CreateRestorePoint
HKU\S-1-5-21-1005702875-2867343273-3648438979-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1005702875-2867343273-3648438979-1000\...\MountPoints2: {11b63904-7ec7-11e1-8627-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-1005702875-2867343273-3648438979-1000\...\MountPoints2: {3edb277e-8539-11e1-8aef-50e549efcbc9} - F:\win\setup.exe -phs
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000 -> {E1961221-6867-4DBB-859C-76B4A70DB074} URL = http://websearch.ask...83-F8A88031C2AD
BHO-x32: No Name -> {55dd5cf4-940a-4b5c-8a0b-76ba5ce03624} ->  No File
Toolbar: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1428278731&from=wpc&uid=WDCXWD2002FAEX-007BA0_WD-WMAWP033796937969"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (GOOSaVe) - C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nabkmablgahkhjopmebkpljibidcllif [2014-09-17]
S2 fdfcd97f; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll",serv
2015-04-06 10:04 - 2015-04-13 22:34 - 00000000 ____D () C:\Program Files (x86)\UpgradeLeader
2015-04-06 10:03 - 2015-04-13 22:34 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-04-06 10:03 - 2015-04-13 22:34 - 00000000 ____D () C:\Program Files (x86)\World Clocks
2015-04-06 10:03 - 2015-04-06 10:03 - 00000000 ____D () C:\ProgramData\12908854191660382760
2015-04-06 10:02 - 2015-04-06 10:02 - 00000000 ____D () C:\ProgramData\knjnckdkedfkaenjhjnpbfmjpmhblilh
2015-04-06 09:39 - 2015-04-13 22:34 - 00000000 ____D () C:\Program Files (x86)\SaleePlus
2015-04-06 09:39 - 2015-04-06 09:39 - 00000000 ____D () C:\ProgramData\agjikjdcddnfgbeoadkpnledgmfeinjd
2013-10-10 08:42 - 2013-10-10 08:42 - 0004867 _____ () C:\ProgramData\zmlomobd.kxh
CustomCLSID: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Timothy\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Timothy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Timothy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1005702875-2867343273-3648438979-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Timothy\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Hosts:
EmptyTemp: