start
CreateRestorePoint:
(Pokki) C:\Users\MLovelace\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Pokki) C:\Users\MLovelace\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\MLovelace\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\MLovelace\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3033112 2015-03-13] ()
HKU\S-1-5-21-3167926667-1796584909-2833572386-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3167926667-1796584909-2833572386-1001\...\RunOnce: [Application Restart #6] => C:\Users\MLovelace\AppData\Local\Pokki\Engine\HostAppService.exe [7853056 2015-05-05] (Pokki)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3167926667-1796584909-2833572386-1001 -> DefaultScope {4CDE43E2-EBAE-11E4-826F-E82AEA2CC0D0} URL = http://search.homepa...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3167926667-1796584909-2833572386-1001 -> {147A3085-558F-421B-8974-3D87E7422526} URL =
SearchScopes: HKU\S-1-5-21-3167926667-1796584909-2833572386-1001 -> {4CDE43E2-EBAE-11E4-826F-E82AEA2CC0D0} URL = http://search.homepa...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3167926667-1796584909-2833572386-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...fr&d=2014-11-18 17:59:18&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-01-31] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
2015-05-17 22:04 - 2014-10-11 10:06 - 00000000 ____D () C:\Users\MLovelace\AppData\Local\Pokki
C:\Users\MLovelace\AppData\Local\Temp\oct*.tmp.exe
2014-11-18 18:59 - 2015-03-13 09:53 - 03033112 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
IE trusted site: HKU\S-1-5-21-3167926667-1796584909-2833572386-1001\...\avg.com -> hxxps://mysearch.avg.com
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
EmptyTemp:
CMD: bitsadmin /reset /allusers
end