Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Marek (04-04-2020 13:34:30)
Running from C:\Users\Marek\Desktop
Windows 10 Pro Version 1909 18363.720 (X64) (2019-11-26 12:02:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-514118449-1450849949-1183818836-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-514118449-1450849949-1183818836-503 - Limited - Disabled)
Guest (S-1-5-21-514118449-1450849949-1183818836-501 - Limited - Disabled)
Marek (S-1-5-21-514118449-1450849949-1183818836-1001 - Administrator - Enabled) => C:\Users\Marek
WDAGUtilityAccount (S-1-5-21-514118449-1450849949-1183818836-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2) (Version: 8.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_5) (Version: 20.0.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 verze 12.0.0.224 (HKLM-x32\...\{80676034-CAC5-4484-9601-6198241272AC}_is1) (Version: 12.0.0.224 - Adobe Systems Inc.)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Alienware Gaming Monitor AlienFX Driver (HKLM\...\{DFA67150-EBF3-469B-80FC-6F2DFBDB02B8}) (Version: 2.1.3.8 - Dell Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.1 - Electronic Arts, Inc.)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version:  - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.30.50.1690 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 80.1.5.123 - Autoři prohlížeče Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
Citrix Receiver 4.9 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.0.2539 - Citrix Systems, Inc.)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Název společnosti:)
Čeština do hry South Park: Klacek Pravdy verze 1.0 (HKLM-x32\...\{C1EA3034-6A86-4C18-A91F-SPSOTCZ7E0FE}_is1) (Version: 1.0 - Ubisoft)
darktable (HKLM\...\darktable) (Version: 2.6.0 - the darktable project)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Discord (HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dungeons 3 CZ Spor bohu Clash of Gods - Plaza  02.10.2018 (HKLM-x32\...\Dungeons 3 CZ Spor bohu Clash of Gods - Plaza  02.10.2018) (Version: Clash of Gods - Plaza  02.10.2018 - Libbi)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\Flux) (Version:  - f.lux Software LLC)
Factorio version 0.17.69 (HKLM\...\Factorio_is1) (Version:  - )
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FileBot (HKLM\...\{DFFB8CDD-CE62-4F81-8981-BAF80ECDBF0A}) (Version: 4.9.0 - Reinhard Pointner)
FonePaw for Android 2.9.0 (HKLM-x32\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 2.9.0 - FonePaw)
foobar2000 v1.5.1 (HKLM-x32\...\foobar2000) (Version: 1.5.1 - Peter Pawlowski)
Frostpunk CZ Codex v.1.3.2 - 20.12.2018 (HKLM-x32\...\Frostpunk CZ Codex v.1.3.2 - 20.12.2018) (Version: Codex v.1.3.2 - 20.12.2018 - Libbi)
Git version 2.25.0 (HKLM\...\Git_is1) (Version: 2.25.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4815 - Intel Corporation)
IntelliJ IDEA Community Edition 2019.2.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2019.2.4) (Version: 192.7142.36 - JetBrains s.r.o.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Java SE Development Kit 8 Update 191 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180191}) (Version: 8.0.1910.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation)
Macrium Reflect Free Edition (HKLM\...\{609837AF-7024-441C-AFFB-CB63D0C5E4A2}) (Version: 7.1.2917 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1104.625 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
Node.js (HKLM\...\{B6F2F882-2B4A-4AC0-8BD5-BF6F087A7F01}) (Version: 12.15.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{5C38E4A7-9778-4C51-8021-61759600D96A}) (Version: 14.9.0.2539 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.65.38147 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.59 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Postman-win64-7.18.0 (HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\Postman) (Version: 7.18.0 - Postman)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.17 (64-bit) (HKLM\...\{9255D53C-6C21-4664-AAF3-6EAC50F867Da}) (Version: 2.7.17150 - Python Software Foundation)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1004.170926 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 7.0.0 (HKLM-x32\...\RTSS) (Version: 7.0.0 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Self-service Plug-in (HKLM-x32\...\{C7E328BE-E4FF-4D07-B848-1179C42C8AD4}) (Version: 4.9.0.2528 - Citrix Systems, Inc.) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.8497 - TeamViewer)
TortoiseGit 2.9.0.0 (64 bit) (HKLM\...\{E607B142-63C1-4602-9EB9-C8A2B9F162D6}) (Version: 2.9.0.0 - TortoiseGit)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Visual Studio Build Tools 2017 (HKLM-x32\...\643ec492) (Version: 15.9.28307.1000 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{6d73d102-02b0-4b60-b0fa-34cf73f9cda2}) (Version: 4.9.2182.4042 - Lavasoft)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
WinSCP 5.13.7 (HKLM-x32\...\winscp3_is1) (Version: 5.13.7 - Martin Prikryl)
WinX YouTube Downloader (HKLM-x32\...\WinX YouTube Downloader) (Version: 5.2 - Digiarty, Inc.)
YouTube By Click CZ v.2.2.121 - 01.12.2019 (HKLM-x32\...\YouTube By Click CZ v.2.2.121 - 01.12.2019) (Version: v.2.2.121 - 01.12.2019 - Libbi)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-05] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-03-27] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-514118449-1450849949-1183818836-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-514118449-1450849949-1183818836-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-514118449-1450849949-1183818836-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-01-30] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2019-10-31] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2019-10-31] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2019-10-31] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2019-10-31] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2019-10-31] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-05-15 19:00 - 2018-05-15 19:00 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-05-15 19:00 - 2018-05-15 19:00 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-05-15 19:00 - 2018-05-15 19:00 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-11-26 14:02 - 2020-04-04 13:00 - 000192512 _____ () [File not signed] C:\Users\Marek\AppData\Local\Temp\sfamcc00001.dll
2020-04-01 08:59 - 2020-04-04 13:00 - 000158720 _____ () [File not signed] C:\Users\Marek\AppData\Local\Temp\sfareca00001.dll
2018-04-22 17:21 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-02-12 02:28 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2018-05-15 19:00 - 2018-05-15 19:00 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-02-07 20:58 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-07 20:58 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-07 20:58 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-03-11 17:02 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [480]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-514118449-1450849949-1183818836-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2018-10-29 23:30 - 000001022 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\TortoiseGit\bin;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;C:\Program Files\FileBot\
HKU\S-1-5-21-514118449-1450849949-1183818836-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\landscape-1574784815760-6527.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7158E6F6-5F6C-403B-AB7A-6EBFF40A0CD1}C:\program files\jetbrains\intellij idea community edition 2019.2.4\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2019.2.4\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{9E32852E-5C63-4FA8-B9E4-11FFA6E87312}C:\program files\jetbrains\intellij idea community edition 2019.2.4\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2019.2.4\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{7771C0A3-A9C8-4F81-B0C2-8313202F0430}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{8501815E-68C7-4843-A0DD-BA3B63C5C039}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{8FD584DE-A5AC-47D8-A761-7FB6A2FACE86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{2E8955B7-85AC-41F8-9837-CBEDDAC960DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [UDP Query User{CA1C1C85-9631-431E-80DC-0029015192F4}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [TCP Query User{79C4921A-5B99-4C5D-9594-E029BCF35B31}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{D21FEC3C-0D33-4526-8FF3-23A9677CE2A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Islanders\ISLANDERS.exe () [File not signed]
FirewallRules: [{E8378063-00F7-4362-B967-3ACCA7FAEDF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Islanders\ISLANDERS.exe () [File not signed]
FirewallRules: [{C94C757D-0BDB-47DA-A025-A70444528D19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{A128064C-D4AD-4523-B4DA-229715B5C13C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{7A97E7F4-058D-44D9-B2C7-B30D2B1983EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F88E1A0-FF5C-4D76-AA3E-42D40895EF14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDD3F675-C552-4A76-90C2-01F661210F7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD3ABB1D-65E8-43BF-A012-BE12B8BF070E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D16F38C-05FF-4387-B592-75AEC6165A5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Twilight Struggle\TwilightStruggle.exe () [File not signed]
FirewallRules: [{B314A9F3-6053-4A65-8BB0-36859183538A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Twilight Struggle\TwilightStruggle.exe () [File not signed]
FirewallRules: [{C38C8A09-1AD9-4CD7-A46E-55D3A667F84B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scythe Digital Edition\Scythe.exe () [File not signed]
FirewallRules: [{77CF5069-9B8E-432D-B1B8-0BF76E449ABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scythe Digital Edition\Scythe.exe () [File not signed]
FirewallRules: [{7DEC8C12-E887-4BE2-B152-76A65815077E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [{0A71C166-55C2-409A-95E7-680D8EB99551}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe No File
FirewallRules: [UDP Query User{6D807D37-2713-4785-800A-AC7AF48AF916}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{8985B3D1-3478-4831-ADCA-2DE63BB8910F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{1E005247-5673-4BCC-9E15-59FF5F9FAFBB}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File
FirewallRules: [TCP Query User{903413C9-A76F-4ED5-830A-B21122F0C0FA}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File
FirewallRules: [UDP Query User{CDECF172-E3EF-433D-AA7C-412CA74D07DC}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0AFAE4CE-FEB8-4D4F-BDE0-99CA36CE81BE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{150202F5-D688-4A07-954E-4AFF3BE87A91}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [TCP Query User{790C1D37-1D26-44AC-8360-934D6AFF2F00}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe No File
FirewallRules: [UDP Query User{5EA781AB-32F0-44BF-89B3-9A45BC96DEE7}C:\users\marek\downloads\ratiomaster.net_0.43\ratiomaster.net.exe] => (Allow) C:\users\marek\downloads\ratiomaster.net_0.43\ratiomaster.net.exe (Nikolay.IT) [File not signed]
FirewallRules: [TCP Query User{82ADDF80-4B78-4383-BAF2-02323681D162}C:\users\marek\downloads\ratiomaster.net_0.43\ratiomaster.net.exe] => (Allow) C:\users\marek\downloads\ratiomaster.net_0.43\ratiomaster.net.exe (Nikolay.IT) [File not signed]
FirewallRules: [UDP Query User{CB1CE3FF-25C3-4D34-B396-9B2A3847ED35}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{C7219D1F-3516-495C-B103-7E9B6514C343}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [{0D5CAF9E-186B-471A-8092-E64079AA376D}] => (Block) C:\program files\java\jdk1.8.0_191\bin\java.exe
FirewallRules: [{D24C87DF-690D-47D0-A3C5-40E520F3BB27}] => (Block) C:\program files\java\jdk1.8.0_191\bin\java.exe
FirewallRules: [UDP Query User{61E03DEB-0EED-4B33-A75B-65EB3CECB485}C:\program files\java\jdk1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_191\bin\java.exe
FirewallRules: [TCP Query User{CD8278C7-1295-45F6-89E4-CAFA0528ACA9}C:\program files\java\jdk1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_191\bin\java.exe
FirewallRules: [{B7E86601-6653-410D-AB51-928CC37B34E0}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [{2573CF53-2B38-416B-90FF-0514D6F1E93E}] => (Block) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{FF332897-2BA8-4AEA-B6D1-E8383751394D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{AB0526E2-024C-4415-9D79-34DBCEC1D886}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [UDP Query User{071BD7D9-BEB6-452B-8F6B-2B322CF19BEE}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [TCP Query User{8B1A7F88-9246-43DC-B0FC-64BA707BB834}C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\jre64\bin\java.exe No File
FirewallRules: [UDP Query User{5FEDD724-7910-4B94-9817-B0CB31192F2D}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [TCP Query User{FAFFC480-6BCC-4CF4-A284-0E2657D1ADE5}C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2018.2.5\bin\idea64.exe No File
FirewallRules: [UDP Query User{B021A509-FA8B-435E-87D7-7AE2980098C1}C:\users\marek\downloads\rmp210\rmp.exe] => (Block) C:\users\marek\downloads\rmp210\rmp.exe (Lucius) [File not signed]
FirewallRules: [TCP Query User{33DDF9F8-E0C6-4F4C-B02E-3806BE5F8DF1}C:\users\marek\downloads\rmp210\rmp.exe] => (Block) C:\users\marek\downloads\rmp210\rmp.exe (Lucius) [File not signed]
FirewallRules: [{D59A7202-B19A-4B0A-B9AB-86C95990B766}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1D2D3BCB-004F-409C-A2C1-9554154960DA}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF0EEF39-5E21-4BD2-9D28-92D533769689}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{C9BE3C80-C7A1-43A5-8445-79A6F464C37C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{B041C781-367D-4882-903D-6DB3AD0285D9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [{529F4DF6-4EFE-4EED-8D13-FC4885096E84}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{794CE9CE-3106-4791-A935-24DFEEAD0AE0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF1A26F5-353B-436F-9158-998B4D3D479C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{CD5030E3-3460-4722-B1D6-AA2639489359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{395C682F-5571-4229-B72B-C2985BB82356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{98ADEE72-4FE8-46A5-8CD9-01A476D3B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{FFF1A804-01E6-4E04-845B-DF709572C921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{C3DD8ECC-AD9F-497D-BCC8-0E294ADA5FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [UDP Query User{2EAA079C-F28D-4D61-A217-5A4F38F15ECB}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [TCP Query User{FBA8D69C-3B63-44BA-8A3F-2F47FF2CF2AA}C:\users\marek\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marek\appdata\roaming\utorrent web\utweb.exe No File
FirewallRules: [{ACEEB04B-0F8D-4DC9-9B5E-007C0CED7EBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{D53FA629-317F-493F-8F35-4A528918983C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{4F499B31-0BAF-4B9A-BA04-B43095C3C89C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{9A093C0A-ADFF-41E3-B924-6972E9B9A0FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{F0AB3F09-8B68-4AB1-9528-F84E4F191979}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E1D19E6-C78D-4AD3-AF4E-D64AC8D960B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{464EAB2F-8218-4E6B-81E4-53E6595419C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{26866B89-3E54-4205-A92C-2C68EE7C82A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AB7104B5-7C50-470E-843D-C996B6FBA833}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{28EA0AD0-B2B3-4EB0-954E-B282E45F4FFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E376D170-9BA3-47B5-BC88-6902AC4FE899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{C2239106-99B3-4981-BF62-D3B3D2470400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{16619431-8811-4EEF-9008-FE34874D5A71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{737C9787-A625-4E46-9B3C-47B5766850B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{480203C7-1AD3-4F4A-8D0D-CF998DBE3FC0}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{055E90FA-6378-49E1-ADE3-72B71A65F272}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{74AFCC74-ACBE-43B3-B541-7E132F81BF8F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1F153EA9-3DE6-4A56-89E4-83B70B837331}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8858335F-D79C-45BF-A9D8-84B24A2D22EA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{5DC82EEF-C245-4434-9818-6D74B866B5BA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{B2D15001-298B-4E4F-9FDB-D9046F03C04D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{459A51CC-4E4D-4467-A3D7-526B7E511767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{03928F87-1FE7-4D03-AA28-B119553D31B6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{0F035DDE-53F8-4F86-937C-0E5915B4932A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{5F4B901D-9A96-4ED4-99AC-A7562D7DF0FB}] => (Allow) D:\Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E545A752-29C2-4D03-9BEC-11993F75B8C3}] => (Allow) D:\Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F9DA26B2-77C8-4AFF-9FFB-B8C33A9B7732}D:\games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B648F843-2EA4-4FF7-95A1-4495B82D9A94}D:\games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{B304D97F-8A42-4FC1-811B-3CA1B80A96A8}C:\program files\java\jdk1.8.0_191\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_191\jre\bin\java.exe
FirewallRules: [UDP Query User{2544D8A5-857E-4231-BD86-360C2E8B5303}C:\program files\java\jdk1.8.0_191\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_191\jre\bin\java.exe
FirewallRules: [TCP Query User{2D88C467-9F11-4103-99A5-DA32A179477F}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{8D33904B-78C5-44D2-88CE-A8171FA7C23C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{91DD7217-C5A8-4E75-9E6D-00A2425B6D98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{A3678204-2EF3-44F6-A087-AAB0B36A1E4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{84763933-EBDD-4B50-9735-075B675B6126}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4982B01E-D067-4B4B-BC39-C7501F95C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B64FE4BB-EB8C-4C2A-8300-33771B644524}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E222161-75E3-4EC6-B8BF-45CE37740D0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{403A90C7-4715-4E42-A15B-83DAC9A5EE42}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{15F2EA2F-A66D-4438-95D2-9DC45E73BCFD}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{6798C743-7E9F-4A2F-8E85-444A98323472}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe No File
FirewallRules: [UDP Query User{F48FAF2D-1636-44E3-8361-64F21972D751}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe No File
FirewallRules: [{D8368D5C-5F9C-4002-A63D-E52E1CF9A328}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9E399E6-8A08-49C5-B235-D11672010663}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16FD3E1F-4973-41BC-9329-0D6BCC841115}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FC66A573-A439-4DD2-B069-4770A5B4C6E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D3996D5D-5747-4CD5-9B06-27E5F4A873E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C79A346-065D-4A1D-A360-9F2D8844D138}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{64CA40D7-5921-4337-89A6-3AA0AC83FBB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{2106A48C-46D5-4C0F-9BA7-6D4FC95F9F26}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C53D702E-2CF6-472A-ABAA-CF3B3122AEDB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{712FF4F0-8A20-4129-B48B-DB8206AC7BB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A44B441-179D-4B29-8601-AC37939CFC8C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A3B4A6E-89A1-4A3D-A467-DB49A768C1E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AE7377EA-BA41-46CB-8147-3FAE2B1DDACA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B87FB61D-99D2-471E-B955-306AF336DE7B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{200A9C1E-9F80-4655-85B2-209746F2E75C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCFD574B-D9F7-46EC-8ECD-EC78B24567C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Between Two Castles - Digital Edition\BetweenTwoCastles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{43916040-8465-4620-A361-BA6A19EE60DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Between Two Castles - Digital Edition\BetweenTwoCastles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{64302EF9-BF25-4464-87FB-DC36E935E636}C:\program files (x86)\steam\steamapps\common\between two castles - digital edition\betweentwocastles\binaries\win64\betweentwocastles-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\between two castles - digital edition\betweentwocastles\binaries\win64\betweentwocastles-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{E1C245B4-557E-4A0E-AE17-925E9929DCA2}C:\program files (x86)\steam\steamapps\common\between two castles - digital edition\betweentwocastles\binaries\win64\betweentwocastles-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\between two castles - digital edition\betweentwocastles\binaries\win64\betweentwocastles-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{335E4288-E3B7-447E-A7F2-6FEDBCEFC050}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4F17F962-3036-4F0A-9A69-8F1818316633}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4919AF33-8BAB-49D8-AC23-63CC505F3514}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

27-03-2020 01:09:37 Naplánovaný kontrolní bod
28-03-2020 14:45:09 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127
28-03-2020 14:45:18 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
29-03-2020 22:24:33 Installed FileBot

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2020 01:30:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6192,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 05:58:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CsrBtOBEXService.exe, verze: 2.1.63.0, časové razítko: 0x4f68683b
Název chybujícího modulu: CsrBtOBEXService.exe, verze: 2.1.63.0, časové razítko: 0x4f68683b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000006f58
ID chybujícího procesu: 0xb28
Čas spuštění chybující aplikace: 0x01d60a2e91b94413
Cesta k chybující aplikaci: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Cesta k chybujícímu modulu: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
ID zprávy: 735c7634-92c6-4b4e-8463-e9a103c20aff
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/04/2020 05:57:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18308,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 05:35:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12828,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 05:25:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6236,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 12:15:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CsrBtOBEXService.exe, verze: 2.1.63.0, časové razítko: 0x4f68683b
Název chybujícího modulu: CsrBtOBEXService.exe, verze: 2.1.63.0, časové razítko: 0x4f68683b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000006f58
ID chybujícího procesu: 0xff4
Čas spuštění chybující aplikace: 0x01d609dcea1a47a2
Cesta k chybující aplikaci: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Cesta k chybujícímu modulu: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
ID zprávy: a30b0212-5abc-4d9d-9f70-80ec327ab4d4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/04/2020 12:12:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17484,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/03/2020 11:25:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (04/04/2020 05:58:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba CSR OBEX byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/04/2020 05:10:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/04/2020 05:10:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (04/04/2020 12:15:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba CSR OBEX byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/04/2020 12:15:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4DC8CTG)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_5fe50 s argumenty Není k dispozici za účelem spuštění serveru: 
Windows.Media.Capture.Internal.AppCaptureShell

Error: (04/04/2020 12:15:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BcastDVRUserService_5fe50 neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/04/2020 12:15:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby BcastDVRUserService_5fe50 bylo dosaženo časového limitu (30000 ms).

Error: (04/03/2020 03:09:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba CSR OBEX byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-03-19 21:39:03.219
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F64A0A1C-E50E-45E8-AD22-3A1D848D7FFE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-15 13:31:06.333
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {230105A3-69EA-4F84-A975-EED3C7951670}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-09 21:01:41.452
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FB02D9FA-BAE9-4352-8716-92B2860C87E8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-08 16:43:58.281
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_W:\roztridit\rar\MC_CSSkspm.rar; file:_W:\roztridit\rar\MC_CSSkspm.rar->CSS.iso->arun.exe
Původ detekce: Sdílená síťová složka
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-4DC8CTG\Marek
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.311.776.0, AS: 1.311.776.0, NIS: 1.311.776.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-08 16:01:57.595
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator.DA&threatid=2147612705&enterprise=0
Název: VirTool:Win32/Obfuscator.DA
ID: 2147612705
Závažnost: Vážné
Kategorie: Nástroj
Cesta: containerfile:_\\NAS\trash\recuva_soubory\zbot.exe; file:_\\NAS\trash\recuva_soubory\zbot.exe->(Asprotect 2.3)
Původ detekce: Sdílená síťová složka
Typ detekce: Heuristika
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-4DC8CTG\Marek
Název procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpečnostních informací: AV: 1.311.776.0, AS: 1.311.776.0, NIS: 1.311.776.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-31 16:57:52.109
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.313.471.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě. 

CodeIntegrity:
===================================

Date: 2020-03-16 00:06:30.974
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:06:29.115
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:06:22.310
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:06:21.360
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:06:21.356
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:06:15.536
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:04:37.329
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-16 00:04:37.325
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0612 03/01/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX Z370-E GAMING
Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Percentage of memory in use: 39%
Total physical RAM: 16314.02 MB
Available physical RAM: 9831.91 MB
Total Virtual: 18746.02 MB
Available Virtual: 8743.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.34 GB) (Free:86.8 GB) NTFS
Drive d: () (Fixed) (Total:1862.89 GB) (Free:5.51 GB) NTFS
Drive f: () (Removable) (Total:119.22 GB) (Free:9.23 GB) exFAT

\\?\Volume{92687e99-3215-4d27-8af0-cf3e6f90779a}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{34d28459-aa35-416a-9e85-13651b818d21}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 119.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================