CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [Yahoo Messenger] => [X] HKLM\...\Policies\Explorer: [NofolderOptions] 0 HKU\S-1-5-19\...\RunOnce: [] => [X] HKU\S-1-5-20\...\RunOnce: [] => [X] HKU\S-1-5-18\...\RunOnce: [] => [X] HKU\S-1-5-18\...\RunOnce: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKLM-x32 -> DefaultScope {C400F16B-3499-4CD5-86BC-A0BE1D81253D} URL = SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> DefaultScope {77C3623A-9765-4AB0-B2C2-611D03207D76} URL = SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1AC8606C662726D9&affID=128493&tt=120814_new&tsp=5338 SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> {77C3623A-9765-4AB0-B2C2-611D03207D76} URL = BHO: surf and keep -> {93C4E64C-C62A-3C22-8627-5A3D4F13CCFB} -> C:\Program Files (x86)\surf and keep\Br7NRlBO.x64.dll No File BHO-x32: surf and keep -> {93C4E64C-C62A-3C22-8627-5A3D4F13CCFB} -> C:\Program Files (x86)\surf and keep\Br7NRlBO.dll No File C:\Program Files (x86)\surf and keep CHR Extension: (UaniiiDealse) - C:\ProgramData\ckodapadhkajnnmimaeclnbennikekbf\ [] CHR Extension: (UaniiiDealse) - C:\ProgramData\ckodapadhkajnnmimaeclnbennikekbf\ [] Folder: C:\Users\Anuj\Documents\h Folder: C:\Users\Anuj\Documents\j Folder: C:\Users\Anuj\Documents\jprogram1 Folder: C:\Users\Anuj\Documents\javaprogram1 Folder: C:\Users\Anuj\Documents\javaprog1 C:\ProgramData\mssrdb.exe HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver" EmptyTemp: CMD: bitsadmin /reset /allusers cmd: netsh advfirewall reset cmd: netsh advfirewall set allprofiles state on Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset