CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ka5qcham.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com [Not Found]
FF Extension: No Name - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ka5qcham.default\extensions\{921265c3-88e5-40e1-8d74-df5314572900}.xpi [Not Found]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3323886&octid=EB_ORIGINAL_CTID&ISID=M156D227A-B6F3-4869-A2E3-D78FFB3E96BD&SearchSource=55&CUI=&UM=8&UP=SPFF0B8D81-4902-4EE9-A46D-5736EF79CC0F&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3323886&octid=EB_ORIGINAL_CTID&ISID=M156D227A-B6F3-4869-A2E3-D78FFB3E96BD&SearchSource=55&CUI=&UM=8&UP=SPFF0B8D81-4902-4EE9-A46D-5736EF79CC0F&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.co...79CC0F&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.secci...ix={searchTerms}
CHR Extension: (Cyti Web) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pekmcmfmgcfmahepmlihdogclgaepcpn [2015-01-19]
2015-01-19 14:32 - 2015-01-19 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
2015-01-19 14:30 - 2015-01-19 15:02 - 00000000 ____D () C:\Users\owner\Documents\ProPCCleaner
2015-01-19 14:29 - 2015-01-19 14:29 - 00004360 _____ () C:\Windows\System32\Tasks\WZMOWX
2015-01-19 14:29 - 2015-01-19 14:29 - 00004358 _____ () C:\Windows\System32\Tasks\LHHBL
2013-09-17 10:43 - 2013-09-17 10:43 - 20274484 _____ () C:\ProgramData\RESPXpressUpdate14.zip
2014-07-21 22:47 - 2014-07-21 22:47 - 4120870 _____ () C:\ProgramData\RESPXpressUpdate20.zip
2014-12-15 16:38 - 2014-12-28 15:44 - 16634822 _____ () C:\ProgramData\RESPXpressUpdate26.zip
C:\Users\owner\SetupNI.dll
Task: {00C2502F-C85A-410B-A678-3A8926B9CACF} - \da1eb969-1232-4912-9efc-cbb21be64a86-5 No Task File <==== ATTENTION
Task: {201F327B-6461-4F30-90CD-705105719AB5} - System32\Tasks\WZMOWX => C:\Users\owner\AppData\Roaming\WZMOWX.exe <==== ATTENTION
Task: {414D4EB1-F335-4434-8294-2C289617E339} - \da1eb969-1232-4912-9efc-cbb21be64a86-3 No Task File <==== ATTENTION
Task: {6E60D7BE-F0C4-46BF-B4EC-CBF2F4D9AB4C} - \da1eb969-1232-4912-9efc-cbb21be64a86-2 No Task File <==== ATTENTION
Task: {94C4C5F3-D714-46D4-9656-019B245930FC} - \da1eb969-1232-4912-9efc-cbb21be64a86-4 No Task File <==== ATTENTION
C:\Users\owner\AppData\Roaming\WZMOWX.exe
Task: {B9785BC3-16CD-4CC0-BC34-E35186F751B4} - \da1eb969-1232-4912-9efc-cbb21be64a86-1 No Task File <==== ATTENTION
Task: {BF6EEE63-1240-4FEC-87DC-4052953A586A} - \da1eb969-1232-4912-9efc-cbb21be64a86-10_user No Task File <==== ATTENTION
Task: {CA0DC3C1-2380-481A-BC51-68FCCE984E89} - \da1eb969-1232-4912-9efc-cbb21be64a86-6 No Task File <==== ATTENTION
Task: {CA343D3F-7731-47AE-A871-CC280EDEF437} - System32\Tasks\LHHBL => C:\Users\owner\AppData\Roaming\LHHBL.exe <==== ATTENTION
Task: {CEAC31B7-19EE-4EC8-B372-17A6193CA9B1} - \da1eb969-1232-4912-9efc-cbb21be64a86-5_user No Task File <==== ATTENTION
Task: {D57E298D-70AF-403E-AA79-1856D36068CD} - \da1eb969-1232-4912-9efc-cbb21be64a86-7 No Task File <==== ATTENTION
C:\Users\owner\AppData\Roaming\LHHBL.exe
cmd: bitsadmin /allusers /reset
EmptyTemp: