﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by kolca (21-06-2018 20:48:01)
Running from C:\Users\kolca\Desktop
Windows 10 Home Version 1709 16299.492 (X64) (2017-11-23 01:31:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-907423362-3305526511-137660631-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-907423362-3305526511-137660631-503 - Limited - Disabled)
Guest (S-1-5-21-907423362-3305526511-137660631-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-907423362-3305526511-137660631-1003 - Limited - Enabled)
kolca (S-1-5-21-907423362-3305526511-137660631-1001 - Administrator - Enabled) => C:\Users\kolca
WDAGUtilityAccount (S-1-5-21-907423362-3305526511-137660631-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.00.3004 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueJ FRI Edition version 3.1.5 (HKLM-x32\...\{C046C078-4663-4DE2-BFDF-1B00234A0C80}_is1) (Version: 3.1.5 - BlueJ Team; Fakulta riadenia a informatiky, Zilinska univerzita v Ziline)
DC++ 0.866 (HKLM-x32\...\DC++) (Version: 0.866 - Jacek Sieka)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
DuckDns version 1.0.5 (HKLM-x32\...\{72C90F4B-DDFB-410B-8761-9769CCF481AA}}_is1) (Version: 1.0.5 - ETX Software Inc.)
ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT 0.11.0 (HKLM\...\1b460c18-2611-5297-a1a8-4f35160a268c) (Version: 0.11.0 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
hardware_info version 1.0.0.0 (HKLM-x32\...\hardware_info 1.0.0.0_is1) (Version:  - Company: Pepinator)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\HearthstoneDeckTracker) (Version: 1.5.11 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JetBrains PhpStorm 2017.3 (HKLM-x32\...\PhpStorm 2017.3) (Version: 173.3727.138 - JetBrains s.r.o.)
JetBrains WebStorm 2017.3.4 (HKLM-x32\...\WebStorm 2017.3.4) (Version: 173.4548.30 - JetBrains s.r.o.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office 365 ProPlus - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.9330.2124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
NetLimiter 4 (HKLM\...\{CCEBB3FF-7941-42D6-875C-5321AA54963F}) (Version: 4.0.33.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.33.0) (Version: 4.0.33.0 - Locktime Software)
Node.js (HKLM\...\{CA1A2A77-FA8D-4DEC-B806-3BAD97D56CA5}) (Version: 9.5.0 - Node.js Foundation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden
OpenVPN 2.4.4-I601  (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 5.2.0 (HKLM\...\{1E6A323C-1BE9-49B6-8FDC-107307DBC6CE}) (Version: 5.2.0 - Oracle Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10383 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.270 - Qualcomm Atheros)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 5.50 - Philipp Winterberg)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7954 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Simulationcraft(x64) version 7.3.5.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 7.3.5.01 - Simulationcraft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4.2 - TeamSpeak Systems GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Warcraft Logs Uploader (HKLM-x32\...\{A34227E1-4CE8-368C-E2AE-A344FE765587}) (Version: 5.01 - UNKNOWN) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 5.01 - UNKNOWN)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.11-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} =>  -> No File
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxDTCM.dll [2016-10-10] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0274702C-CD4D-4DE7-838B-819C6D0352EA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-18] (Microsoft Corporation)
Task: {07DBC2F1-D601-417C-9441-C6160A1190BA} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {092B8FCB-197A-4ED4-969A-9F337B278A2E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {116CA16B-0384-4C53-815A-5EC24D49B367} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-06-18] (Microsoft Corporation)
Task: {194EAF9C-A0DB-4979-8DB7-A62F06E7063D} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-09-13] (Acer Incorporated)
Task: {24AE3679-6CB3-4EEB-A022-0B7BA82F502C} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [2016-08-12] ()
Task: {260528FA-8A07-45CF-BD4E-1818E3942269} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {3A8A0C08-246B-4B4F-AEB8-10680A94EE4A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-06-18] (Microsoft Corporation)
Task: {3B438AB9-4F06-46BB-B560-CD20B90DB294} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation)
Task: {44F9940D-544E-4AA0-A953-8940B6B06C0B} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {53E91DE7-18AE-4CEC-BDE1-1F7AE371BB60} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {54A1B267-BC9C-4716-8FFC-752C8DA194A0} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-09-13] (Acer Incorporated)
Task: {5642DE5D-B2B2-456F-92BD-873A73655CEB} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {588EA34E-1783-4B98-8FEB-030CAD169598} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {5CA4E7CA-1EB8-4CB7-AB5E-463DF81A3725} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-06-18] (Microsoft Corporation)
Task: {63FB4DDC-46CB-4154-A105-552EB030FDBD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-23] (NVIDIA Corporation)
Task: {6CD0604D-F15E-439F-A45F-168AAC8EA8EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-12] (Microsoft Corporation)
Task: {7607D7EB-27CD-47B5-84FB-03B688DE98D7} - System32\Tasks\MSIAfterburner => D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe [2018-04-23] ()
Task: {78635107-C042-4C5E-A56D-A3CA0D066D79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-23] (NVIDIA Corporation)
Task: {7BD41137-5AF3-4271-85CA-C61CCD65FABE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {7C2D0380-637E-488A-8464-1387B943311C} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [2016-08-12] (Acer Incorporated)
Task: {80222C78-0664-4801-BC58-A66BA65CF4B9} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-09-13] (Acer Incorporated)
Task: {803CABCD-7B67-41EC-B3B8-824731CBC77D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-23] (NVIDIA Corporation)
Task: {807D27F5-824F-4163-9C25-1436DFB2E95D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {A7F7FB47-ADDD-42FB-8CF9-FE57542B99DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18] (Google Inc.)
Task: {CF7915EC-DE06-422C-AEDE-2E643FE7F1AC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {D50CE79E-5DF7-4094-84C9-A67CA208C602} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-06-18] (Microsoft Corporation)
Task: {D944D13A-EF72-4632-B8F0-9140CDDD32B7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {DC2ACBD2-2939-4794-BAF3-7D1C2F131357} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation)
Task: {DC5E3D68-819F-47BC-8C00-7E6D77723678} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {DD924A8E-7B6D-4FA7-A51A-93489C9A0AF9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-18] (Microsoft Corporation)
Task: {E6B4A919-1616-4914-BEFB-B8544785715B} - System32\Tasks\WinMgr => C:\WINDOWS\\que.vbs
Task: {E9D50536-B70F-41C1-95EA-DA1A4EC70372} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {F2ABED97-89B8-4EBA-AD1C-C15FAD0F8064} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18] (Google Inc.)
Task: {FC4CA413-8039-469C-AC7E-FBCF39EB8C22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-06-06 12:04 - 2018-03-24 03:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-19 11:53 - 2016-09-19 11:53 - 001299920 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 001314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-23 17:16 - 2018-04-23 17:16 - 000739624 _____ () D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe
2018-06-12 21:14 - 2018-06-08 08:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-12 21:14 - 2018-06-08 07:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-29 11:28 - 2018-05-29 11:28 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-29 11:28 - 2018-05-29 11:28 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-29 11:28 - 2018-05-29 11:28 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-29 11:28 - 2018-05-29 11:28 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-29 11:28 - 2018-05-29 11:28 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-06-24 01:33 - 2016-06-24 01:33 - 000829632 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2016-07-18 10:39 - 2016-07-18 10:39 - 000154816 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2018-06-21 10:25 - 2018-06-21 10:25 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-21 10:25 - 2018-06-21 10:25 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-21 10:25 - 2018-06-21 10:25 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-06-01 08:33 - 2018-06-01 08:33 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-29 11:28 - 2018-05-29 11:28 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-29 11:28 - 2018-05-29 11:28 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 22:04 - 2017-09-26 22:04 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-28 12:56 - 2018-06-12 16:14 - 000174744 _____ () D:\Program Files\Teamspeak\quazip.dll
2017-03-13 18:37 - 2017-12-15 13:45 - 000020632 _____ () D:\Program Files\Teamspeak\libEGL.DLL
2017-03-13 18:37 - 2017-12-15 13:45 - 001981592 _____ () D:\Program Files\Teamspeak\libGLESv2.dll
2017-06-28 12:56 - 2018-06-12 16:14 - 000125592 _____ () D:\Program Files\Teamspeak\soundbackends\directsound_win64.dll
2017-06-28 12:56 - 2018-06-12 16:14 - 000150680 _____ () D:\Program Files\Teamspeak\soundbackends\windowsaudiosession_win64.dll
2017-07-18 17:33 - 2017-07-22 23:33 - 000345880 _____ () C:\Users\kolca\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2017-07-18 17:33 - 2017-07-18 17:33 - 000157696 _____ () C:\Users\kolca\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2017-12-03 22:10 - 2017-12-03 22:10 - 000276992 _____ () C:\Users\kolca\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll
2018-05-23 08:52 - 2018-05-23 08:52 - 006282240 _____ () C:\Users\kolca\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll
2018-06-12 22:02 - 2018-06-12 07:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-12 22:02 - 2018-06-12 07:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000072704 _____ () D:\Kokotiny\aburner\MSI Afterburner\RTMUI.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000057344 _____ () D:\Kokotiny\aburner\MSI Afterburner\RTFC.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000232448 _____ () D:\Kokotiny\aburner\MSI Afterburner\RTCore.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000567808 _____ () D:\Kokotiny\aburner\MSI Afterburner\RTHAL.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000357888 _____ () D:\Kokotiny\aburner\MSI Afterburner\RTUI.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 001032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-01 18:59 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\kolca\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 18:59 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\kolca\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 18:59 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\kolca\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-02 00:44 - 2018-05-02 00:44 - 001910104 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-02 00:44 - 2018-05-02 00:44 - 000422744 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-02 00:44 - 2018-05-02 00:44 - 000145240 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-02 00:44 - 2018-05-23 13:41 - 009820504 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 00:44 - 2018-05-02 00:44 - 001530712 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 00:44 - 2018-05-02 00:44 - 000512856 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 00:44 - 2018-05-03 14:37 - 001578840 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-02 00:44 - 2018-05-02 00:44 - 002722648 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-02 00:45 - 2018-05-02 00:45 - 002760536 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 00:45 - 2018-05-02 00:45 - 001249112 _____ () \\?\C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-06-21 19:18 - 2018-06-21 19:18 - 000540336 _____ () D:\battlenet\Battle.net\Battle.net.10202\ortp.dll
2018-06-21 19:18 - 2018-06-21 19:18 - 080169984 _____ () D:\battlenet\Battle.net\Battle.net.10202\libcef.dll
2018-06-21 19:18 - 2018-06-21 19:18 - 000133632 _____ () D:\battlenet\Battle.net\Battle.net.10202\libEGL.dll
2018-06-21 19:18 - 2018-06-21 19:18 - 003384832 _____ () D:\battlenet\Battle.net\Battle.net.10202\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:B6EGBWBURFH6U03SWITCY4PXIVI [0]
AlternateDataStreams: C:\ProgramData\Microsoft:WLIKRZGVRXLAVWT10X [0]
AlternateDataStreams: C:\Users\kolca\Local Settings:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local\Application Data:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local\Dg5mUHHIMAZEkid:ZeKYsMQ1CiEHrFhgKTr7Y [2272]
AlternateDataStreams: C:\Users\kolca\AppData\Local\VTdrrM4DB7rrw4s:ET6VtH2HDBKobTVLrOdLEbsu8c [2160]
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-907423362-3305526511-137660631-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\sharepoint.com -> hxxps://studuniza-files.sharepoint.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2017-09-24 20:18 - 000001204 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-907423362-3305526511-137660631-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kolca\Desktop\Mars.jpg
DNS Servers: 172.17.200.4 - 172.17.200.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: OpenVPNServiceInteractive => 2
MSCONFIG\Services: OpenVPNServiceLegacy => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "DuckDns.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_77962A82C8C16CFDE1B6F86B98DDF248"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "FACEIT"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{815284AB-95CD-4470-A434-FB7AE84E7371}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{32E1BC26-E9E2-4D7E-80B1-02B8D4336625}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A8A5926E-FAFE-4B39-A1F7-2C6CFE1A0A3E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1C0737CD-78BA-437C-A0D6-934A91D0D63E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{32838088-A25F-491C-A6C8-7F4A0A32F73B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C4D10625-133E-4739-9514-79EAFBC29784}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ECEC9B0D-0BAF-4D9F-BFDC-ECCB37EE86FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DAA499D4-F80B-4377-A025-F3938D8B5A91}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6C53B44F-B4EE-499F-BC2D-852C27307456}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D1339C85-8D1F-495D-A7A9-8844B3A72E9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4E68358B-F6B9-4BBE-BD25-C7635230FA17}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{003ADA08-7F4A-46D8-AA1A-98EC59C676C8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9EDE88E3-71CF-4C93-A3E3-5A9617A61297}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{16C9FF10-0034-42C3-B958-A6E6B8E3ABE3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B09AC21F-43BD-4436-A57E-5E1AFE85112F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{25C20C6A-FA07-4111-9AA6-4FBF3A8BB112}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{06098702-B79D-4C17-83C5-D2F80B5FEBE1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5C8870B5-1BEA-42F5-8A0D-4C70940F07E4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5E0D153-6FD4-4A00-AF12-454D652E9C10}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{14C1B5AA-E48E-4836-8A03-D9449A369ED7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6A5B5A16-D0C1-4356-AE3F-6E2A6AE47FF6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D8A0D52E-E369-472A-9557-9D6EEA7AA22D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5B63D40D-C7AB-45C7-B757-84CB11F3A426}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2265663B-7279-428C-9879-529973B2176E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B17F5E86-C93B-4847-BD86-8F15016C5D2C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5751D2B6-6714-4F23-A8F6-1E4D0AA9EB50}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{161E7EB8-3F78-4857-8D78-2BA54423708F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1596CE5E-75DB-42AE-BD2E-B48BDEDC2203}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9FD64693-79F2-4822-A99F-90546D0A5E2B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{896A6C61-1B40-4438-8728-5569AC76BD4A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{164960AD-5043-424C-8CB5-05378B9FFF2D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A0D606C-211C-4E65-A7AA-D6CBA4C39340}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{602558DC-F243-4612-BB1C-CCAA4A86D89E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AC6766DD-DC24-4940-862D-19E1836C9A29}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2811E64A-F353-40FD-92B9-C3B8FA5E17C8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A80A912C-EDAA-4432-B7FB-970B97634929}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0DB900DF-836F-47A1-ACCA-0A90F32449B0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{C4A34529-4A01-44E3-823F-B7A215842472}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{A76686B8-77CA-4EDD-9779-E68828941251}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{1D914674-5136-405A-8A3F-8BBB2FBC9882}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{3F89918A-467F-45A1-8BAD-ED0C4F1CEA13}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [UDP Query User{24888F54-C271-43A6-BFA4-344EA3B577A6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{0768C83F-E463-4DA7-AF85-42D68E7B0D27}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BE35DFE3-ACD2-44D5-AE99-43448D4A7A58}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{81C1F9AB-23FF-4129-9D19-9672C64B36C5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{803DAF28-A6DA-4A89-BABE-FF7023E2AEA7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0BD865EB-63B1-4B4D-A773-BF58D47AD989}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1E709A30-AA45-44FB-8D76-2351C07C9A66}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{193E6E2F-EE1F-4474-AC27-1B8ADDB0E62E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{525B39BA-B08D-49D3-A782-EB95A519981C}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{D3196381-1CB4-4876-9320-49537E282F09}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{88254BF8-6069-4C70-8140-3F7B9B4BC738}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{88DE7E9F-4112-45AA-986E-FDC8B48D1587}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5F9D06CC-5B60-4639-9941-3943C020120F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A1CF8AF7-DDAE-417D-864D-F70624D4476F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8251EC6C-C0BF-4439-B8B2-403A9E2A8C7D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2DB7ED15-D3D1-402F-8F93-048FB905B278}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{642798C1-6A51-4C63-B048-4492E4CF8D70}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F06A14BE-72E0-4547-AD9A-429FB5C03092}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F3FA39BF-EDA2-4892-8953-C08FF74764FA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0E246673-ED26-4835-9713-441413D3556F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{96BC55BF-82FF-4D0F-AD58-EC54DF640E4E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CFB4D4A4-95AC-42D9-AC6B-ED5E423FFF1A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D29E3FE6-A1EE-447C-A14C-FC52818799D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{521D1D77-2013-457B-9194-E27DF4A2C9E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6BAFBB45-39E1-42FA-ABCC-C555A0125841}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E7D819C3-2BC8-41E0-B2D1-750C1FF77698}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0A7AC1DA-E536-42DD-9630-081105811D61}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7B798850-E8C8-420C-A7D5-D8161F0F49C5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3F8EB87D-2C87-4501-AB6B-4AA2CD6F157C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C2FCE69F-4648-4CDC-B1E6-063598FDA035}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{96AA9871-65EF-4FE1-B321-E781A8D7CA95}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D6F2F913-FDBB-400B-B1C4-FAA399AAE2DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{99BECB09-E114-4AA0-9FBF-550D2EF294A1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E899D923-2260-4906-802C-C0D8C6775DFD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{356994F6-344F-4E30-90FD-A3B5319D6C1B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{1C4A272D-7FB3-4B0B-9C91-15AAFE726148}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{872C34D0-90CF-48B3-A23B-3C1F1F84C858}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{39653EDC-68F1-485A-AD41-31CDB3659799}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E811D90B-EBAE-43BD-AEF1-D28BEDBF01DF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6DD55C4B-DBCF-48E0-9EB0-CB9B5FBC4E7C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{82A66646-D571-4A48-B49D-BAF82D0E9EC1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E0EA3815-2517-451B-BF52-8B0474E7A5FA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{64EF9F5E-350C-42C7-80F5-3156CCAB2DDB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DE5431D2-A008-4951-AACE-30E28EE7A762}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{701DAF87-9EDD-4DEE-9216-C3194C3B481F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0C6BB5EB-5B77-4426-A8F7-D92E62BED162}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2E4E7BDE-FDD7-4F8B-AFE2-34EC1D19F256}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1AA9909A-D49E-4940-9F1E-67659A566393}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{93BE3122-F7D9-44E0-8425-682A5A12CD0E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{25CD6E69-7CC2-4F9C-A121-CE2A1FD87C4D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FDD67462-22A2-455E-B913-D68E722FCC1B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{053ED80F-FDEE-4EF7-B453-FD966253E846}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4F99A1B2-45EC-4266-9D99-184FA7658E92}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F9463FBE-8152-429C-8875-4A2E7C1837CC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C9792F39-0713-4BE9-950F-F618064CC04F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6239B9E2-E4DF-4CEB-9939-252156DFD425}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{07054A2B-FAD0-4B40-83C3-96E6C565F9EA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{67A3F5C9-3723-45EF-A572-48A88E96308A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF7033F5-51FB-4FEC-8FEE-35722B2C25AA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8C759ADD-8885-41EA-B69E-01B70429F2D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BE5B6ECD-000D-4F99-B80B-2DB816128766}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DF63E3C7-401F-4135-A770-10631CD009E5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{99BD072B-5D01-47EC-BE8F-A2977378AAC2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4AAF4412-EC54-411D-ACBA-AA5BDCDF0698}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{82FA3423-D442-48FF-99B4-2A42768D24A9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8C6F879B-3CE4-41A5-8074-EE2065BC3107}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{78573AAD-3F22-4768-BC5B-0D6F40913C71}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{25FC11A9-8484-40E7-B6A1-3E5FD927C15C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{024FF0E3-E94D-4884-AB77-FEC294A3CBC8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1289FB64-85EF-4E13-BD8C-9E3F394304CE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5523DB10-174D-4280-AEA3-7059FCEB8548}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A3B7245-2922-4DCC-86C4-4FF1CFB61C44}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A2DB902B-06FA-41D7-8303-586BFD73C5A8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{A99BB29E-FC25-4365-B4DC-3CCD943FCA2F}D:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [TCP Query User{A2A56268-CD6E-4C71-94F9-29D48E9211A8}D:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [{0ED54EDD-4D7F-4A7D-B067-B9F5F4B75A12}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe
FirewallRules: [{0B73A521-13A7-460F-8F92-D51AA9BF99CF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe
FirewallRules: [{67929C45-95AD-4D23-909B-D8248E122422}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CD237B1C-8E03-4B3A-B100-6E1D4C1CE6A2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2CA98FC5-58F8-477D-B406-91A484BA9482}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B23B6031-6E27-4A6A-B503-4D9B920956BE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E41F8433-10BA-4DFA-B965-726195F05D03}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DD5DB46E-64D3-4F3B-A5C6-734137D178E1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2D3BC9DE-C93E-42BB-B44B-E66B403FBB73}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5A43C139-B87B-47F7-9141-C1BC9B6DD258}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9AECC45C-95C5-41AD-AA0D-81CA52896870}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6A28BABC-1419-4B50-95F0-4A182C86BCDA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F93CCE0C-0B4F-4B02-8E6C-ABC0FC05F58F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E2A72312-E038-413F-BB72-B13B4326544E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{F31A934B-4C57-424A-B153-CD49C87944FB}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{D5E3FFE0-4972-42C0-8370-60AB1519875F}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe
FirewallRules: [{1B944E0C-3026-4CC4-8040-049D9D34F901}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{DC8148BF-F2E1-4F74-ADB7-66CD119B0C05}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{7F5BF4BC-5B5C-45B7-9ED3-9EC3A6E3D9F9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{128011BB-422F-470D-A8D4-805169222ADC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FE4A74D5-89A8-468D-9C21-FD796AFC12F9}] => (Allow) C:\steam games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3E2FAE24-A262-46F7-891D-7CCA7F53D551}] => (Allow) C:\steam games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{960BC0EA-6F3E-4BC6-A985-9173D2177C6F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{51619EE3-D3E4-4933-837D-41A5B91FCFB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{5A829C43-FF12-4169-B199-FCF5F80108B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{439D8DC1-D342-4340-82B4-575B70DFBDEE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{120EDC3A-60C1-41B0-966E-D11CA86064EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{E0CD68BE-7FAD-4E24-AE68-24FAB0357539}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{3580A203-40D5-4A96-A1B4-45AC0867C00D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9F0FEADB-D5C1-472A-8D4D-1E80A8D5E64A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{889D0872-51BE-4CB4-ABEA-DFB0908A65B0}] => (Allow) C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34A49D4C-C8FF-4FC4-9FB7-F83E0E618C7A}] => (Allow) C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2AF3655C-8974-49FB-998B-C9B4D2650A17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{7E1B178E-7C32-46D3-9B86-78178880D643}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [UDP Query User{4D356968-01AE-4FBB-BA7B-AF6EDAC1520B}D:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{F58081E3-0574-498E-9FAC-EEBB97B33EB6}D:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{E94E2A04-9F97-4686-B4CF-C81485EC7D31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFC5EA8D-D6C0-4E61-9877-9A261B850D0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76BBB897-D604-4DE3-A4B8-41963C4F6846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E9E62EA9-E7E4-45EA-9B6B-10F70C14A040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A91796F6-FDEC-4DFA-904F-4F74F1595BA1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{98EF6840-15DC-4526-9477-37DC11AA3503}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3FA2EA82-F216-45CD-972C-C7A3C13CDD11}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BBD93A2-0D34-4D7E-A7CC-C5A66FA59D40}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F87B84E9-E8B8-4FD2-9308-695C30E3A2D6}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F6F517CB-B374-4F92-A0E5-0A324F9311AC}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD0E59CA-15C5-45C7-94AE-FBAECA48C575}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3659ED7C-B65F-492D-9944-EBC6C654552E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8748719E-4D58-49DE-901D-73B18881D63E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{975A330F-3D35-4B06-A769-FB045F5CCF0E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{0C5ECF5E-1C45-47B9-8A76-DC101FE067EB}D:\android 6\android studio\jre\bin\java.exe] => (Allow) D:\android 6\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{53BEE8E7-C914-425C-A785-B1C96A4277BC}D:\android 6\android studio\jre\bin\java.exe] => (Allow) D:\android 6\android studio\jre\bin\java.exe
FirewallRules: [{A569FC11-6B1B-4F82-A466-4CA2E4575E11}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{77A29DC3-3638-4EE0-8722-0F38D46ACE75}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{BE8A5F46-FBA5-4F4E-9360-DC2B5144E916}D:\battlenet\battle.net\battle.net.exe] => (Allow) D:\battlenet\battle.net\battle.net.exe
FirewallRules: [UDP Query User{6083A0C4-2AC1-4173-86E8-44076CD66BFA}D:\battlenet\battle.net\battle.net.exe] => (Allow) D:\battlenet\battle.net\battle.net.exe
FirewallRules: [{84AC04F1-F2C0-4A66-AD09-7F41BFFF4D9B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{628D867D-49EC-45B4-AEBE-7ABD7DDED67A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7F645A1B-05C1-488E-9B74-32DC2CA3CEAD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CEB11FB3-B441-48A1-97AB-1CD22BB5A536}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{52BDAEF2-8C85-4D9C-85A4-DB6FDAB796FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{77997588-CD6C-42B4-98C3-F876B388371F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C36B2A87-9120-44EC-9E6C-67B36BA2042E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D27FFBC9-58F2-480D-B9E6-AF018BB948AF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F598910C-AA92-44D9-8F28-55938D03EB2A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F3E7C3DF-0A58-48D3-BFE4-71946FC33824}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{44FFF531-F557-465B-BD13-EB891C88541E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F398F7DE-3176-4AB4-8EEE-77C85EB4622C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9A07209A-07DC-4C6C-8E03-F0E5EE361B4F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{607E721F-46CA-4661-94F4-1280A50A160F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A432EA1F-76F2-4B52-87CB-B2A33EED666A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4AF34F6F-14A3-4C2B-8A28-3E7321125EA6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A58C3AA9-9F5A-4744-A714-6EE4356D4560}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ABAD8BFE-BD47-4976-B6C0-CEB21111CE0A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3C87D170-38B8-4E71-8491-D11EFB57AB3C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{289E1B31-C410-4575-BF9D-CC4D6C016944}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{30655144-D9C7-4BAF-B9F0-E0C0DF843501}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{126E92D7-56E4-48BE-B331-266E9DD5D056}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{39C061ED-3A2F-4547-9A8B-19B6EA784CC0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9614DEF9-9197-4054-9587-3045A728139F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{46D07610-AF04-4954-86E5-92AA7179B623}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6C3F5EDB-DA61-4A77-AD04-7F1320761E54}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A222CBC2-368F-428C-8EE1-CCE5D3DAA250}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{57B6E2CB-0280-4586-A1BB-93A00B347BA2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8E7E242A-5624-455C-AE2D-061E426801FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{A439FCEA-AF04-40F8-AA70-19B56F2AC847}D:\xamp\apache\bin\httpd.exe] => (Allow) D:\xamp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{814DFEEC-F409-4443-806E-39CA76AF034B}D:\xamp\apache\bin\httpd.exe] => (Allow) D:\xamp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{418F769E-052D-45C9-BD4E-3183D197F861}D:\xamp\mysql\bin\mysqld.exe] => (Allow) D:\xamp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{A0F46D4F-0CDB-4F69-899F-AF8963D5F930}D:\xamp\mysql\bin\mysqld.exe] => (Allow) D:\xamp\mysql\bin\mysqld.exe
FirewallRules: [{F8D6319C-04CB-4A34-8C05-110B31DEB9FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{E3A9CF1C-146E-4E78-B3C6-1E4056FF84D6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{61E508C0-DBBC-45F1-9945-F96FC6FC3D64}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{590EE356-EBD4-428C-ABE0-320FB152E66A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F96A014F-F758-40C0-BF6F-6E28F3D92A31}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{75D39D7A-1B5D-4A6F-B05E-32AACE56224C}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{33B13C95-4450-4FF2-822D-1D824A3F0CBC}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{C92DCFEA-D512-4A2D-8578-84DF163A5E53}D:\kokotiny\faceit\faceit.exe] => (Allow) D:\kokotiny\faceit\faceit.exe
FirewallRules: [UDP Query User{AFDAE0BD-E344-462E-9873-AA97EFF74F4F}D:\kokotiny\faceit\faceit.exe] => (Allow) D:\kokotiny\faceit\faceit.exe
FirewallRules: [TCP Query User{01CB3BED-EABE-4ECA-80D3-87A900CFA289}D:\xamp\apache\bin\httpd.exe] => (Allow) D:\xamp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{6AD917AE-FEC9-4A3B-B211-5E07BB7620E8}D:\xamp\apache\bin\httpd.exe] => (Allow) D:\xamp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{64669CE9-37B6-451E-8590-41195FBF1E93}D:\xamp\mysql\bin\mysqld.exe] => (Allow) D:\xamp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{4E75B370-29AE-43A1-8CAC-B9AC36618ADD}D:\xamp\mysql\bin\mysqld.exe] => (Allow) D:\xamp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{C16F9F2B-A035-4468-AA9E-F72C6FFB3B37}C:\users\kolca\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kolca\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C60F33BC-351E-469C-8C7D-5155AA1FD71C}C:\users\kolca\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kolca\appdata\roaming\spotify\spotify.exe
FirewallRules: [{13DC42F8-897A-4989-BA12-88A455945171}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F3F0D64F-D19C-4249-AFE1-9CFE746E4FAF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6D93B2E5-6588-4C36-9251-59A650C4BC52}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{124C9B28-9C2D-4DE1-8D61-118A1EF4B0FA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1D9ED849-B5A8-48BD-8E03-26DB0FB108B4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4245EBE8-A54B-4C0A-8D4C-DDB61DFA8A56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C876BD72-A815-4B81-914A-63851F691160}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{525993E6-AE47-4B42-980B-44D7AF0A5E0A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B379457C-0835-494D-95DD-4F5CB6E467BF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A502A823-898C-46CF-9AC6-913B8C757DE4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{ABBF0593-D1B7-40C5-9C3B-605B167FC597}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{8C208E1B-2CA5-401E-89EB-42E698AEC7E1}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{EB63C905-5444-40BC-9B83-35E1D9CAC56D}D:\kokotiny\overwatch\overwatch.exe] => (Allow) D:\kokotiny\overwatch\overwatch.exe
FirewallRules: [UDP Query User{5573258B-5651-4234-BE09-11E6B06D4B1A}D:\kokotiny\overwatch\overwatch.exe] => (Allow) D:\kokotiny\overwatch\overwatch.exe
FirewallRules: [TCP Query User{5D879012-29C9-463A-B950-7ED3CBC68EA4}D:\kokotiny\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\kokotiny\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{D60105F2-C488-4012-A30A-1E7E2F496F75}D:\kokotiny\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\kokotiny\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{E4AC5A10-5FBD-4031-A420-B67A868F343A}D:\kokotiny\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\kokotiny\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B38E4C08-83C7-4446-B079-E1DA044AE4A1}D:\kokotiny\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\kokotiny\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{31EF9C44-154D-450A-985A-3ACEEB297080}D:\kokotiny\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\kokotiny\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{78B2FF9A-A709-4F4F-A0E4-1C4E26ECEF57}D:\kokotiny\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\kokotiny\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{BE9254A8-1A34-46F0-BD10-FC7C9DC64D24}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D6B9CD1B-28FC-447C-B200-869DF6CBBD9D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EBC3A0C4-4BEA-40B6-A514-281A31BA82F3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7290A761-6EDD-42BC-A8FE-5EB449FFA081}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B75BE2AC-DB6D-4B38-AA2B-6B8ACB498225}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D42805C5-3D40-4547-BD38-D38B923D339C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{85FB7551-1ADF-4536-ADB3-864CB42B6C26}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6D2C4212-8F23-493C-935F-E7E365A72D51}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5ABA9F2C-6D6B-44F8-B98F-F1205DCCC78B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F070F962-766F-4F23-84CE-C764B7A5C1E7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8F4B7B8C-6240-47FA-A68E-64FA128D2121}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{142BE140-227C-4C9A-BA74-FE232FABF10F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BBA86A8F-FD5C-4F72-B36C-1B6611C3BE5A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{347CBE3A-3D0C-488B-9DEA-5087CAC430CE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{F803CF84-6828-4BFA-A420-4E3051F17C4E}D:\javas\node.exe] => (Allow) D:\javas\node.exe
FirewallRules: [UDP Query User{72E40E3B-61ED-4640-BEEE-85F5DB4510A5}D:\javas\node.exe] => (Allow) D:\javas\node.exe
FirewallRules: [{FE3817EC-A8D0-46B4-87BE-285EDABB4303}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8A4671A3-31EB-4DA4-B77D-C237BB34CAAA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{A904C5FA-F09C-4F4C-B5F2-548A27CF016D}D:\javas\node.exe] => (Allow) D:\javas\node.exe
FirewallRules: [UDP Query User{95B93EEA-ED2B-40E4-B852-E854AABAE29F}D:\javas\node.exe] => (Allow) D:\javas\node.exe
FirewallRules: [{B2420A0D-966D-4461-BCDC-D52D37AFEBEB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{80FBD619-4DDE-447F-90E0-CE6A5A6CC53D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DFD5D421-6DC1-4B81-A2EF-9F7A948D3587}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D23FC2E0-7EFE-420A-9446-D1621DBF07C2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{012D44DF-3354-43CA-8CCE-19BE69F54076}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8050E168-C1DF-4DBF-803D-5E41FDB89317}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A7FDCA66-9FDF-4C76-A021-7F22E33A5280}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F216D685-7E6A-4F79-8354-FAF83308DFCD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{01161F17-4DFE-45BE-A1DE-B70141CB8325}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{11C9C456-9625-440D-BD25-4E68DAAA63DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{864397A5-38ED-4532-B4EA-7B831C92E1D8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DB28F00B-4C34-4A60-8B18-0C7387AEDFC9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EEA0CB99-5A10-40C8-A035-1C738FBF6A4E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B695EC77-253B-4F27-A6F2-127A1FF77496}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B6E03E4D-50CC-44F2-9995-3AD80AC19D12}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BFF0EB6C-89F4-4E0E-9B60-96BEC9304377}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C6FD4940-4C18-468C-9F16-4C851EC55084}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C7893A6D-7732-459A-AAE3-C67DCB2D0F22}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{343DC308-122D-4051-9710-D4916EA6A41C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B0251540-3CB2-41E9-AF01-54658704F943}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BB70BB3D-AF0D-44DF-8E83-B197B62954EF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F468AD9F-CD9F-4F63-B15C-A72955F1C6EE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3484ADBF-DE9A-4EB4-AE33-B7BC69BAC9B7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ABD61AFB-2E7E-4ADE-9B29-2F686393E96F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A916E6D9-DD68-489D-9354-03F0E2248EE3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0FD20E65-DE3B-4100-B5DA-24CB45931549}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B07B75EE-46C6-466F-B4D7-06FE2E9A3336}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B8DF066A-7ED7-431E-B09E-37122FA5745F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5C263553-F61F-46C8-B395-BAEAD5116300}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7417539A-BFAE-43B2-ABDF-979A031A229F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3CE8931F-6025-4637-9E3B-BF29D860FE13}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{992CE2BC-806D-4973-9545-ABB9423425CE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EC553B6C-7DC9-4768-9F96-B6DBCB0ABACB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B8640A05-1836-4146-9ADF-CD98501D4D38}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{0E74EEDF-99C7-4261-BD20-E61A7ADDA2E2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A81A8FE7-6615-4C68-B8C0-50C78B30656B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{7AB62D58-BA5C-463B-AD26-5831E0818FD5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{480339E7-2E4F-4A71-8358-A703635904D3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{37C6ABDA-BA66-46A1-A334-2BDAA57335CC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4713B2CA-DFB1-4E96-9A00-2DD27414AA9A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1C789B99-9A0A-46B0-ABB2-4B265C4FB19E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{126F7845-37B7-4263-A64C-1C23EDAE68C2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CB187690-F0C3-49A3-8D7A-C2627C3AF25A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C568B4FF-CCAB-4959-A26F-8C393490E0F6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{383EDA9B-20E2-4A0C-86D0-3D969717A331}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{52C81BC7-9EF3-4791-93E4-4315AD38762B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{17ED79D6-DE35-4293-9C78-AF25AE0E0471}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5197B3F-A924-48F6-90E2-2F719F71C0D9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{897649C8-8421-43D1-B500-AAA9A17540A3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{796EBAB9-9012-48E7-B6C7-8B9AD567D016}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D2EAD715-3FAD-4D08-89B1-9B16E2EF6C8C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0F438FAB-47D2-4AAA-8BDC-E020DDAA1420}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{294685C2-864B-4C8F-B611-16010DB34BC5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6F3CD4EE-8642-41B1-BC4F-E92AF473445A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DF31148C-CE7D-449F-8467-EE6191A7B9EC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F7E6610-2D2C-41DE-BF69-E5D27E896000}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1D14DA3D-FC0C-484B-B388-998E257E02C9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D87857AE-78DB-4D7B-AA30-F2136D37FB77}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{67A1BB9A-385A-41E8-A639-2132FD4C3324}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{003056FC-58D8-4550-BDBC-A8A349588942}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ACC3128A-8D28-4C54-9BC5-25BCD5F65122}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8EC3FE6C-573F-4E53-982A-0A9EBC9F4B8B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A917CCD8-6925-4835-AD59-EFAFADE3ACD4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{36107B29-064B-42D6-937F-FB36B48C2263}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe
FirewallRules: [UDP Query User{B60F76E8-D982-459F-A6A3-7FEFEB442DAD}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe
FirewallRules: [TCP Query User{DEF03D4C-7DB8-4AE8-BCD2-32C606304D02}D:\java\jre\bin\javaw.exe] => (Allow) D:\java\jre\bin\javaw.exe
FirewallRules: [UDP Query User{94B47253-CD2B-48C1-BD8B-F5571AA7E42A}D:\java\jre\bin\javaw.exe] => (Allow) D:\java\jre\bin\javaw.exe
FirewallRules: [{678C361D-21B3-4CED-B45C-05B624A68FF9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1E07A021-73CF-4E43-B300-BA6E997F258C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E0BBDD06-75E8-420D-AB45-9DB84E4960B5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{543738F6-4B49-4CF4-B57C-910589D9BB6F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BDAC6C4C-2E63-471E-83F9-E21C54B82E2A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5B398295-EDE9-4B67-822F-98EF856B8667}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E78F48A5-53F1-47D3-8EAA-1804E0D19AC9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E78E5BFC-911E-4658-98DC-4C0D0BF735F7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3E1F0AD9-F103-411C-A604-D41B93C9D7BB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1C29C206-06A3-49B5-879A-6DF54C15828A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{06F415B2-7C13-4280-BE7E-4A29E3FDB126}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9C5100EB-2B88-4937-AD89-FBC6430346C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{052AE8B3-F15B-4B6D-88B0-AC46706C60E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6A204990-C17B-47CA-9B12-4A67CECF1843}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A05E56A2-441A-49E6-8C85-5ECEA4FB95B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FB2D95AE-ADC8-470D-825A-43708BFADF3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{05E2495F-38D6-4D62-B137-D03684E970C1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{337AD062-A1C3-480F-8EB8-E1EAB7B7DC17}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A4FEB4C-7DB1-4E4A-BF1D-A82B80F0CC47}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{02C9B9CF-C99A-44C3-BD12-4B6B17DCB9FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{20B74F95-8050-4856-8493-C20F1FCE7000}D:\kokotiny\filedrop\filedrop.exe] => (Allow) D:\kokotiny\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F05FC662-8F74-4EFE-8A67-051D830BE8CD}D:\kokotiny\filedrop\filedrop.exe] => (Allow) D:\kokotiny\filedrop\filedrop.exe
FirewallRules: [{A9B4FCF4-3A84-4A69-8879-D0040A6EDBCF}] => (Allow) C:\steam games\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{C5F7F7E9-3F63-4D33-89CB-EB4FCD5BC8DE}] => (Allow) C:\steam games\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [TCP Query User{0FC45C07-E488-440F-9BB7-2E96A1FC826E}C:\steam games\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\steam games\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{0AA23B3A-C0C8-4665-8248-AE6D943CD4C0}C:\steam games\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\steam games\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{A25C5200-AC92-480D-9D01-0651A63777F3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{31280782-84D1-4C52-971C-50E0766E163D}] => (Allow) C:\steam games\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{3CA9E17B-321E-4E39-A625-0BD346D761D7}] => (Allow) C:\steam games\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{EC063E2E-2361-4D7C-9F6E-A55BF7113ED6}C:\steam games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{B23E9959-B75A-40C9-AFFE-51CDB8E25623}C:\steam games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{C68ED896-5F65-4F76-B4CF-5F5E366B1BEA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe
FirewallRules: [{FCBEA318-51E1-4627-8409-11A081894D24}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe
FirewallRules: [{A5FFD46F-C8F8-44EF-868D-FCAEB52C53E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9A4F3D76-F13C-40B1-A5EC-ECF80BCC1DBB}D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F1C4714F-5B0F-4B7F-BA03-5B04044A18F4}D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
FirewallRules: [{14942B03-0EC8-4C7E-B7F3-C320A173A53F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9C765490-3E2C-4AE0-810C-C809C58B3E6D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{281E2CAE-6C75-4EAB-9B03-8693E902E8FA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{38B5B36A-0F0C-4154-8D4F-5863C94C6135}] => (Allow) %systemroot%\system32\alg.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2018 06:31:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000001fa7d617d45
Faulting process id: 0x194
Faulting application start time: 0x01d4097192b1e98f
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 69fb114d-e577-406f-8cab-ebd16f54f470
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/21/2018 11:07:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000001ce70778d45
Faulting process id: 0xe38
Faulting application start time: 0x01d4093cc83a5619
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 5a6a4609-2109-49c9-b343-91161b69e768
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/21/2018 10:25:37 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/20/2018 10:17:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000022958463d45
Faulting process id: 0xce4
Faulting application start time: 0x01d408c31ecda5ec
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: d1dc14d4-4827-49ea-95f1-903e6a1eb7a8
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/20/2018 06:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000001cfbd485d45
Faulting process id: 0x1490
Faulting application start time: 0x01d408a30f6f45ed
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 3fc0a1ef-0dc8-463a-b42b-18171d6b43ca
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/20/2018 03:24:30 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/19/2018 08:45:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000001eddd5b8d45
Faulting process id: 0x2d58
Faulting application start time: 0x01d407f1796d7e93
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 18507002-0fab-4497-a277-492212335107
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/19/2018 06:26:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000002cbcacead45
Faulting process id: 0x32e4
Faulting application start time: 0x01d407e5a0e1bc0a
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: b1af954b-bf23-4429-8ad3-c17bed6e4d78
Faulting package full name: 
Faulting package-relative application ID:


System errors:
=============
Error: (06/21/2018 08:38:55 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 04:41:10 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 04:27:38 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 04:22:02 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 04:20:52 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 01:56:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 01:53:57 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1R365B88)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-1R365B88\kolca SID (S-1-5-21-907423362-3305526511-137660631-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2018 01:31:27 PM) (Source: VDS Basic Provider) (EventID: 5) (User: )
Description: Cannot zero sectors on disk \\?\PhysicalDrive2. Error code: 5@0101000F


Windows Defender:
===================================
Date: 2017-11-24 12:09:28.243
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0
Name: Trojan:Win32/Fuerboos.C!cl
ID: 2147723654
Severity: Severe
Category: Trojan
Path: file:_C:\Users\kolca\AppData\Local\Temp\WIN_6V~1.EXE
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\wscript.exe
Signature Version: AV: 1.257.903.0, AS: 1.257.903.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-11-24 12:09:11.543
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0
Name: Trojan:Win32/Fuerboos.C!cl
ID: 2147723654
Severity: Severe
Category: Trojan
Path: file:_C:\Users\kolca\AppData\Local\Temp\WIN_6V~1.EXE
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\wscript.exe
Signature Version: AV: 1.257.903.0, AS: 1.257.903.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-11-24 12:08:57.055
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0
Name: Trojan:Win32/Fuerboos.C!cl
ID: 2147723654
Severity: Severe
Category: Trojan
Path: file:_C:\Users\kolca\AppData\Local\Temp\WIN_6VBDMP44.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\wscript.exe
Signature Version: AV: 1.257.903.0, AS: 1.257.903.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14306.0, NIS: 2.1.14202.0

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 83%
Total physical RAM: 8060.22 MB
Available physical RAM: 1369.44 MB
Total Virtual: 11132.22 MB
Available Virtual: 2679.2 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:118.13 GB) (Free:11.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:469.34 GB) NTFS

\\?\Volume{bed8f4aa-9ec3-4854-94ee-a5df9cde6919}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{76a05e2c-4712-4d6f-b3b9-06ba6419bb74}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 538A9873)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 538A9868)

Partition: GPT.

==================== End of Addition.txt ============================