_x86.dll
2018-09-07 00:29 - 2018-09-07 00:29 - 000202752 _____ () [File not signed] C:\Program Files\ASUS\AacTerminalHal\AacStripBusHal_x86.dll
2018-09-26 16:01 - 2018-09-26 16:01 - 001780736 _____ () [File not signed] C:\Program Files\ASUS\AacVGAHal\Vender.dll
2018-09-26 23:27 - 2018-09-26 23:27 - 000857600 _____ () [File not signed] C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-07-02 19:24 - 2018-07-02 19:24 - 000233984 _____ () [File not signed] C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-10-08 23:39 - 2018-10-08 23:39 - 000243712 _____ () [File not signed] C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2018-05-16 10:54 - 2018-05-16 10:54 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000114176 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_ctypes.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000173056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_elementtree.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001808896 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_hashlib.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000032256 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_multiprocessing.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000046080 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_psutil_windows.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000047616 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_socket.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 002241024 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_ssl.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000026112 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\_yappi.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000080896 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\bz2.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000016384 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\common.time34.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000007680 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\hashobjs_ext.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000301568 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\PIL._imaging.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000169472 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\pyexpat.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001084416 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\pysqlite2._sqlite.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000548864 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\pythoncom27.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000137728 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\pywintypes27.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000010752 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\select.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000020992 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\thumbnails_ext.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000689664 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\unicodedata.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000119808 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\usb_ext.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000128512 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32api.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000438784 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32com.shell.shell.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000011776 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32crypt.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000023040 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32event.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000149504 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32file.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000223232 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32gui.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000048128 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32inet.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000029696 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32pdh.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000027648 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32pipe.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000044032 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32process.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000020480 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32profile.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000136192 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32security.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000026624 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\win32ts.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000034816 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\windows.conditional.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000038400 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\windows.connectivity.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000071680 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\windows.device_monitor.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000109056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\windows.volumes.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000020480 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\windows.winwrap.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001325056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._controls_.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001489408 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._core_.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001007104 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._gdi_.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000103424 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._html2.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 000916992 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._misc_.pyd
2019-12-21 00:29 - 2019-12-21 00:29 - 001039872 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wx._windows_.pyd
2019-11-20 00:08 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] D:\Arcane\Steam\bin\mssmp3.asi
2019-11-20 00:08 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] D:\Arcane\Steam\bin\mssvoice.asi
2018-09-26 17:57 - 2018-09-26 17:57 - 001932800 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUS\AacVGAHal\LED_DLL_forMB.dll
2018-09-26 18:05 - 2018-09-26 18:05 - 000074752 _____ (ASUSTek) [File not signed] C:\Program Files\ASUS\AacVGAHal\AacVgaHal.dll
2019-07-24 23:00 - 2019-12-21 00:29 - 001431552 _____ (CPUID) [File not signed] C:\Program Files (x86)\NZXT\CAM\DLLs\cpuidsdk.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2018-05-16 10:46 - 2018-05-16 10:46 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 017861632 _____ (Node.js) [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\node.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\python27.dll
2019-11-20 00:08 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] D:\Arcane\Steam\bin\mss32.DLL
2019-11-20 00:08 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] D:\Arcane\Steam\bin\mssdsp.flt
2019-07-24 23:00 - 2019-07-24 23:00 - 001246208 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\NZXT\CAM\x86\SQLite.Interop.dll
2019-07-24 23:00 - 2019-07-24 23:00 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\NZXT\CAM\DLLs\SiUSBXp.dll
2018-12-26 02:42 - 2019-08-25 19:55 - 000776704 _____ (Tabibito Technology) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll
2018-09-26 17:54 - 2018-09-26 17:54 - 001629184 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\AacVGAHal\VGA_Extra.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxbase30u_net_vc90_x64.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxbase30u_vc90_x64.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxmsw30u_adv_vc90_x64.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxmsw30u_core_vc90_x64.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxmsw30u_html_vc90_x64.dll
2019-12-21 00:29 - 2019-12-21 00:29 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI74762\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-04 10:07 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-03-02 16:59 - 2019-03-02 16:59 - 000000516 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.247 android-8fd0bcca25494f49.mshome.net # 2019 3 6 9 15 59 22 104
192.168.137.1 Arcane-PC.mshome.net # 2024 2 4 29 15 59 22 104

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Crucial\Crucial Storage Executive;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405254\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405280\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arcan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\Control Panel\Desktop\\Wallpaper -> C:\Users\Arcan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12212019215405319\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{1E1111C5-A300-459D-873A-7D85CA4B65F5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe () [File not signed]
FirewallRules: [{747CA492-CBE3-4194-AA62-891454479A7C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe () [File not signed]
FirewallRules: [{45846334-8726-4A28-B944-C4650ED530AA}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{724FB028-4BC6-4BB1-9EC0-CFB709AF5677}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{BAE17B5B-0B79-43A6-8E26-88F60DFAB686}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{6B163AE5-FFE9-47E5-8D3A-62E4149A12DA}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{849F8F0D-9F1F-4057-BB17-752F9F1B476D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{5E0B7C82-C42B-456C-B9A3-0F485D0AC498}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{17B1FC18-6824-47A6-954C-2AF927AA0683}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{97B97B00-A35B-42A0-B77B-0A6A6251FBB0}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{3C8DCC3F-25C8-4188-88CC-31123BF9D284}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{D402EA3E-D9F0-4F18-8242-025E20F147C1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{19B2EFBB-78A8-4C8E-9E08-9AF74A29AFAD}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe () [File not signed]
FirewallRules: [{DB6CAE4E-6079-44DB-8630-1301A175435C}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe () [File not signed]
FirewallRules: [UDP Query User{C56D9916-8DD2-409D-883A-703948AF28ED}D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{6A585ECC-3A09-4CA9-8BBA-D21F08E76FE8}D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{73C70C68-84A1-4B65-94C2-BDFC6B8B5C1B}] => (Allow) D:\Arcane\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{B5E61519-2591-4199-A7C1-68291AE9AAA2}] => (Allow) D:\Arcane\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [UDP Query User{8E39C85C-A356-4F18-BFFA-557F9FAA4C3F}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{A8B908F9-4766-4672-B6B7-4127B15030D6}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{BE556FD4-5334-4A2B-B279-3DC6D2157618}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{44F5014C-D500-4D3A-913C-A1C9FD3498A2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{DE9CB9EE-9D50-4BF2-BCC0-2796F114659F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe (Crystal Shard ) [File not signed]
FirewallRules: [{D5C60194-F8D0-495F-8512-E02D4D7E1E43}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe (Crystal Shard ) [File not signed]
FirewallRules: [{F83CFB91-7E47-4F64-9F72-694842A6CC28}] => (Allow) D:\Arcane\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{A667AD5C-E5E5-4881-81CD-737CB36B52FF}] => (Allow) D:\Arcane\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{259EEEC7-D35A-4F95-8607-3A265F42F351}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [TCP Query User{A710C5C4-7FC2-4A20-B91F-8705093B8036}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [{CF7FF94B-F03C-4C60-BE92-25213CC312C5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe (Experimental Gameplay Group LLC) [File not signed]
FirewallRules: [{C1584D69-2248-4572-839F-DDC2C133F942}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe (Experimental Gameplay Group LLC) [File not signed]
FirewallRules: [{393B14A2-6FFF-489A-9406-502C03063221}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf)
FirewallRules: [{F9DC308F-46FD-49F3-8174-723A740E5F69}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf)
FirewallRules: [{C67D1330-8AC8-4ECB-B0EB-237818FED3CC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 3\trine3_launcher.exe () [File not signed]
FirewallRules: [{2DF5A6CB-E997-407A-B61F-03D6BEF9C8ED}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 3\trine3_launcher.exe () [File not signed]
FirewallRules: [{0957E3C7-20E7-48A1-9EAA-270F76BD220F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe () [File not signed]
FirewallRules: [{56B89990-A718-4D8D-92EC-D873E6891626}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe () [File not signed]
FirewallRules: [{4972E19A-EA38-4A72-8E72-173704FBF878}] => (Allow) D:\Arcane\Steam\SteamApps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{2218B51A-E178-49A3-B9D8-B51E37161832}] => (Allow) D:\Arcane\Steam\SteamApps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{2FE277E3-3448-4D25-B86A-B1DEAE21F737}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{0B7D3F7B-0E1E-4CC8-916F-9DA7289734CE}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{594D5BDD-B2B2-42B5-81EE-8E3555C13CD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{C473B945-D020-4D13-8629-DB7EDE2F2458}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{EA46C27A-F11A-42EB-BC25-E7467D26880D}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{E7A2A473-F50F-4121-B5B5-7CA64FF289DE}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{B41D6077-3AE8-49B5-AB82-1ACAEEF1D79A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [File not signed]
FirewallRules: [{FB5BBECE-0A18-4022-9106-DC1AD1701926}] => (Allow) D:\Arcane\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [File not signed]
FirewallRules: [{49EBE8D7-0CA3-4632-99C5-AFC3A188DC05}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [{0AC8C291-84EE-4D0B-99D6-B0BE3EAC6335}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [{E4747BB1-6890-4D73-AA37-90209A2201E6}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{96E624AD-6E93-41C2-830B-8DB48A21051A}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{484C3DF5-DF53-4E15-82ED-C5D7EC96E6E6}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{5019D6DB-28B1-48C5-8ED5-0A344CECF980}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{BAD88EE4-0434-4EFD-81F0-EEE0C3987919}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe () [File not signed]
FirewallRules: [{ACE20442-747C-4B59-839B-1EC607003166}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe () [File not signed]
FirewallRules: [{8F3B9B00-0E9F-47C9-BEA1-36F6A1D45570}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{857BAB35-6EC5-4DC4-A347-6F621FDEACC6}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{64B06AE8-BFC7-4F2F-A833-946CDA0143EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [{03B7638B-F7A3-427F-8F30-1AEFAD365545}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [{B7237327-B7FF-4296-9B6F-BB5E48FB5E81}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe (sparsevector) [File not signed]
FirewallRules: [{4274B2E6-4454-4096-9236-A85CB2245C1D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe (sparsevector) [File not signed]
FirewallRules: [{4C46CA63-3968-48E3-90D8-D98DA266CD38}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{E3008F32-2885-4DEE-8468-58E542A17629}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [UDP Query User{F80729AF-5DF5-475A-9462-A042F0348F41}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{CD499DA3-18CA-45EC-89F2-9E49FAB1EAA9}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [{0C9A8D62-3229-47C5-A9DD-0CD37244DA5C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe () [File not signed]
FirewallRules: [{96A22DA6-946C-4C79-9EC1-03581F141B14}] => (Allow) D:\Arcane\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe () [File not signed]
FirewallRules: [{D0C25DE7-9878-4BC3-ACE8-0DF6EDAFCCF4}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{E5B4746B-265C-4505-8CCB-6B434E9F1106}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{1E912ED7-9F1C-41C5-8A8A-BCA7F8E2F36C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Sonic Mania\SonicMania.exe () [File not signed]
FirewallRules: [{6E75BF5B-3B97-4753-8396-FB6C3C642635}] => (Allow) D:\Arcane\Steam\SteamApps\common\Sonic Mania\SonicMania.exe () [File not signed]
FirewallRules: [{3D7F4ADD-1CF8-4253-87E8-A6439824EBBC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{A099DF98-305A-4A6C-8C74-E3F9AF565F37}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{157E4B70-D0CF-41BB-85DB-20D7809FDD5F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Abalone\Abalone.exe () [File not signed]
FirewallRules: [{34A47A80-064D-4149-954F-49A4C56A338B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Abalone\Abalone.exe () [File not signed]
FirewallRules: [{97B2B4F0-AB19-4EBB-8069-A08E0D9C64FA}] => (Allow) D:\Arcane\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{C97E2789-4702-4CFD-AE9B-F0CABE32659D}] => (Allow) D:\Arcane\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{97DA9EB7-6145-4048-B6B8-D58B8F115BDE}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{AFF9213D-6F5F-436A-98AD-B557063F629C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{5A3790BB-509C-49D2-B943-EC5033C9F333}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{6E59AD2A-0D1F-42C0-9AEB-792858494A21}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{339DD349-7152-402B-AE16-DF7733FBE0BB}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{EF44FF8D-0021-4A2F-9DC5-B94CC1CDFA17}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{2CFC01E7-0147-4651-9E92-79B7214E5993}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{6BDFE8A5-852E-4502-8149-14E2F7FDC295}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{C2BFE895-BCB4-4F51-87C1-5303FF582A8B}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe () [File not signed]
FirewallRules: [{6F73AC84-B7D8-4057-8E0A-1916F8C7AAFC}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe () [File not signed]
FirewallRules: [{F10D1966-61B7-4A55-AD3A-5D43C23C14E0}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{1F60C49C-BD53-4734-8A38-907251FC2041}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{48B5318E-B0D3-446B-856B-E6AF6560B5CB}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe () [File not signed]
FirewallRules: [{D33E9147-1184-484A-928A-5301EC2B3A52}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe () [File not signed]
FirewallRules: [{904C72EF-EF1C-4834-A2CC-4668734B3C8F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{0DC9FA5C-6B6D-4A22-B61C-F4FBC95AAB88}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{E9472C0A-73F4-4110-868C-1EA4032F0BB1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6B063960-488F-4F96-BC83-8EB446841C07}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{0ACCA807-DCEE-4815-8DDA-B55B40CBD25B}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5FC588E2-338B-4231-ACA9-07E11A33DDB6}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45A64368-311D-452A-BCBF-CA014BDFD30B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Despotism 3k\Despotism3k.exe () [File not signed]
FirewallRules: [{A16754BB-E688-4504-9B26-FD28CF5CB41D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Despotism 3k\Despotism3k.exe () [File not signed]
FirewallRules: [{93A92754-1FBF-4BE3-8E88-DF6F3A8EC52D}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{FB5793E0-16AF-41CF-83F6-D7D11FB99A23}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{2081CE2E-AFC2-429B-A1F0-FFAC5894092F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Hexagon\superhexagon.exe () [File not signed]
FirewallRules: [{03D44434-2C2A-4B9F-960A-28A11CDC22EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Hexagon\superhexagon.exe () [File not signed]
FirewallRules: [{2E10007C-0823-4C44-8ECC-7DD13D631248}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E2871393-D758-421F-9A5D-9B1EB61D0178}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4F52FAE3-4F0B-43C0-BCA7-B617C22E7D7E}] => (Allow) D:\Arcane\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{37419347-081D-4D21-AEE3-30489406F5EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [UDP Query User{69665FE5-9CAD-4714-AFAE-C3E25EC23BB8}D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe] => (Allow) D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe (IO INTERACTIVE A/S -> )
FirewallRules: [TCP Query User{A8CE78F9-D1A3-4841-A7D3-523F3BDBADA7}D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe] => (Allow) D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{4C4D56EA-2165-4ED8-9C26-D707172253B2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe () [File not signed]
FirewallRules: [{B8B65E83-77AD-486E-BB09-05B91F65049A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe () [File not signed]
FirewallRules: [UDP Query User{FBED4EBD-B1E2-4768-9A32-E516CE5788E9}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [TCP Query User{C60BB4E1-568A-4761-955C-BA5FD9C59BF8}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [UDP Query User{0C837794-0533-4AEE-97BE-ACFC746B55A4}D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe] => (Allow) D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe No File
FirewallRules: [TCP Query User{A3C51388-4960-4C6E-9968-19B04CADDBBA}D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe] => (Allow) D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe No File
FirewallRules: [{FA4D4784-7BCC-4A36-97CC-85267B900DB4}] => (Allow) C:\Users\Arcan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCFB492C-FCEE-40B3-872C-AD9D08E9C3CF}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{E3777C11-6906-44B9-B3A2-F1595B63921F}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{31DEA43E-0EA9-43EC-8A47-A43376C0B37C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{14E0152D-DCD7-45A2-B8A6-08A2D957E157}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{523BE7E2-DB4B-4B8B-9184-5B0A43A83077}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A0AD3C1A-B0F5-4198-808F-D490A3109800}] => (Allow) D:\Arcane\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3EC03A37-4217-41FD-8239-CD08E90A3C26}] => (Allow) D:\Arcane\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{772354A6-D4A2-4403-B4E8-EF0E4206152F}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{28CE2EC7-4283-4C54-9F37-B5797E308507}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{175E211D-FD17-4B6E-A9A3-34D21ED39B83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{451D88CB-28AA-4395-9562-2E96BBE76AAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D89F9622-EF59-4E35-88E1-2076A9B0796B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C5C999A-D277-4E29-885E-F4D7E74CE871}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CC368B4-2B14-4E62-A15C-E598ED124827}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{7316D4BC-2945-4EDF-BD4B-BA29746D016D}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{2D219D27-911B-43DE-945C-52F936A6AF1B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{BDFC8E33-5C93-496C-A16F-9AB2470D0158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12764E3C-5B42-4904-B7AE-1E73F80917FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0FEC6955-CDD3-48CC-8F90-9A17D4A39C5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8BA4725-04DC-4D83-BACF-71DD57DDB897}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E13C22F-C4C0-4415-89A8-F5832928FA13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5137595F-FFFF-47A6-99ED-9A804E091A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{104236DC-A4F7-4D8E-B3F3-A7EBAC23E9BD}D:\arcane\hry\overwatch\_retail_\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{000D1D34-8EC2-4838-9C32-E65B330351DF}D:\arcane\hry\overwatch\_retail_\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C6721047-E505-4000-B6B0-52BAD82A1B2E}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{4DA344E8-917D-4177-94C2-45936D0A3027}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{2A22FAF4-9D1C-4CA8-BB85-93A7C39A1B42}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{8093AB61-6EE0-450E-981B-505E9D9C99D7}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{799FFC5C-10FB-4686-902F-B92A07653263}] => (Allow) LPort=38518
FirewallRules: [{4DB3711C-446A-48DB-B8B7-01D99720F9AA}] => (Allow) LPort=9142
FirewallRules: [{5D24ED18-76DB-44EB-AF9E-5B3F674D4547}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{EF7E490F-EB48-404F-80A1-FA0FF612471C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{4676E5B7-E253-4B6D-9901-5BC3F4A72ABA}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{8E08330D-71CE-44B6-BB6F-B6181B1213EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{133024F1-A578-4657-A2E6-244A2B81C884}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{DDDE7BF4-6A3F-4BD3-852D-D285CD48024A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{3A37F3C3-7864-4BED-B0CA-C28D26B2DA6E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{8FC70952-BB41-49C9-B78B-4465F3BBC49A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [TCP Query User{4053F1F5-BC16-446D-9EF4-FA279DA5292C}D:\arcane\hry\rayman origins\rayman origins.exe] => (Allow) D:\arcane\hry\rayman origins\rayman origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{1FAEB7A2-280F-4BB0-A0DF-8974A8CF174F}D:\arcane\hry\rayman origins\rayman origins.exe] => (Allow) D:\arcane\hry\rayman origins\rayman origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{62344576-1617-4ED2-8532-A571F0E4CFDF}D:\arcane\hry\the surge 2\bin\thesurge2.exe] => (Allow) D:\arcane\hry\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [UDP Query User{703086F3-7A20-4DFC-9BD9-5CF87C2C06B3}D:\arcane\hry\the surge 2\bin\thesurge2.exe] => (Allow) D:\arcane\hry\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [{2AD46D53-31C3-4D3D-B47A-7F19F784FAB8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{41D7D4BE-0171-4CF6-923E-CA896073AC9A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{1461268A-9CEB-4FE1-8CA4-2DDB1CBC36F6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E7C051F5-B139-4D95-9DD7-8FF5A5ABF862}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{67BF0A24-2DF3-4FE9-8980-9D6A74F7A044}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{440A8A11-FAA8-4913-8D8E-C14F495EACE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EC6E40F-A8D6-4E8B-BC72-018DBD14AEE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6AC7D690-AF10-4379-AE26-B6214E6832EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5FC4F0F1-4298-4380-BB3C-EF7C5F000392}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{7DF780C3-D4F6-4C04-B60F-09CEB43AF75F}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{A0B4EEEE-7879-42B1-B520-97FBE8C779D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F591B3A-3223-457A-97ED-40CE5CD5E22A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6DC42AE8-48D5-46A1-A853-8199B66BA2AD}D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{AD79C7F6-A2C5-44B1-A134-4C068251AAF5}D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{EAB572D5-2526-45A9-BD3D-245418FD4730}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{264B3037-6B8E-454B-96ED-480AAF951977}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DD1D0F9-C383-4769-9B2D-3C35A11024EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5AC9E9C4-856B-4718-81D8-21654EC30DD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom Two Crowns\KingdomTwoCrowns.exe () [File not signed]
FirewallRules: [{C428C368-85EE-4A6F-B0E1-1CA9EB12097B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom Two Crowns\KingdomTwoCrowns.exe () [File not signed]
FirewallRules: [{D2CABC3D-0830-4051-9C85-ED86D2BC46A2}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2C87BE7B-EE7C-46D7-8FD2-50E30B6F4E5B}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{D7ECCBBA-7172-4770-B229-6D94C1A78237}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{A4F1ED6C-E255-4DAE-849F-B756759B4918}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{5CD0C151-683F-49F3-B9ED-7B8DAF99A60E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{628CFC64-A249-4089-900E-59A64EAEF97B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{CA9A24E9-8556-46C7-B595-FCAFE6454436}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{1E1A13E0-E84F-42FD-B13B-97A4BC69B632}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5227A7A0-7ADC-4776-9946-E4309447BD4A}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{D1A67E69-192E-4BF3-AA5A-7B63F344F012}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{5E1F93A4-39C9-458B-9DB0-7B98B0333E52}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{7FEE8323-1DF0-41D4-BDAC-ACF6A392DCAC}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{B902F99D-D2B6-419C-A4C1-7500948A8469}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{1256D445-24C4-4AAF-86DA-C8A8CC66829C}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{55C2C767-9EB1-425F-BA87-656DA677DD91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7062E038-D618-4243-B421-B7AC163EE547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D59DFF6-1A76-4E90-9F3A-20A312B92A4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8FA8B7F3-C55A-4674-9244-A45BA87A8D37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

20-12-2019 22:33:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
20-12-2019 22:33:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2019 09:51:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (24160,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 09:40:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1508,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 09:13:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4960,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 08:45:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 08:13:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 08:05:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 07:11:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20576,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 06:13:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10540,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/21/2019 12:29:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2019 12:28:35 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (12/21/2019 12:27:57 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2019 12:27:57 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2019 12:27:56 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2019 12:27:51 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2019 12:27:51 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2019 12:27:51 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-12-21 21:56:02.283
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-21 21:56:02.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-21 21:56:02.200
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-21 21:56:02.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-21 21:54:08.253
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-21 21:54:08.250
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\WinSCP\DragExt64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-21 21:52:39.371
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-21 21:52:39.369
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 10/29/2018
Motherboard: ASUSTeK COMPUTER INC. PRIME Z370-A
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 53%
Total physical RAM: 16319.88 MB
Available physical RAM: 7540.72 MB
Total Virtual: 27071.88 MB
Available Virtual: 10698.44 MB

==================== Drives ================================

Drive c: (Savitar) (Fixed) (Total:237.87 GB) (Free:48.09 GB) NTFS
Drive d: (Amun) (Fixed) (Total:1863.01 GB) (Free:348.13 GB) NTFS
Drive e: (Soteria) (Fixed) (Total:3725.9 GB) (Free:2827.77 GB) NTFS
Drive f: (Horus) (Fixed) (Total:931.51 GB) (Free:161.51 GB) NTFS

\\?\Volume{1b5db080-40ed-41fc-9b07-e8e0aa9c5b40}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{87f9f223-5ccc-44ce-86bf-754e8c788fd0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 21 pro 2019 22:00
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 21 pro 2019 23:39
od Arcane
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-21-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Arcan\AppData\Roaming\chportu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1368 octets] - [21/12/2019 23:36:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 11:17
od Rudy
Dejte nové logy FRST+Addition.

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 13:47
od Arcane
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by Arcan (administrator) on ARCANE-PC (22-12-2019 13:47:54)
Running from C:\Users\Arcan\Desktop
Loaded Profiles: Arcan (Available Profiles: Arcan)
Platform: Windows 10 Pro Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.5.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kristjan Skutta -> ) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Kristjan Skutta -> ) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\wallpaper32.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NZXT, Inc. -> ) C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NZXT, Inc. -> NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(Ozone) [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\Monitor.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Arcane\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Ozone Strike Pro Spectra Driver] => C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\Monitor.exe [479232 2017-06-30] (Ozone) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [GoogleChromeAutoLaunch_C5A3A8DAB5AA577136C840E6149900F8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Spotify] => C:\Users\Arcan\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [Steam] => D:\Arcane\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [EpicGamesLauncher] => "D:\Arcane\Hry\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662912 2019-07-28] (NZXT, Inc. -> NZXT)
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Run: [KeepAliveHD] => C:\Program Files (x86)\Megabit\KeepAliveHD\KeepAliveHD.exe [463360 2017-05-29] () [File not signed]
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Winlogon: [Shell]
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-08-02]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0190603A-5242-47FF-AFF9-9DFEFD2D7AA7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {01E21C19-B68D-443C-B6FE-E066D4DF0F2C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02849200-103C-4200-9543-FAAAAA79F0CF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DEB539-CFBA-4F0E-8969-903ED9B2E062} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-10-29] () [File not signed]
Task: {06E48D37-E781-45AC-8C85-3DEB63EAC18F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1DB23B27-2405-4A27-901D-4C980BBB8C93} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {20485FE8-1D7B-4454-810F-3CB94DF65307} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20645CFD-D8E6-4D31-A386-EE4AC868AF06} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A6D710A-02E6-40B0-8C45-555471C44629} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B4F591E-E3AE-4EAE-AA4B-26644C906831} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d49cbd7c8b6cb9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3E68AB35-F419-4E51-800E-C9BB573BDF0C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {3EA1AE8F-3E9F-40AF-B69F-57C0644E1E5D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E7543B8-CD75-4E86-87C6-B7ADA6E8CC74} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {56562D71-3422-42D8-BDE7-3516992E05ED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57178676-E492-4A13-9836-FA396CCC1E6F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {596B115B-CB1E-4756-9FEC-DE2F1853F85B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {64E1CED0-CF73-4642-9860-945B97991512} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {66320CFA-8F41-4271-B3E9-256479139339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {6EB16D80-EA82-426A-84DA-32145013EF7E} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe [344128 2019-07-28] (NZXT, Inc. -> )
Task: {73AB6257-D3E5-404A-80B0-65F5270F87CC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D42BB88-FBF6-409B-B492-2C4BCA332A29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8DC7B68E-F8CA-417D-912A-0394FED79BE1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97AEA8FF-D9EE-493D-8641-1708585C099E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D214596F-7731-4588-83F4-32347F51AAE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {D341CA44-8066-4466-95D4-40FE5F1625BD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D54FB05B-99C0-4214-B454-41700D06D269} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D88A1B17-30F8-4C5F-84D1-CF9596724E8F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1BDBC2F-D7B3-44E2-9E85-787EA2A5D605} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {ED418824-73A2-4795-BC9C-5ED28E344481} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F8BF733D-A2A7-44B2-9C2B-3C6D8788994B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5beff028-7886-4d80-8624-9d880a1a7664}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66c5e5e9-de68-492b-ac91-d1d0697d8f5f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-09006 ... gsc.page=1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\Arcan\Downloads

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default [2019-12-22]
CHR Extension: (Prezentace) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (BetterTTV) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-12-21]
CHR Extension: (Dokumenty) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Disk Google) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-26]
CHR Extension: (YouTube) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (uBlock Origin) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-30]
CHR Extension: (Augmented Steam) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2019-10-30]
CHR Extension: (FrankerFaceZ) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2018-12-26]
CHR Extension: (Full Page Screen Capture) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-12-01]
CHR Extension: (Tabulky) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (Postman) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2018-12-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-26]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2018-12-26]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-12-21]
CHR Extension: (JetBrains IDE Support) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhgeddbohgjknpmjagkdomcpobmllji [2019-01-26]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2019-10-12]
CHR Extension: (Better Youtube Subscriptions) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgicdngjllamjgijagdkoalhkpplipnd [2018-12-26]
CHR Extension: (Mapy Google) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-12-26]
CHR Extension: (Twitch Now) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-12-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-10-30]
CHR Extension: (Gmail) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR Profile: C:\Users\Arcan\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-26]
CHR HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe [415680 2018-09-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [206720 2018-09-05] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [530208 2019-05-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1335744 2018-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-06-22] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 Wallpaper Engine Service; D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [354808 2018-12-11] (Kristjan Skutta -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-10-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-12-21] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34496 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30416 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [14728 2018-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [733472 2019-05-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-22] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_eb2e336f678f7f83\nvlddmkm.sys [22744696 2019-12-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-12-21] (Noriyuki MIYAZAKI -> OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 13:47 - 2019-12-22 13:48 - 000047157 _____ C:\Users\Arcan\Desktop\FRST.txt
2019-12-22 13:47 - 2019-12-22 13:47 - 002260480 _____ (Farbar) C:\Users\Arcan\Desktop\FRST64.exe
2019-12-22 01:40 - 2019-12-22 01:40 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-22 01:40 - 2019-12-22 01:40 - 000216544 ____N (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-21 23:34 - 2019-12-21 23:39 - 000000000 ____D C:\AdwCleaner
2019-12-21 23:34 - 2019-12-21 23:34 - 008237744 _____ (Malwarebytes) C:\Users\Arcan\Desktop\adwcleaner_8.0.1.exe
2019-12-21 21:54 - 2019-12-22 13:48 - 000000000 ____D C:\FRST
2019-12-20 23:33 - 2019-12-20 23:39 - 000000000 ____D C:\Users\Arcan\AppData\Local\UnravelTwo
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ____D C:\Users\Arcan\AppData\Local\Electronic Arts
2019-12-20 22:34 - 2019-12-20 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNRAVEL™ two
2019-12-18 18:17 - 2019-12-18 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\Program Files\iTunes
2019-12-18 18:15 - 2019-12-18 18:15 - 000000000 ____D C:\Program Files\iPod
2019-12-12 01:10 - 2019-12-12 01:10 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 01:10 - 2019-12-12 01:10 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 01:10 - 2019-12-12 01:10 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 01:10 - 2019-12-12 01:10 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 01:10 - 2019-12-12 01:10 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 01:10 - 2019-12-12 01:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-08 13:15 - 2019-12-03 21:36 - 000450976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-08 13:15 - 2019-12-03 21:36 - 000352512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 011842976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 010167216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000825928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-08 13:15 - 2019-12-03 21:35 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 040511064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 035380104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 017458824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 015027776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 005380744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 002074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001729520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444141.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001567688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001491544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444141.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001482408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001370280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001144944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 001064408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000813656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000685800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000659088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-08 13:15 - 2019-12-03 21:34 - 000556680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-11-27 00:56 - 2019-11-27 00:56 - 000000430 __RSH C:\ProgramData\ntuser.pol
2019-11-27 00:51 - 2019-11-27 00:51 - 000104064 _____ C:\WINDOWS\system32\energy-report.html
2019-11-27 00:21 - 2019-11-27 00:22 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\KeepAliveHD
2019-11-27 00:21 - 2019-11-27 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeepAliveHD
2019-11-27 00:21 - 2019-11-27 00:21 - 000000000 ____D C:\Program Files (x86)\Megabit
2019-11-23 11:20 - 2019-11-23 11:20 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 12:25 - 2018-12-26 01:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-22 11:15 - 2018-12-26 01:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-22 11:14 - 2019-06-23 00:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-21 23:48 - 2019-06-23 00:25 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 23:48 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-21 23:48 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-21 23:48 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 23:43 - 2019-01-05 10:06 - 000308736 _____ C:\WINDOWS\SysWOW64\NVAPIHelper.dll
2019-12-21 23:43 - 2018-12-26 02:00 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\CAM
2019-12-21 23:42 - 2019-06-23 00:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 23:42 - 2018-12-26 03:18 - 000000000 ___RD C:\Users\Arcan\iCloudDrive
2019-12-21 23:42 - 2018-12-26 02:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-21 23:42 - 2018-12-26 02:17 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Spotify
2019-12-21 23:41 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-21 23:25 - 2018-12-26 04:10 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\qBittorrent
2019-12-21 21:53 - 2019-08-28 20:45 - 000000000 ____D C:\Users\Arcan\AppData\Local\cache
2019-12-21 21:53 - 2019-08-11 23:02 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-21 21:53 - 2019-08-11 23:02 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-21 21:44 - 2018-12-26 02:18 - 000000000 ____D C:\Users\Arcan\AppData\Local\Spotify
2019-12-21 21:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 12:07 - 2018-12-26 01:28 - 000000000 ____D C:\Users\Arcan\AppData\Local\Packages
2019-12-21 00:29 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 00:29 - 2018-12-26 01:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-21 00:29 - 2018-12-26 01:28 - 000000000 ___RD C:\Users\Arcan\3D Objects
2019-12-21 00:28 - 2019-06-23 00:16 - 000442976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-21 00:28 - 2019-03-19 12:59 - 000000000 ____D C:\WINDOWS\OCR
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-21 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-21 00:27 - 2018-12-26 02:16 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Origin
2019-12-21 00:27 - 2018-12-26 02:16 - 000000000 ____D C:\ProgramData\Origin
2019-12-21 00:27 - 2018-12-26 01:53 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-21 00:26 - 2018-12-26 01:54 - 000000000 ____D C:\Users\Arcan\AppData\Local\Battle.net
2019-12-20 23:31 - 2019-02-09 19:14 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\DS4Windows
2019-12-20 22:34 - 2018-12-26 01:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-20 22:24 - 2018-12-26 02:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-20 22:24 - 2018-12-26 02:18 - 000000000 ____D C:\Program Files (x86)\Origin
2019-12-20 22:24 - 2018-12-26 02:16 - 000000000 ____D C:\Users\Arcan\AppData\Local\Origin
2019-12-19 21:38 - 2018-12-26 01:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 07:31 - 2019-10-03 11:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-17 07:31 - 2019-10-03 11:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-16 21:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-16 21:14 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2019-12-15 19:22 - 2018-12-26 04:19 - 000000000 ____D C:\Users\Arcan\AppData\Local\ElevatedDiagnostics
2019-12-13 21:32 - 2019-06-23 00:21 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 21:32 - 2019-06-23 00:21 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 02:34 - 2018-12-26 03:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-12 01:14 - 2018-12-26 03:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 01:12 - 2018-12-26 03:15 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-09 20:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-09 19:45 - 2018-12-27 00:01 - 000000000 ____D C:\Users\Arcan\AppData\Local\CrashDumps
2019-12-08 18:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-08 13:19 - 2018-12-26 02:14 - 000000000 ____D C:\Users\Arcan\AppData\Local\LogMeIn Hamachi
2019-12-08 13:17 - 2019-07-13 17:06 - 000000000 ____D C:\temp
2019-12-08 13:16 - 2018-12-26 01:39 - 000000000 ____D C:\Users\Arcan\AppData\Local\NVIDIA
2019-12-07 20:57 - 2018-12-26 03:28 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\TS3Client
2019-12-07 00:22 - 2018-12-26 02:18 - 000000000 ____D C:\Users\Arcan\AppData\Local\D3DSCache
2019-12-04 19:33 - 2018-12-26 02:52 - 000000000 ____D C:\Users\Arcan\AppData\LocalLow\noio
2019-12-04 18:36 - 2018-12-26 04:24 - 000000000 ____D C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-03 21:33 - 2019-09-12 18:51 - 004937792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-03 21:33 - 2019-09-12 18:51 - 004205784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-01 14:19 - 2018-12-26 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-11-27 21:47 - 2018-12-26 02:52 - 000000000 ____D C:\Users\Arcan\Documents\my games
2019-11-27 19:20 - 2019-06-23 00:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-27 00:55 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-11-27 00:19 - 2019-02-16 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2019-11-25 00:15 - 2019-10-16 23:27 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2019-11-25 00:15 - 2019-10-16 23:27 - 000032768 _____ C:\ProgramData\Documents\crash_dump.bin

==================== Files in the root of some directories ========

2018-12-26 04:23 - 2018-11-07 11:45 - 000000033 _____ () C:\Users\Arcan\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 04:23 - 2015-08-09 15:21 - 000001006 _____ () C:\Users\Arcan\AppData\Roaming\ARCANE-PC.MTBF.txt
2018-12-26 04:23 - 2019-01-27 14:04 - 000000009 _____ () C:\Users\Arcan\AppData\Roaming\update.dat
2018-12-26 04:23 - 2016-06-26 21:03 - 000003320 _____ () C:\Users\Arcan\AppData\Roaming\VoiceMeeterDefault.xml
2018-12-26 04:23 - 2019-07-25 22:10 - 000000600 _____ () C:\Users\Arcan\AppData\Roaming\winscp.rnd
2018-12-26 04:24 - 2015-08-04 20:00 - 000000004 _____ () C:\Users\Arcan\AppData\Roaming\Microsoft\notaut.txt
2018-12-26 03:47 - 2018-12-26 03:47 - 000000410 _____ () C:\Users\Arcan\AppData\Local\oobelibMkey.log
2018-12-26 04:19 - 2018-09-23 14:40 - 000000600 _____ () C:\Users\Arcan\AppData\Local\PUTTY.RND
2018-12-26 04:19 - 2017-12-10 16:53 - 000007605 _____ () C:\Users\Arcan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 13:48
od Arcane
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Arcan (22-12-2019 13:48:46)
Running from C:\Users\Arcan\Desktop
Windows 10 Pro Version 1909 18363.535 (X64) (2019-06-22 23:21:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1894648835-3668780281-2537145207-500 - Administrator - Disabled)
Arcan (S-1-5-21-1894648835-3668780281-2537145207-1001 - Administrator - Enabled) => C:\Users\Arcan
DefaultAccount (S-1-5-21-1894648835-3668780281-2537145207-503 - Limited - Disabled)
Guest (S-1-5-21-1894648835-3668780281-2537145207-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1894648835-3668780281-2537145207-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activision(R) (HKLM-x32\...\{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.2.476 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AirServer Universal (x64) (HKLM\...\{49B2226A-F75F-4B23-924C-B220B27837AC}) (Version: 5.5.4 - App Dynamic)
Aktualizace NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{a287c686-e02e-4d5a-8e7b-4e1da1c906dd}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{ae175b21-505d-4f2f-bc21-4a07415e8b7d}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{d24837ba-2990-457b-bb70-b72614e03845}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{6121958f-8f20-44ab-b168-5fb4c336866d}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.02.43 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{ddf1d23c-e505-47e4-8108-60af9b29a845}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{84f71ba0-a021-48b9-ab12-4990572f697b}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{be8aef12-2bc5-4b18-90c4-75276c3eb3a1}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{a020e026-ac75-4f13-9b0b-bb4d8ccc1dc7}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - ASUSTeK Computer Inc.) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.22 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.21 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{abb56118-25ed-4613-b3c7-c36bb1695c67}) (Version: 1.0.21 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.02.56 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{11dd84be-e66c-4593-90cc-5910d68d0ce5}) (Version: 3.02.56 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CAM (HKLM-x32\...\{E382606E-FA6F-4503-8237-15F4F18507FE}) (Version: 3.7.8 - NZXT)
Control (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Control) (Version: - HOODLUM)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{6f09b03f-dfb3-4bfc-be78-e7e5b00f2182}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 3.65.012019.06 - Crucial)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Devil May Cry 5 (HKLM-x32\...\Devil May Cry 5_is1) (Version: - )
Discord (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Drum Controller Standard Tuning Kit (HKLM-x32\...\InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision)
EaseUS Partition Master 13.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
iCloud (HKLM\...\{4E727621-3550-4CE0-883E-F27D7D7E0D2C}) (Version: 7.16.0.15 - Apple Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{65D2540A-990F-45BC-AF4C-482488F457E4}) (Version: 12.10.3.1 - Apple Inc.)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
KeepAliveHD 1.6.2 beta (HKLM-x32\...\{8623BFAD-9E79-4188-9EB4-9740CEDD3B44}_is1) (Version: - Megabit d.o.o.)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{c43fd2d2-c80f-48c7-95e2-1986bd0922e8}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
K-Lite Mega Codec Pack 15.2.3 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.3 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Observation (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Observation) (Version: - HOODLUM)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Outer Wilds (HKLM-x32\...\Outer Wilds_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.41 - NVIDIA Corporation) Hidden
Ozone Strike Pro Spectra Driver (HKLM-x32\...\{DC3EFC41-ADF9-438F-83E8-0CC8BA7A68D4}) (Version: 1.0 - OZONE)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
qBittorrent 4.1.8 (HKLM-x32\...\qBittorrent) (Version: 4.1.8 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.22.3 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8666 - Realtek Semiconductor Corp.)
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - )
Spotify (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer)
The Dark Pictures Anthology Man of Medan (HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\The Dark Pictures Anthology Man of Medan) (Version: - HOODLUM)
The Surge 2 (HKLM-x32\...\The Surge 2_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.22.0.0 - GOG.com)
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 78.1 - Ubisoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.15.3 (HKLM-x32\...\winscp3_is1) (Version: 5.15.3 - Martin Prikryl)
Wolfenstein II The New Colossus (HKLM-x32\...\Wolfenstein II The New Colossus_is1) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-17] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.5.0_x86__1sdd7yawvg6ne [2019-10-24] (File-New-Project) [Startup Task]
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-11-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-27] (Thumbmunkeys Ltd) [MS Ad]
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2019-11-09] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B8BE80EAB5B0} -> [Creative Cloud Files] => C:\Users\Arcan\Creative Cloud Files [2018-12-26 03:58]
CustomCLSID: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-12-09] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Arcan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop

==================== Loaded Modules (Whitelisted) =============

2018-10-19 17:59 - 2018-10-19 17:59 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\cpuutil.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 001955328 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\ffmpeg.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 000017920 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\libegl.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 003687936 _____ () [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\libglesv2.dll
2018-12-26 02:45 - 2016-09-21 16:03 - 000061440 _____ () [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\hiddriver.dll
2018-12-26 02:45 - 2016-09-30 16:49 - 000057344 _____ () [File not signed] C:\Program Files (x86)\OZONE\Ozone Strike Pro Spectra Driver\lan.dll
2018-08-29 16:19 - 2018-08-29 16:19 - 000223232 _____ () [File not signed] C:\Program Files\ASUS\AacOdd\AacOddHal_x86.dll
2018-09-07 00:29 - 2018-09-07 00:29 - 000202752 _____ () [File not signed] C:\Program Files\ASUS\AacTerminalHal\AacStripBusHal_x86.dll
2018-09-26 16:01 - 2018-09-26 16:01 - 001780736 _____ () [File not signed] C:\Program Files\ASUS\AacVGAHal\Vender.dll
2018-09-26 23:27 - 2018-09-26 23:27 - 000857600 _____ () [File not signed] C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-07-02 19:24 - 2018-07-02 19:24 - 000233984 _____ () [File not signed] C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-10-08 23:39 - 2018-10-08 23:39 - 000243712 _____ () [File not signed] C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2018-05-16 10:54 - 2018-05-16 10:54 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000114176 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_ctypes.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000173056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_elementtree.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001808896 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_hashlib.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000032256 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_multiprocessing.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000046080 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_psutil_windows.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000047616 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_socket.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 002241024 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_ssl.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000026112 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\_yappi.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000080896 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\bz2.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000016384 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\common.time34.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000007680 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\hashobjs_ext.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000301568 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\PIL._imaging.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000169472 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\pyexpat.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001084416 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\pysqlite2._sqlite.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000548864 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\pythoncom27.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000137728 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\pywintypes27.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000010752 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\select.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000020992 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\thumbnails_ext.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000689664 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\unicodedata.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000119808 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\usb_ext.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000128512 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32api.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000438784 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32com.shell.shell.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000011776 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32crypt.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000023040 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32event.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000149504 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32file.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000223232 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32gui.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000048128 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32inet.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000029696 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32pdh.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000027648 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32pipe.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000044032 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32process.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000020480 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32profile.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000136192 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32security.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000026624 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\win32ts.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000034816 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\windows.conditional.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000038400 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\windows.connectivity.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000071680 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\windows.device_monitor.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000109056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\windows.volumes.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000020480 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\windows.winwrap.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001325056 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._controls_.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001489408 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._core_.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001007104 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._gdi_.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000103424 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._html2.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 000916992 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._misc_.pyd
2019-12-21 23:42 - 2019-12-21 23:42 - 001039872 _____ () [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wx._windows_.pyd
2018-09-26 17:57 - 2018-09-26 17:57 - 001932800 _____ (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUS\AacVGAHal\LED_DLL_forMB.dll
2018-09-26 18:05 - 2018-09-26 18:05 - 000074752 _____ (ASUSTek) [File not signed] C:\Program Files\ASUS\AacVGAHal\AacVgaHal.dll
2019-07-24 23:00 - 2019-12-21 23:43 - 001431552 _____ (CPUID) [File not signed] C:\Program Files (x86)\NZXT\CAM\DLLs\cpuidsdk.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2018-05-16 10:46 - 2018-05-16 10:46 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32.dll
2019-07-28 23:08 - 2019-07-28 23:08 - 017861632 _____ (Node.js) [File not signed] C:\Program Files (x86)\NZXT\CAM\Launcher\node.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\python27.dll
2019-07-24 23:00 - 2019-07-24 23:00 - 001246208 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\NZXT\CAM\x86\SQLite.Interop.dll
2019-07-24 23:00 - 2019-07-24 23:00 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\NZXT\CAM\DLLs\SiUSBXp.dll
2018-12-26 02:42 - 2019-08-25 19:55 - 000776704 _____ (Tabibito Technology) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll
2018-09-26 17:54 - 2018-09-26 17:54 - 001629184 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\AacVGAHal\VGA_Extra.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxbase30u_net_vc90_x64.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxbase30u_vc90_x64.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxmsw30u_adv_vc90_x64.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxmsw30u_core_vc90_x64.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxmsw30u_html_vc90_x64.dll
2019-12-21 23:42 - 2019-12-21 23:42 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arcan\AppData\Local\Temp\_MEI189882\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-04 10:07 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-03-02 16:59 - 2019-03-02 16:59 - 000000516 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.247 android-8fd0bcca25494f49.mshome.net # 2019 3 6 9 15 59 22 104
192.168.137.1 Arcane-PC.mshome.net # 2024 2 4 29 15 59 22 104

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Crucial\Crucial Storage Executive;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arcan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{1E1111C5-A300-459D-873A-7D85CA4B65F5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe () [File not signed]
FirewallRules: [{747CA492-CBE3-4194-AA62-891454479A7C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe () [File not signed]
FirewallRules: [{45846334-8726-4A28-B944-C4650ED530AA}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{724FB028-4BC6-4BB1-9EC0-CFB709AF5677}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{BAE17B5B-0B79-43A6-8E26-88F60DFAB686}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{6B163AE5-FFE9-47E5-8D3A-62E4149A12DA}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{849F8F0D-9F1F-4057-BB17-752F9F1B476D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{5E0B7C82-C42B-456C-B9A3-0F485D0AC498}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{17B1FC18-6824-47A6-954C-2AF927AA0683}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{97B97B00-A35B-42A0-B77B-0A6A6251FBB0}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{3C8DCC3F-25C8-4188-88CC-31123BF9D284}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{D402EA3E-D9F0-4F18-8242-025E20F147C1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{19B2EFBB-78A8-4C8E-9E08-9AF74A29AFAD}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe () [File not signed]
FirewallRules: [{DB6CAE4E-6079-44DB-8630-1301A175435C}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe () [File not signed]
FirewallRules: [UDP Query User{C56D9916-8DD2-409D-883A-703948AF28ED}D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{6A585ECC-3A09-4CA9-8BBA-D21F08E76FE8}D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) D:\arcane\hry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{73C70C68-84A1-4B65-94C2-BDFC6B8B5C1B}] => (Allow) D:\Arcane\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{B5E61519-2591-4199-A7C1-68291AE9AAA2}] => (Allow) D:\Arcane\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [UDP Query User{8E39C85C-A356-4F18-BFFA-557F9FAA4C3F}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{A8B908F9-4766-4672-B6B7-4127B15030D6}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{BE556FD4-5334-4A2B-B279-3DC6D2157618}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{44F5014C-D500-4D3A-913C-A1C9FD3498A2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{DE9CB9EE-9D50-4BF2-BCC0-2796F114659F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe (Crystal Shard ) [File not signed]
FirewallRules: [{D5C60194-F8D0-495F-8512-E02D4D7E1E43}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe (Crystal Shard ) [File not signed]
FirewallRules: [{F83CFB91-7E47-4F64-9F72-694842A6CC28}] => (Allow) D:\Arcane\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{A667AD5C-E5E5-4881-81CD-737CB36B52FF}] => (Allow) D:\Arcane\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{259EEEC7-D35A-4F95-8607-3A265F42F351}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [TCP Query User{A710C5C4-7FC2-4A20-B91F-8705093B8036}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [{CF7FF94B-F03C-4C60-BE92-25213CC312C5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe (Experimental Gameplay Group LLC) [File not signed]
FirewallRules: [{C1584D69-2248-4572-839F-DDC2C133F942}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe (Experimental Gameplay Group LLC) [File not signed]
FirewallRules: [{393B14A2-6FFF-489A-9406-502C03063221}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf)
FirewallRules: [{F9DC308F-46FD-49F3-8174-723A740E5F69}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf)
FirewallRules: [{C67D1330-8AC8-4ECB-B0EB-237818FED3CC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 3\trine3_launcher.exe () [File not signed]
FirewallRules: [{2DF5A6CB-E997-407A-B61F-03D6BEF9C8ED}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 3\trine3_launcher.exe () [File not signed]
FirewallRules: [{0957E3C7-20E7-48A1-9EAA-270F76BD220F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe () [File not signed]
FirewallRules: [{56B89990-A718-4D8D-92EC-D873E6891626}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe () [File not signed]
FirewallRules: [{4972E19A-EA38-4A72-8E72-173704FBF878}] => (Allow) D:\Arcane\Steam\SteamApps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{2218B51A-E178-49A3-B9D8-B51E37161832}] => (Allow) D:\Arcane\Steam\SteamApps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{2FE277E3-3448-4D25-B86A-B1DEAE21F737}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{0B7D3F7B-0E1E-4CC8-916F-9DA7289734CE}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{594D5BDD-B2B2-42B5-81EE-8E3555C13CD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{C473B945-D020-4D13-8629-DB7EDE2F2458}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{EA46C27A-F11A-42EB-BC25-E7467D26880D}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{E7A2A473-F50F-4121-B5B5-7CA64FF289DE}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{B41D6077-3AE8-49B5-AB82-1ACAEEF1D79A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [File not signed]
FirewallRules: [{FB5BBECE-0A18-4022-9106-DC1AD1701926}] => (Allow) D:\Arcane\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [File not signed]
FirewallRules: [{49EBE8D7-0CA3-4632-99C5-AFC3A188DC05}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [{0AC8C291-84EE-4D0B-99D6-B0BE3EAC6335}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [{E4747BB1-6890-4D73-AA37-90209A2201E6}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{96E624AD-6E93-41C2-830B-8DB48A21051A}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{484C3DF5-DF53-4E15-82ED-C5D7EC96E6E6}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{5019D6DB-28B1-48C5-8ED5-0A344CECF980}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{BAD88EE4-0434-4EFD-81F0-EEE0C3987919}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe () [File not signed]
FirewallRules: [{ACE20442-747C-4B59-839B-1EC607003166}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe () [File not signed]
FirewallRules: [{8F3B9B00-0E9F-47C9-BEA1-36F6A1D45570}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{857BAB35-6EC5-4DC4-A347-6F621FDEACC6}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{64B06AE8-BFC7-4F2F-A833-946CDA0143EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [{03B7638B-F7A3-427F-8F30-1AEFAD365545}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [{B7237327-B7FF-4296-9B6F-BB5E48FB5E81}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe (sparsevector) [File not signed]
FirewallRules: [{4274B2E6-4454-4096-9236-A85CB2245C1D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe (sparsevector) [File not signed]
FirewallRules: [{4C46CA63-3968-48E3-90D8-D98DA266CD38}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{E3008F32-2885-4DEE-8468-58E542A17629}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [UDP Query User{F80729AF-5DF5-475A-9462-A042F0348F41}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{CD499DA3-18CA-45EC-89F2-9E49FAB1EAA9}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [{0C9A8D62-3229-47C5-A9DD-0CD37244DA5C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe () [File not signed]
FirewallRules: [{96A22DA6-946C-4C79-9EC1-03581F141B14}] => (Allow) D:\Arcane\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe () [File not signed]
FirewallRules: [{D0C25DE7-9878-4BC3-ACE8-0DF6EDAFCCF4}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{E5B4746B-265C-4505-8CCB-6B434E9F1106}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{1E912ED7-9F1C-41C5-8A8A-BCA7F8E2F36C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Sonic Mania\SonicMania.exe () [File not signed]
FirewallRules: [{6E75BF5B-3B97-4753-8396-FB6C3C642635}] => (Allow) D:\Arcane\Steam\SteamApps\common\Sonic Mania\SonicMania.exe () [File not signed]
FirewallRules: [{3D7F4ADD-1CF8-4253-87E8-A6439824EBBC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{A099DF98-305A-4A6C-8C74-E3F9AF565F37}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{157E4B70-D0CF-41BB-85DB-20D7809FDD5F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Abalone\Abalone.exe () [File not signed]
FirewallRules: [{34A47A80-064D-4149-954F-49A4C56A338B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Abalone\Abalone.exe () [File not signed]
FirewallRules: [{97B2B4F0-AB19-4EBB-8069-A08E0D9C64FA}] => (Allow) D:\Arcane\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{C97E2789-4702-4CFD-AE9B-F0CABE32659D}] => (Allow) D:\Arcane\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{97DA9EB7-6145-4048-B6B8-D58B8F115BDE}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{AFF9213D-6F5F-436A-98AD-B557063F629C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{5A3790BB-509C-49D2-B943-EC5033C9F333}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{6E59AD2A-0D1F-42C0-9AEB-792858494A21}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{339DD349-7152-402B-AE16-DF7733FBE0BB}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{EF44FF8D-0021-4A2F-9DC5-B94CC1CDFA17}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{2CFC01E7-0147-4651-9E92-79B7214E5993}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{6BDFE8A5-852E-4502-8149-14E2F7FDC295}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{C2BFE895-BCB4-4F51-87C1-5303FF582A8B}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe () [File not signed]
FirewallRules: [{6F73AC84-B7D8-4057-8E0A-1916F8C7AAFC}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe () [File not signed]
FirewallRules: [{F10D1966-61B7-4A55-AD3A-5D43C23C14E0}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{1F60C49C-BD53-4734-8A38-907251FC2041}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{48B5318E-B0D3-446B-856B-E6AF6560B5CB}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe () [File not signed]
FirewallRules: [{D33E9147-1184-484A-928A-5301EC2B3A52}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe () [File not signed]
FirewallRules: [{904C72EF-EF1C-4834-A2CC-4668734B3C8F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{0DC9FA5C-6B6D-4A22-B61C-F4FBC95AAB88}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{E9472C0A-73F4-4110-868C-1EA4032F0BB1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6B063960-488F-4F96-BC83-8EB446841C07}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{0ACCA807-DCEE-4815-8DDA-B55B40CBD25B}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5FC588E2-338B-4231-ACA9-07E11A33DDB6}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45A64368-311D-452A-BCBF-CA014BDFD30B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Despotism 3k\Despotism3k.exe () [File not signed]
FirewallRules: [{A16754BB-E688-4504-9B26-FD28CF5CB41D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Despotism 3k\Despotism3k.exe () [File not signed]
FirewallRules: [{93A92754-1FBF-4BE3-8E88-DF6F3A8EC52D}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{FB5793E0-16AF-41CF-83F6-D7D11FB99A23}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{2081CE2E-AFC2-429B-A1F0-FFAC5894092F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Hexagon\superhexagon.exe () [File not signed]
FirewallRules: [{03D44434-2C2A-4B9F-960A-28A11CDC22EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Super Hexagon\superhexagon.exe () [File not signed]
FirewallRules: [{2E10007C-0823-4C44-8ECC-7DD13D631248}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E2871393-D758-421F-9A5D-9B1EB61D0178}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4F52FAE3-4F0B-43C0-BCA7-B617C22E7D7E}] => (Allow) D:\Arcane\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{37419347-081D-4D21-AEE3-30489406F5EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [UDP Query User{69665FE5-9CAD-4714-AFAE-C3E25EC23BB8}D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe] => (Allow) D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe (IO INTERACTIVE A/S -> )
FirewallRules: [TCP Query User{A8CE78F9-D1A3-4841-A7D3-523F3BDBADA7}D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe] => (Allow) D:\arcane\steam\steamapps\common\hitman2\retail\hitman2.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{4C4D56EA-2165-4ED8-9C26-D707172253B2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe () [File not signed]
FirewallRules: [{B8B65E83-77AD-486E-BB09-05B91F65049A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe () [File not signed]
FirewallRules: [UDP Query User{FBED4EBD-B1E2-4768-9A32-E516CE5788E9}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [TCP Query User{C60BB4E1-568A-4761-955C-BA5FD9C59BF8}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [UDP Query User{0C837794-0533-4AEE-97BE-ACFC746B55A4}D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe] => (Allow) D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe No File
FirewallRules: [TCP Query User{A3C51388-4960-4C6E-9968-19B04CADDBBA}D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe] => (Allow) D:\arcane\hry\ashen\ashen\binaries\win64\ashen-win64-shipping.exe No File
FirewallRules: [{FA4D4784-7BCC-4A36-97CC-85267B900DB4}] => (Allow) C:\Users\Arcan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCFB492C-FCEE-40B3-872C-AD9D08E9C3CF}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{E3777C11-6906-44B9-B3A2-F1595B63921F}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{31DEA43E-0EA9-43EC-8A47-A43376C0B37C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{14E0152D-DCD7-45A2-B8A6-08A2D957E157}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{523BE7E2-DB4B-4B8B-9184-5B0A43A83077}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A0AD3C1A-B0F5-4198-808F-D490A3109800}] => (Allow) D:\Arcane\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3EC03A37-4217-41FD-8239-CD08E90A3C26}] => (Allow) D:\Arcane\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{772354A6-D4A2-4403-B4E8-EF0E4206152F}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{28CE2EC7-4283-4C54-9F37-B5797E308507}C:\users\arcan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\arcan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{175E211D-FD17-4B6E-A9A3-34D21ED39B83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{451D88CB-28AA-4395-9562-2E96BBE76AAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D89F9622-EF59-4E35-88E1-2076A9B0796B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C5C999A-D277-4E29-885E-F4D7E74CE871}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CC368B4-2B14-4E62-A15C-E598ED124827}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{7316D4BC-2945-4EDF-BD4B-BA29746D016D}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{2D219D27-911B-43DE-945C-52F936A6AF1B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{BDFC8E33-5C93-496C-A16F-9AB2470D0158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12764E3C-5B42-4904-B7AE-1E73F80917FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0FEC6955-CDD3-48CC-8F90-9A17D4A39C5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8BA4725-04DC-4D83-BACF-71DD57DDB897}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E13C22F-C4C0-4415-89A8-F5832928FA13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5137595F-FFFF-47A6-99ED-9A804E091A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{104236DC-A4F7-4D8E-B3F3-A7EBAC23E9BD}D:\arcane\hry\overwatch\_retail_\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{000D1D34-8EC2-4838-9C32-E65B330351DF}D:\arcane\hry\overwatch\_retail_\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C6721047-E505-4000-B6B0-52BAD82A1B2E}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{4DA344E8-917D-4177-94C2-45936D0A3027}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{2A22FAF4-9D1C-4CA8-BB85-93A7C39A1B42}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{8093AB61-6EE0-450E-981B-505E9D9C99D7}] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT, Inc. -> )
FirewallRules: [{799FFC5C-10FB-4686-902F-B92A07653263}] => (Allow) LPort=38518
FirewallRules: [{4DB3711C-446A-48DB-B8B7-01D99720F9AA}] => (Allow) LPort=9142
FirewallRules: [{5D24ED18-76DB-44EB-AF9E-5B3F674D4547}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{EF7E490F-EB48-404F-80A1-FA0FF612471C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{4676E5B7-E253-4B6D-9901-5BC3F4A72ABA}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{8E08330D-71CE-44B6-BB6F-B6181B1213EC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{133024F1-A578-4657-A2E6-244A2B81C884}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{DDDE7BF4-6A3F-4BD3-852D-D285CD48024A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{3A37F3C3-7864-4BED-B0CA-C28D26B2DA6E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{8FC70952-BB41-49C9-B78B-4465F3BBC49A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [TCP Query User{4053F1F5-BC16-446D-9EF4-FA279DA5292C}D:\arcane\hry\rayman origins\rayman origins.exe] => (Allow) D:\arcane\hry\rayman origins\rayman origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{1FAEB7A2-280F-4BB0-A0DF-8974A8CF174F}D:\arcane\hry\rayman origins\rayman origins.exe] => (Allow) D:\arcane\hry\rayman origins\rayman origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{62344576-1617-4ED2-8532-A571F0E4CFDF}D:\arcane\hry\the surge 2\bin\thesurge2.exe] => (Allow) D:\arcane\hry\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [UDP Query User{703086F3-7A20-4DFC-9BD9-5CF87C2C06B3}D:\arcane\hry\the surge 2\bin\thesurge2.exe] => (Allow) D:\arcane\hry\the surge 2\bin\thesurge2.exe (Focus Home Interactive -> ) [File not signed]
FirewallRules: [{2AD46D53-31C3-4D3D-B47A-7F19F784FAB8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{41D7D4BE-0171-4CF6-923E-CA896073AC9A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{1461268A-9CEB-4FE1-8CA4-2DDB1CBC36F6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E7C051F5-B139-4D95-9DD7-8FF5A5ABF862}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{67BF0A24-2DF3-4FE9-8980-9D6A74F7A044}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{440A8A11-FAA8-4913-8D8E-C14F495EACE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EC6E40F-A8D6-4E8B-BC72-018DBD14AEE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6AC7D690-AF10-4379-AE26-B6214E6832EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5FC4F0F1-4298-4380-BB3C-EF7C5F000392}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{7DF780C3-D4F6-4C04-B60F-09CEB43AF75F}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{A0B4EEEE-7879-42B1-B520-97FBE8C779D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F591B3A-3223-457A-97ED-40CE5CD5E22A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6DC42AE8-48D5-46A1-A853-8199B66BA2AD}D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{AD79C7F6-A2C5-44B1-A134-4C068251AAF5}D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\arcane\hry\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{EAB572D5-2526-45A9-BD3D-245418FD4730}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{264B3037-6B8E-454B-96ED-480AAF951977}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DD1D0F9-C383-4769-9B2D-3C35A11024EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5AC9E9C4-856B-4718-81D8-21654EC30DD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom Two Crowns\KingdomTwoCrowns.exe () [File not signed]
FirewallRules: [{C428C368-85EE-4A6F-B0E1-1CA9EB12097B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom Two Crowns\KingdomTwoCrowns.exe () [File not signed]
FirewallRules: [{D2CABC3D-0830-4051-9C85-ED86D2BC46A2}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2C87BE7B-EE7C-46D7-8FD2-50E30B6F4E5B}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{D7ECCBBA-7172-4770-B229-6D94C1A78237}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{A4F1ED6C-E255-4DAE-849F-B756759B4918}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{5CD0C151-683F-49F3-B9ED-7B8DAF99A60E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{628CFC64-A249-4089-900E-59A64EAEF97B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{CA9A24E9-8556-46C7-B595-FCAFE6454436}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{1E1A13E0-E84F-42FD-B13B-97A4BC69B632}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5227A7A0-7ADC-4776-9946-E4309447BD4A}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{D1A67E69-192E-4BF3-AA5A-7B63F344F012}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{5E1F93A4-39C9-458B-9DB0-7B98B0333E52}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{7FEE8323-1DF0-41D4-BDAC-ACF6A392DCAC}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{B902F99D-D2B6-419C-A4C1-7500948A8469}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{1256D445-24C4-4AAF-86DA-C8A8CC66829C}] => (Allow) D:\Arcane\Hry\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{55C2C767-9EB1-425F-BA87-656DA677DD91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7062E038-D618-4243-B421-B7AC163EE547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D59DFF6-1A76-4E90-9F3A-20A312B92A4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8FA8B7F3-C55A-4674-9244-A45BA87A8D37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

20-12-2019 22:33:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
20-12-2019 22:33:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/22/2019 01:22:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 12:17:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 11:22:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4520,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 01:12:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4196,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 12:36:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 12:17:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9292,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 11:58:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2608,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/21/2019 11:50:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3564,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/21/2019 11:42:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2019 11:42:03 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (12/21/2019 11:41:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (12/21/2019 11:41:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (12/21/2019 11:41:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (12/21/2019 11:39:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wallpaper Engine Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2019 11:39:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2019 11:39:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-12-22 13:47:24.590
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:24.585
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:23.100
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:23.098
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:22.969
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:22.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:21.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 13:47:21.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 10/29/2018
Motherboard: ASUSTeK COMPUTER INC. PRIME Z370-A
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 50%
Total physical RAM: 16319.88 MB
Available physical RAM: 8123.04 MB
Total Virtual: 27071.88 MB
Available Virtual: 12037.49 MB

==================== Drives ================================

Drive c: (Savitar) (Fixed) (Total:237.87 GB) (Free:47.25 GB) NTFS
Drive d: (Amun) (Fixed) (Total:1863.01 GB) (Free:348.13 GB) NTFS
Drive e: (Soteria) (Fixed) (Total:3725.9 GB) (Free:2827.77 GB) NTFS
Drive f: (Horus) (Fixed) (Total:931.51 GB) (Free:161.51 GB) NTFS

\\?\Volume{1b5db080-40ed-41fc-9b07-e8e0aa9c5b40}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{87f9f223-5ccc-44ce-86bf-754e8c788fd0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 14:38
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
C:\Users\Arcan\AppData\Local\Temp
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [UDP Query User{8E39C85C-A356-4F18-BFFA-557F9FAA4C3F}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{A8B908F9-4766-4672-B6B7-4127B15030D6}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{259EEEC7-D35A-4F95-8607-3A265F42F351}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [TCP Query User{A710C5C4-7FC2-4A20-B91F-8705093B8036}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [{4C46CA63-3968-48E3-90D8-D98DA266CD38}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{E3008F32-2885-4DEE-8468-58E542A17629}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [UDP Query User{F80729AF-5DF5-475A-9462-A042F0348F41}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{CD499DA3-18CA-45EC-89F2-9E49FAB1EAA9}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [{5A3790BB-509C-49D2-B943-EC5033C9F333}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{6E59AD2A-0D1F-42C0-9AEB-792858494A21}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {66320CFA-8F41-4271-B3E9-256479139339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {D214596F-7731-4588-83F4-32347F51AAE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 17:49
od Arcane
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Arcan (22-12-2019 15:26:54) Run:1
Running from C:\Users\Arcan\Desktop
Loaded Profiles: Arcan (Available Profiles: Arcan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
C:\Users\Arcan\AppData\Local\Temp
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [UDP Query User{8E39C85C-A356-4F18-BFFA-557F9FAA4C3F}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{A8B908F9-4766-4672-B6B7-4127B15030D6}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{259EEEC7-D35A-4F95-8607-3A265F42F351}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [TCP Query User{A710C5C4-7FC2-4A20-B91F-8705093B8036}D:\arcane\hry\apex\r5apex.exe] => (Allow) D:\arcane\hry\apex\r5apex.exe No File
FirewallRules: [{4C46CA63-3968-48E3-90D8-D98DA266CD38}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{E3008F32-2885-4DEE-8468-58E542A17629}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [UDP Query User{F80729AF-5DF5-475A-9462-A042F0348F41}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{CD499DA3-18CA-45EC-89F2-9E49FAB1EAA9}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe No File
FirewallRules: [{5A3790BB-509C-49D2-B943-EC5033C9F333}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
FirewallRules: [{6E59AD2A-0D1F-42C0-9AEB-792858494A21}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe No File
C:\Program Files\Bonjour
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {66320CFA-8F41-4271-B3E9-256479139339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
Task: {D214596F-7731-4588-83F4-32347F51AAE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
SearchScopes: HKU\S-1-5-21-1894648835-3668780281-2537145207-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE05
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End

*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Users\Arcan\AppData\Local\Temp => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8E39C85C-A356-4F18-BFFA-557F9FAA4C3F}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A8B908F9-4766-4672-B6B7-4127B15030D6}D:\arcane\hry\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{259EEEC7-D35A-4F95-8607-3A265F42F351}D:\arcane\hry\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A710C5C4-7FC2-4A20-B91F-8705093B8036}D:\arcane\hry\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C46CA63-3968-48E3-90D8-D98DA266CD38}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3008F32-2885-4DEE-8468-58E542A17629}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F80729AF-5DF5-475A-9462-A042F0348F41}D:\arcane\hry\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD499DA3-18CA-45EC-89F2-9E49FAB1EAA9}D:\arcane\hry\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A3790BB-509C-49D2-B943-EC5033C9F333}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E59AD2A-0D1F-42C0-9AEB-792858494A21}" => removed successfully
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66320CFA-8F41-4271-B3E9-256479139339}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66320CFA-8F41-4271-B3E9-256479139339}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D214596F-7731-4588-83F4-32347F51AAE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D214596F-7731-4588-83F4-32347F51AAE7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1894648835-3668780281-2537145207-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 163152612 B
Java, Flash, Steam htmlcache => 436060854 B
Windows/system/drivers => 20364466 B
Edge => 3024370 B
Chrome => 1110015294 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 127696 B
NetworkService => 127696 B
Arcan => 5034927 B

RecycleBin => 11480799837 B
EmptyTemp: => 12.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:28:34 ====

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 17:50
od Rudy
Smazáno. Nastala nějaká změna?

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 20:16
od Arcane
Děkuji, budu monitorovat. Řeším to zároven se spotify supportem, tak uvidím asi časem. :) díky moc a hezké svátky.

Re: Spotify používáno cizím člověkem, prosím o kontrolu

Napsal: 22 pro 2019 20:49
od Rudy
Rádo se stalo a rovněž vám přeji hezké svátky! :-)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz