CloseProcesses:
CreateRestorePoint:
EmptyTemp:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\Users\kshug\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\kshug\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\kshug\AppData\Local\Temp:$DATA​ [34]
FirewallRules: [{CDA15F3F-62E3-455E-9EE5-8E81AA599352}] => (Block) D:\origin games\fifa 17 demo\fifa17_demo.exe => No File
FirewallRules: [{C2991E81-55B7-423A-9FC4-DEA408D02D68}] => (Block) D:\origin games\fifa 17 demo\fifa17_demo.exe => No File
FirewallRules: [UDP Query User{5D890334-9409-4ACE-9181-DBC7DE29F66D}D:\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\origin games\fifa 17 demo\fifa17_demo.exe => No File
FirewallRules: [TCP Query User{1AECE782-7839-4BC0-A45F-4200B35EF042}D:\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\origin games\fifa 17 demo\fifa17_demo.exe => No File
FirewallRules: [{B33A6BC1-E348-4930-B93F-AE32A502E077}] => (Allow) D:\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{7A17F8E8-7933-4151-9C48-46767D634817}] => (Allow) D:\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe => No File
FirewallRules: [TCP Query User{28D71F24-046D-4776-9616-7C97FFBEBBAB}C:\users\kshug\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\kshug\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{09A0E84D-9A22-4617-AE3C-A2EFEA70F142}C:\users\kshug\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\kshug\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [{79CD44D5-B2C8-4960-8B7F-192EEA376D69}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{14CDCE8F-7C32-42CA-879A-075E16414BC5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{2EC31E07-24D1-4EB1-B91B-F8C0D7F50EA5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [TCP Query User{4A71BC98-EDA4-4755-A79F-584004A72797}C:\users\kshug\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\kshug\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{7C3487AF-B25C-4F33-BBB8-956CE75C106F}C:\users\kshug\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\kshug\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [{05D28566-2C09-476D-84E7-B32A11BFC836}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{1E164924-F77A-4697-9DE6-5045CEF65CDE}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{2592FC21-EB57-48FF-AF99-3AABEE45AA46}] => (Allow) D:\STEAM\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{E4345B45-9FC9-4A51-9E63-56D245E4D5CA}] => (Allow) D:\STEAM\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{659925E8-9B0D-4650-88E3-FC7B2CE15545}] => (Allow) D:\STEAM\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{DF907B58-DB13-447F-BAE8-B993FAA7377E}] => (Allow) D:\STEAM\steamapps\common\Warframe\Warframe.exe => No File
Zip: C:\WINDOWS\Minidump\052120-8984-01.dmp
BootExecute: autocheck autochk * sdnclean64.exe
Task: {48A54F7C-6CCE-4F20-B067-0677A81AF381} - System32\Tasks\Opera scheduled Autoupdate 1574217031 => C:\Users\kshug\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-13] (Opera Software AS -> Opera Software)
Tcpip\..\Interfaces\{22172dc0-1a3b-4086-aae2-7b96d2075514}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{6d91c642-98f0-4a23-b12c-69bc3009460e}: [DhcpNameServer] 192.168.0.1
HKU\S-1-5-21-3412561105-3657223316-701822602-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.home-gopo.com/
HKU\S-1-5-21-3412561105-3657223316-701822602-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3412561105-3657223316-701822602-1001 -> DefaultScope {B4F3E235-D302-4FA5-8AA4-8D300271C6DF} URL = hxxp://www.surf-uk.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3412561105-3657223316-701822602-1001 -> {B4F3E235-D302-4FA5-8AA4-8D300271C6DF} URL = hxxp://www.surf-uk.com/search?q={searchTerms}
StandardProfile\AuthorizedApplications: [D:\PROGRAMS\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [D:\PROGRAMS\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [D:\PROGRAMS\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [D:\PROGRAMS\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
RemoveProxy:
StartBatch:
cd C:\WINDOWS\system32\config\systemprofile\AppData\Local
mkdir TileDataLayer
cd TileDataLayer
mkdir Database
EndBatch: