CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe C:\Program Files (x86)\Mobogenie HKLM\...\Policies\Explorer: [NoControlPanel] 0 GroupPolicy: Group Policy on Chrome detected <======= ATTENTION SearchScopes: HKU\S-1-5-21-262198327-598105851-806630370-1001 -> {2B6A75B4-A1F2-4F8C-BE54-0442A1A44F2A} URL = hxxp://wzeu.ask.com/r?t=v&d=eu&s=uk&l=dir&u=hxxp://uk.ask.com/web?q={searchTerms}&iesrc={referrer:source?}&qsrc=3032&l=dir&o=379 SearchScopes: HKU\S-1-5-21-262198327-598105851-806630370-1001 -> {E5A29759-D79E-4544-9BEE-D59ED3178D74} URL = DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} FF user.js: detected! => C:\Users\Nazeer\AppData\Roaming\Mozilla\Firefox\Profiles\lcz9de7b.default\user.js [2014-12-29] FF SearchPlugin: C:\Users\Nazeer\AppData\Roaming\Mozilla\Firefox\Profiles\lcz9de7b.default\searchplugins\askcom.xml [2014-10-27] Task: {B9D931BB-A6ED-4C25-9D3E-4040E4A82C59} - \EPUpdater -> No File <==== ATTENTION Task: {E79A94FE-2799-4AA8-9EEE-CDDF1BCC5292} - \Voo Update -> No File <==== ATTENTION AlternateDataStreams: C:\Users\Nazeer\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 AlternateDataStreams: C:\Users\Nazeer\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 AlternateDataStreams: C:\Users\Nazeer\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 AlternateDataStreams: C:\Users\Nazeer\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 CMD: bitsadmin /reset /allusers cmd: netsh advfirewall reset cmd: netsh advfirewall set allprofiles state on Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F