start
CloseProcesses:
HKU\S-1-5-21-1864448044-3865198937-871872176-1005\...\MountPoints2: {4263272e-3bbf-11e4-afdd-ec9a74573b2c} - G:\VM_Universal_Installer2-0-2.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...0325AS_5VENN5AH
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...0325AS_5VENN5AH
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istart123...0325AS_5VENN5AH
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...0325AS_5VENN5AH
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istart123...q={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istart123...q={searchTerms}
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istart123.xml
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istart123.xml
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Locked "GrillaPrice" service was unlocked successfully. <===== ATTENTION
R2 GrillaPrice; C:\Program Files (x86)\grillaprice\grillaprice.exe [427008 2014-09-16] () [File not signed]
S1 AntiLog32; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Task: {2D5BF65F-872E-4126-A8B9-29D5F9CAD744} - System32\Tasks\{7BAABC9C-7086-4FA4-BDE5-681BD8017B19} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {34EEF022-C248-430D-AA8C-A379F5839F30} - System32\Tasks\DSite => C:\Users\PHILLI~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {453CB1F1-50C5-45BE-90A6-0E281D18EA88} - System32\Tasks\{E6FA3439-D03E-474A-A864-54E7CEA93455} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {4AA3FA1F-DAAB-4BE0-8531-95ADCB8864B8} - System32\Tasks\{1609BA14-0FED-442D-9170-C04C15F981C5} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {7347B9F7-96F7-47E2-B8CC-95E149C4AD06} - System32\Tasks\{0F7B7E08-1DD9-4AE5-9A9A-08CDDDCD1169} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {7757AC86-3751-4137-8B89-2C6AE04D6990} - System32\Tasks\{11C396B0-D4A0-46CB-A841-EFD6AD7715E4} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {776036F3-5981-44E5-90B4-F14BC339A538} - System32\Tasks\{F3CF654F-0598-47BA-88A3-91DE7AA6C1A3} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {86164C3A-3BEE-4319-8FF8-8BC1C871601E} - \DealPly No Task File <==== ATTENTION
Task: {92A651FB-72ED-4AA0-A27E-201636D45098} - System32\Tasks\{97E5E8F8-2B69-462C-905E-D5975B48C1FB} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {A9399806-F1EC-4110-9B25-B0C5E4E8C01A} - System32\Tasks\{3D9E1804-6740-4300-B671-3239C524921F} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {C215F820-9A4A-4644-993C-720E18C22DB2} - System32\Tasks\{E0A18E8D-F885-4A82-9916-54CFB5E9046C} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {CA837510-E02D-4FCD-B12D-19E8501EC27D} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {DBEB3027-1751-482A-92B8-1444A515378C} - System32\Tasks\{1B7F23FC-C788-4D5A-AE59-92D5BA290952} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {E91AAA25-BB5E-4F0A-A79D-8DE59E869F03} - System32\Tasks\{42A1BE7E-6CCD-4E7E-8C4A-4EB2ABC124B8} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {E93F201D-E8A9-488C-BBCC-F6DBFC28F04B} - System32\Tasks\{82994078-CC11-4AC2-8DC3-2C19C579B5E9} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {EAE3F7D8-A662-4AB8-946C-C4B764C14EA8} - System32\Tasks\{1D7A61D8-B204-4C03-9D41-8731703E7E05} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {F3614D0C-CD89-471C-B6E0-230FA1BE8784} - System32\Tasks\{345E4FE0-B690-4458-BE6A-E2AC593605B9} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {F50E9488-DB86-48E3-9DB1-25D0A03675CD} - System32\Tasks\{F10006ED-B251-4972-840E-25EDFDDCD041} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
2014-10-10 20:51 - 2014-10-10 20:51 - 00002982 _____ () C:\Windows\System32\Tasks\{F3CF654F-0598-47BA-88A3-91DE7AA6C1A3}
2014-10-10 20:51 - 2014-10-10 20:51 - 00002982 _____ () C:\Windows\System32\Tasks\{E6FA3439-D03E-474A-A864-54E7CEA93455}
2014-10-10 20:51 - 2014-10-10 20:51 - 00002982 _____ () C:\Windows\System32\Tasks\{3D9E1804-6740-4300-B671-3239C524921F}
2014-10-10 20:51 - 2014-10-10 20:51 - 00002956 _____ () C:\Windows\System32\Tasks\{11C396B0-D4A0-46CB-A841-EFD6AD7715E4}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{F10006ED-B251-4972-840E-25EDFDDCD041}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{E0A18E8D-F885-4A82-9916-54CFB5E9046C}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{97E5E8F8-2B69-462C-905E-D5975B48C1FB}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{82994078-CC11-4AC2-8DC3-2C19C579B5E9}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{42A1BE7E-6CCD-4E7E-8C4A-4EB2ABC124B8}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{345E4FE0-B690-4458-BE6A-E2AC593605B9}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{1D7A61D8-B204-4C03-9D41-8731703E7E05}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{1B7F23FC-C788-4D5A-AE59-92D5BA290952}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{1609BA14-0FED-442D-9170-C04C15F981C5}
2014-10-10 20:48 - 2014-10-10 20:48 - 00002956 _____ () C:\Windows\System32\Tasks\{0F7B7E08-1DD9-4AE5-9A9A-08CDDDCD1169}
2014-09-29 04:18 - 2014-09-29 04:18 - 00000000 ____D () C:\Program Files (x86)\grillaprice
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\grillaprice" /F
EmptyTemp:
end