Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5142728 2023-01-11] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {538D9A45-4551-42A7-8DB8-FA1CD3228A1A} - System32\Tasks\Firefox Default Browser Agent 255DA52F89B9D88E => C:\Users\nickj\AppData\Roaming\bcetrtf [65440 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
Task: {5EFBC6D8-807D-4A90-A5C5-40434527273E} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]
2022-10-14 10:39 - 2022-10-14 10:39 - 000065440 ___SH (Microsoft Corporation) C:\Users\nickj\AppData\Roaming\bcetrtf
2022-10-14 10:39 - 2022-10-14 10:39 - 000248887 ___SH () C:\Users\nickj\AppData\Roaming\cffurfc
2022-08-07 12:41 - 2022-08-26 18:33 - 000012288 _____ () C:\Users\nickj\AppData\Roaming\emp.bin
FirewallRules: [{DBF89E4D-5E2E-4CB2-BC0F-BF501E2D8992}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F9C2C500-CB5F-4D23-8432-225B6A5E9F3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{056E43EA-7BD5-4DC8-8F36-1A7788C37BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{0CF71CCB-E97D-4A7C-BD1A-7435C0E55FA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{5D678C6E-C7BE-4214-BE5F-9FE0D09F552E}] => (Allow) C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{0D577D49-F25A-40D4-86F7-A8AA8F4026FD}] => (Allow) C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{848B3AC0-16B1-4FBD-96EC-4C38F57EA878}] => (Block) %ProgramFiles%\gow\GodOfWar\GoW.exe => No File
FirewallRules: [{38393313-8E0B-40F9-B525-85955735BE0E}] => (Block) %ProgramFiles% (x86)\Far Cry 5\bin\FarCry5.exe => No File
FirewallRules: [TCP Query User{3F03B0EC-9C96-4228-8E99-AE0D6092B500}C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [UDP Query User{21DDAA7A-54EC-41FA-AB30-E5FD94AB63E8}C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [TCP Query User{8750AC54-5970-40C7-91D8-D1C374CDBCA4}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{3D495BF5-D56F-4137-B9A5-25074073BE8E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{4ACA7A5B-FBDF-442E-856C-97236FF7AF17}C:\program files (x86)\apowersoft\apowermirror\apowermirror.exe] => (Allow) C:\program files (x86)\apowersoft\apowermirror\apowermirror.exe => No File
FirewallRules: [UDP Query User{970298B5-35D5-403C-9FF3-8C0D445ED7CF}C:\program files (x86)\apowersoft\apowermirror\apowermirror.exe] => (Allow) C:\program files (x86)\apowersoft\apowermirror\apowermirror.exe => No File
FirewallRules: [TCP Query User{08C8725B-BF24-43B5-B266-7320F065034B}C:\users\nickj\downloads\[ftuapps.com] - droid transfer v1.53 multilingual portable\p-153dt\droid transfer 1.53\app\droid transfer\droid transfer.exe] => (Allow) C:\users\nickj\downloads\[ftuapps.com] - droid transfer v1.53 multilingual portable\p-153dt\droid transfer 1.53\app\droid transfer\droid transfer.exe => No File
FirewallRules: [UDP Query User{F238933A-8059-41DC-8C15-91B3BFDC9C65}C:\users\nickj\downloads\[ftuapps.com] - droid transfer v1.53 multilingual portable\p-153dt\droid transfer 1.53\app\droid transfer\droid transfer.exe] => (Allow) C:\users\nickj\downloads\[ftuapps.com] - droid transfer v1.53 multilingual portable\p-153dt\droid transfer 1.53\app\droid transfer\droid transfer.exe => No File
FirewallRules: [TCP Query User{1451F2E7-1CBA-40F9-9870-54BD73694828}C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [UDP Query User{2502D889-D3AF-437D-B746-B7511D2864CF}C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [TCP Query User{5A7C1749-FC94-4840-8440-F4D6380CAA7E}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{D3104209-499E-4F94-B798-DBF4B6BB0A24}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{F5DF4DC5-EEEF-4A2B-994A-537F0135A5D4}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe => No File
FirewallRules: [UDP Query User{08C87DED-257B-46DF-938C-04CF7D4FE0EB}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe => No File
FirewallRules: [TCP Query User{6D5F2368-66C7-46DB-A598-E952BCAC15A3}C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe => No File
FirewallRules: [UDP Query User{5181235C-DB72-4864-9877-D55030040B10}C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe => No File
FirewallRules: [TCP Query User{A4D4CBEC-461B-4435-B66D-99917ECEC1D8}C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe => No File
FirewallRules: [UDP Query User{D3D379FA-0F55-48DD-8C8C-6F7742C48E4B}C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\dodi-repacks\far cry 6\bin\farcry6.exe => No File
FirewallRules: [TCP Query User{B7B83CF0-C418-4E0C-A93F-A433886588B0}C:\program files (x86)\unravel two\unraveltwo.exe] => (Block) C:\program files (x86)\unravel two\unraveltwo.exe => No File
FirewallRules: [UDP Query User{5A84C7DE-5B37-48F6-8077-C15A7A251CF1}C:\program files (x86)\unravel two\unraveltwo.exe] => (Block) C:\program files (x86)\unravel two\unraveltwo.exe => No File
FirewallRules: [TCP Query User{566AF2CD-9325-4AD2-BFE4-0B80B4C5BB5E}C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\usbhelperlauncher.exe] => (Allow) C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\usbhelperlauncher.exe => No File
FirewallRules: [UDP Query User{293A1E09-F950-4D50-A1D8-3AFA75F330D0}C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\usbhelperlauncher.exe] => (Allow) C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\usbhelperlauncher.exe => No File
FirewallRules: [TCP Query User{C57544C3-7CB6-4154-B090-9DDE3BF9A891}C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\wiiu_usb_helper_.exe] => (Allow) C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\wiiu_usb_helper_.exe => No File
FirewallRules: [UDP Query User{8862CC36-40B3-470E-A507-86045B8EC550}C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\wiiu_usb_helper_.exe] => (Allow) C:\users\nickj\desktop\wiiu\wii u usb helper 0.6.1.616\wiiu_usb_helper_.exe => No File
FirewallRules: [TCP Query User{4880DEA2-1302-4582-8144-9702AB09A5F2}C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [UDP Query User{08CAB9E0-B04B-4496-B6EB-4D379EDC2E2F}C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [{74CD0F72-A25D-4A9D-8237-08A8AB94BF12}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{0AA0D0E4-A275-410F-AB7C-A4D84E7D85C0}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [TCP Query User{E43159A7-B5B8-44B6-A6D7-B2B4A71524F9}C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Block) C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [UDP Query User{7A57A13F-23CF-4546-97D5-A2B923BBDF71}C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Block) C:\users\nickj\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [TCP Query User{D2D0010F-8358-4612-A0D2-9C44B6208DBE}C:\program files (x86)\dodi-repacks\need for speed heat\needforspeedheat.exe] => (Block) C:\program files (x86)\dodi-repacks\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A0801ACB-01EE-403E-AF70-BC5D0CA97711}C:\program files (x86)\dodi-repacks\need for speed heat\needforspeedheat.exe] => (Block) C:\program files (x86)\dodi-repacks\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [{0D010570-9266-4955-8A40-928AF9947E63}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{D5BAB7D5-8BD2-4736-B302-D3BD22B42C6A}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{D7F83256-202B-4E45-BAB3-8CCFCC6CDE3D}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{C1D6C825-D27F-4BC3-94AD-5A27076189C3}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [TCP Query User{3F067102-C865-40AC-A862-B6D5E347BD24}C:\games\borderlands 2 - remastered\binaries\win32\borderlands2.exe] => (Block) C:\games\borderlands 2 - remastered\binaries\win32\borderlands2.exe => No File
FirewallRules: [UDP Query User{59487FE8-166D-4A63-B9DB-0B34EDB16652}C:\games\borderlands 2 - remastered\binaries\win32\borderlands2.exe] => (Block) C:\games\borderlands 2 - remastered\binaries\win32\borderlands2.exe => No File
FirewallRules: [{BB20E000-0E8D-4051-9A01-81D471817A54}] => (Block) %SystemDrive%\Games\Borderlands 2 - Remastered\Binaries\Win32\Borderlands2.exe => No File
FirewallRules: [{0B988F5D-FEF1-4ECD-8FAE-C59934349631}] => (Block) %SystemDrive%\Games\Borderlands 2 - Remastered\Binaries\Win32\Launcher.exe => No File
FirewallRules: [{472C34FA-862E-47F8-9DAE-D01C81742F61}] => (Block) C:\Program Files (x86)\Borderlands 2 Remastered\Binaries\Win32 => No File
FirewallRules: [{B66A7AD7-7059-4144-90F7-C382D2F34374}] => (Block) %ProgramFiles% (x86)\Borderlands 2 Remastered\Binaries\Win32\Borderlands2.exe => No File
FirewallRules: [TCP Query User{CBAFF51C-07A5-4079-8210-4ECA52D0061C}C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Block) C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe => No File
FirewallRules: [UDP Query User{A05D9D09-BE6D-4626-A5B9-CA97C7D5C4A3}C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Block) C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe => No File
FirewallRules: [{2FA0CC69-1D84-4AB7-8336-3AFD7AA98374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe => No File
FirewallRules: [{608BEEAB-B4A8-4102-8319-75370B96BBC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe => No File
FirewallRules: [{94A6F613-766C-4154-B1CE-7524804209B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe => No File
FirewallRules: [{D0ADDE23-D3EA-477C-B1C7-05A4E4C011DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe => No File
FirewallRules: [TCP Query User{EE7B796D-5AA9-4BA8-9550-309FA07ECBA8}C:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [UDP Query User{A950DF59-F840-4FC7-9B2D-5CEF3D0F0BF4}C:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [{CCDE42D3-21B2-4FC3-8400-4BDF0A41AA01}] => (Block) %SystemDrive%\Games\UNCHARTED - Legacy of Thieves Collection\Launcher.exe => No File
EmptyTemp:
Reboot:
End::