CreateRestorePoint:
HKLM-x32\...\runonceex: [Flags] => 
HKLM-x32\...\runonceex: [Title] => UnHackMe Rootkit Check
HKU\S-1-5-21-2418151325-680678365-4071922823-1001\...\MountPoints2: F - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2418151325-680678365-4071922823-1001\...\MountPoints2: {6073ecfa-09ed-11e0-b96c-806e6f6e6963} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2418151325-680678365-4071922823-1001\...\MountPoints2: {789f252d-b893-11e1-95ae-d48564179193} - E:\Autorun.exe /s
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not found
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2418151325-680678365-4071922823-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2418151325-680678365-4071922823-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-2418151325-680678365-4071922823-1001 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
URLSearchHook: HKU\S-1-5-21-2418151325-680678365-4071922823-1001 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {2D21A907-C1FE-4CBE-A9F4-CD8441B29B1E} URL = 
SearchScopes: HKU\.DEFAULT -> {33532E57-ED6E-4D55-A0B4-A91A2D3A7A46} URL = 
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-2418151325-680678365-4071922823-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2418151325-680678365-4071922823-1001 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
Handler: viprotocol - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin HKU\S-1-5-21-2418151325-680678365-4071922823-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Me\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-2418151325-680678365-4071922823-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll No File
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\yubur1s0.default\Extensions\iobitascsurfingprotection@iobit.com [2015-04-30]
2015-06-07 03:00 - 2015-05-15 01:12 - 00000376 _____ C:\Windows\Tasks\REGSERVO.job
2015-06-02 16:24 - 2013-11-21 03:21 - 00000000 ____D C:\ProgramData\ProductData
2015-06-16 18:37 - 2012-06-30 14:58 - 00000000 ____D C:\Users\Me\AppData\Roaming\IObit
2015-06-16 18:37 - 2012-06-30 14:58 - 00000000 ____D C:\ProgramData\IObit
2015-06-09 19:39 - 2015-04-16 02:00 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Me
2013-09-15 02:25 - 2014-06-04 15:11 - 0003710 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2012-01-23 21:52 - 2012-01-23 21:52 - 0001854 _____ () C:\Users\Me\AppData\Roaming\GhostObjGAFix.xml
Task: {149159FA-6936-4264-924C-8489A5FE5627} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {350C7E68-0AA0-4C1B-B0DA-A02DDD25FEC2} - System32\Tasks\Driver Booster SkipUAC (Me) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {A8E22EB9-48CE-4B28-BAD0-8A842C9A0529} - System32\Tasks\{1629ABD6-14D9-448D-B81E-EFB00FFAFA54} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB2467173.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare 6" -c /quiet /norestart
Task: {B11B24C1-AF41-494D-B010-04FD2CDF11E3} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {BDF0B3B6-B2CF-4699-9BAF-21AEA1C596DB} - System32\Tasks\{27BA5220-A105-426D-A5DB-D37B5A0B0E49} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-06-08] (IObit)
Task: {C664EE58-FD55-471E-A5B8-38FC4ACBBD3A} - System32\Tasks\DSite => C:\Users\Me\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C731D637-78CF-4CF7-B14C-37204159A07D} - \Updater19962.exe No Task File <==== ATTENTION
Task: {E52EE3AC-CBBB-4062-B918-C2C860668405} - \Advanced System Protector No Task File <==== ATTENTION
Task: {E9C03BB7-2450-4EB6-AD37-CF3092352422} - System32\Tasks\REGSERVO => C:\Program Files\REGSERVO\REGSERVO.exe <==== ATTENTION
Task: {FFC41751-65C9-4A5C-B98F-7BA1F24E4A56} - System32\Tasks\Uninstaller_SkipUac_Me => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: C:\Windows\Tasks\REGSERVO.job => C:\Program Files\REGSERVO\REGSERVO.exe-t C:\Program Files\REGSERVO\REGSERVO.exe <==== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile:  <===== ATTENTION!
HKU\S-1-5-21-2418151325-680678365-4071922823-1001\Software\Classes\exefile:  <===== ATTENTION!
C:\Program Files (x86)\AVG SafeGuard toolbar
C:\PROGRA~2\SearchProtect
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Users\Me\AppData\Roaming\DSite
C:\Program Files\REGSERVO
C:\Program Files (x86)\PC Tools Firewall Plus
C:\Users\Me\AppData\Roaming\PCToolsFirewallPlus
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Hosts:
EmptyTemp: