Start::
CloseProcesses:
CreateRestorePoint:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {8664DE82-3409-44EF-AC76-7A24804D3662} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
FF NewTabOverride: Mozilla\Firefox\Profiles\zmh62i5e.default -> Enabled:
Search_Defender_yYxTkYUDSW@www.searchdefenderprime.com
FF Extension: (Search Defender) - C:\Users\Lillian\AppData\Roaming\Mozilla\Firefox\Profiles\zmh62i5e.default\Extensions\Search_Defender_yYxTkYUDSW@www.searchdefenderprime.com.xpi [2019-08-05]
FF Extension: (Search Defender) - C:\Users\Lillian\AppData\Roaming\Mozilla\Firefox\Profiles\zmh62i5e.default\Extensions\Search_Defender_yYxTkYUDSW@www.searchdefenderprime.com.xpi [2019-08-05]
FCheck: C:\WINDOWS\system32\eac_usermode_3175762292993092.dll [2019-05-31] <==== ATTENTION (zero byte File/Folder)
CustomCLSID: HKU\S-1-5-21-520046137-1738454763-4209218755-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xC1A89939B6EBD3010E50F79C3DECD301020000002400000000000000 => No File
ShortcutWithArgument: C:\Users\Lillian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
AlternateDataStreams: C:\Users\Lillian\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
FirewallRules: [{9C15C379-0EB7-4386-A6C5-8B31BA37FDD5}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{E1984601-82AB-4C30-884C-68A37BCB7CDB}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{6B0F6E54-AB92-48DF-B4FD-82BD74203E7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0954DE90-F8DD-41AF-B47D-7B9EF580A312}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1AB2CD83-2AFF-466E-ADAE-E5664EA8CF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bendy and the Ink Machine\BATIM.exe No File
FirewallRules: [{42292E58-D1FB-4645-A378-AD1E47D6632A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bendy and the Ink Machine\BATIM.exe No File
FirewallRules: [TCP Query User{B06C0B1C-2AAF-4F3C-8F1F-ACA2E7A33103}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File
FirewallRules: [UDP Query User{60AD65A8-D6CB-48D1-B44E-12A2DA8F7534}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File
FirewallRules: [TCP Query User{5496ADFC-BF8F-4172-9BD1-26054AFD7BC4}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{76689C82-F7CC-4390-BA79-99FC25AFA603}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [{D303FC5B-CA57-4203-A0C3-58F21B67958C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
EmptyTemp:
C:\Windows\Temp\*.*
End::