CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1002 -> DefaultScope {9D63AF3F-1559-43AB-B453-3E1EB40F2B44} URL = http://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_secureddownload_15_04_ie&cd=2XzuyEtN2Y1L1QzuyBtDtCzzzz0BzztBtCtCtAyEzytDyBtBtN0D0Tzu0StCtCtCyEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzyzyyDyD0AyE0AtGzytCzyzytGzyyCtAtAtGtDyE0AtCtGtBtDtAyC0AyEtAtD0EyCyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EyBtC0AtCtC0AtGyBzzyE0AtGyEyCyDtCtGzyyEzzyBtG0A0B0FtB0DyD0AyEtAyEtBzy2Q&cr=1491066917&ir=
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1002 -> {89063143-16D3-4178-9C3B-1CDEC5AABEB4} URL = 
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1002 -> {9D63AF3F-1559-43AB-B453-3E1EB40F2B44} URL = http://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_secureddownload_15_04_ie&cd=2XzuyEtN2Y1L1QzuyBtDtCzzzz0BzztBtCtCtAyEzytDyBtBtN0D0Tzu0StCtCtCyEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzyzyyDyD0AyE0AtGzytCzyzytGzyyCtAtAtGtDyE0AtCtGtBtDtAyC0AyEtAtD0EyCyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EyBtC0AtCtC0AtGyBzzyE0AtGyEyCyDtCtGzyyEzzyBtG0A0B0FtB0DyD0AyEtAyEtBzy2Q&cr=1491066917&ir=
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1008 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1008 -> {89063143-16D3-4178-9C3B-1CDEC5AABEB4} URL = 
SearchScopes: HKU\S-1-5-21-1161381707-4004551611-1247331581-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US636D20141224&p={SearchTerms}
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Vosteran
FF Keyword.URL: https://search.yahoo.com/search?fr=mcafee&type=B111US636D20141224&p=
FF Homepage: hxxp://vosteran.com/?f=1&a=vst_secureddownload_15_04_ie&cd=2XzuyEtN2Y1L1QzuyBtDtCzzzz0BzztBtCtCtAyEzytDyBtBtN0D0Tzu0StCtCtCyEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzyzyyDyD0AyE0AtGzytCzyzytGzyyCtAtAtGtDyE0AtCtGtBtDtAyC0AyEtAtD0EyCyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EyBtC0AtCtC0AtGyBzzyE0AtGyEyCyDtCtGzyyEzzyBtG0A0B0FtB0DyD0AyEtAyEtBzy2Q&cr=1491066917&ir=
FF NewTab: about:newtab
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor [Not Found]
S2 0178581421713826mcinstcleanup; C:\Users\ann_000\AppData\Local\Temp\017858~1.EXE [836168 2014-03-13] (McAfee, Inc.)
C:\Users\ann_000\AppData\Local\Temp\017858~1.EXE
2013-08-23 08:30 - 2013-08-23 08:30 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-08-23 08:27 - 2013-08-23 08:28 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-08-23 08:28 - 2013-08-23 08:28 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-08-23 08:27 - 2013-08-23 08:27 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-08-23 08:29 - 2013-08-23 08:29 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
cmd:type C:\Users\ann_000\AppData\Local\killertool.log
cmd:type C:\WINDOWS\errord.log
cmd:type C:\WINDOWS\error.log
EmptyTemp: