CreateRestorePoint: HKU\S-1-5-21-128144278-2142202361-184960113-6528\...\Policies\Explorer: [ForceStartMenuLogOff] 1 HKU\S-1-5-21-128144278-2142202361-184960113-6528\...\Policies\Explorer: [NoSimpleStartMenu] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7501\...\Policies\Explorer: [ForceStartMenuLogOff] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7501\...\Policies\Explorer: [NoSimpleStartMenu] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7818\...\Policies\Explorer: [ForceStartMenuLogOff] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7818\...\Policies\Explorer: [NoSimpleStartMenu] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7823\...\Policies\system: [HideLogonScripts] 0 HKU\S-1-5-21-128144278-2142202361-184960113-7823\...\Policies\Explorer: [ForceStartMenuLogOff] 1 HKU\S-1-5-21-128144278-2142202361-184960113-7823\...\Policies\Explorer: [NoSimpleStartMenu] 1 HKU\S-1-5-21-128144278-2142202361-184960113-6528\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-128144278-2142202361-184960113-7501\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-128144278-2142202361-184960113-7818\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3339490808-3639073983-2094825787-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: [S-1-5-21-128144278-2142202361-184960113-6528_classes] ATTENTION => Default URLSearchHook is missing URLSearchHook: [S-1-5-21-128144278-2142202361-184960113-7501_classes] ATTENTION => Default URLSearchHook is missing URLSearchHook: [S-1-5-21-128144278-2142202361-184960113-7818_classes] ATTENTION => Default URLSearchHook is missing URLSearchHook: [S-1-5-21-128144278-2142202361-184960113-7823_classes] ATTENTION => Default URLSearchHook is missing URLSearchHook: [S-1-5-21-3339490808-3639073983-2094825787-1000_classes] ATTENTION => Default URLSearchHook is missing URLSearchHook: [S-1-5-21-3339490808-3639073983-2094825787-501_classes] ATTENTION => Default URLSearchHook is missing SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-6528 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-6528 -> {607134AA-364D-494B-A301-B0783AFF2C36} URL = hxxp://www.search.ask.com/web?tpid=YSI2&o=APN10114&pf=V5&p2=%5EA5P%5EYYYYYY%5EYY%5EUS&gct=sb&itbv=12.10.2.4125&apn_uid=ec3abecf-fe39-48ed-abe3-6fd7cdd731f1&apn_ptnrs=%5EA5P&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=ff_14.0.1&doi=2013-05-28&trgb=IE,FF&q={searchTerms}&psv= SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-6528 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=8jx78Kd1BjePwOrHqDCXQs-0bQA?q={searchTerms} SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-6528 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-7501 -> {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-7818 -> DefaultScope {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-7818 -> {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-7823 -> DefaultScope {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-128144278-2142202361-184960113-7823 -> {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1000 -> DefaultScope {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1000 -> {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1002 -> {49CD67EF-2CE1-4B77-966B-D3E61841FF7A} URL = SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1002 -> {C2FCC1C2-AB2D-22B1-04E5-91AD1ADD53D1} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF SearchScopes: HKU\S-1-5-21-3339490808-3639073983-2094825787-1002 -> {CC8A5FCB-415E-48BB-8538-E0D44D221918} URL = hxxp://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1 Handler: WSWSVCUchrome - No CLSID Value FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] S2 Intel® PROSet Monitoring Service; no ImagePath S3 MBAMProtector; no ImagePath S3 MBAMWebAccessControl; no ImagePath Task: {78E809F0-0F67-4FAE-8FD7-80C013D05AA3} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe C:\Program Files (x86)\Tuneup computer Task: {83B65A7F-28C0-4522-8255-6B75597A13DA} - \IE_ERR4WDR -> No File <==== ATTENTION Task: {87018814-311E-474C-9082-9E23D1AFDE07} - \boosterpop -> No File <==== ATTENTION Task: {941C5442-7F2B-4651-8074-C5B278AF8D0C} - \UPDTEXE4_WDR -> No File <==== ATTENTION Task: {A7A6CE66-33CC-4B4B-B201-3EDE78A7B89A} - \ProgramRefresh-ATFST -> No File <==== ATTENTION Task: {EEFCB6DF-F3F0-4CED-9341-31ECECF1079A} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe Task: {F8E8F0A3-950A-4A14-9F98-F09CF38D9CF0} - \ProgramUpdateCheck -> No File <==== ATTENTION Task: {F93A6F3F-6194-4E23-8713-76B9427A830F} - \HDNINSTSCHD -> No File <==== ATTENTION C:\Program Files (x86)\Autonomy AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:104 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:170 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:292 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3204 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3255 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3356 HKU\S-1-5-21-3339490808-3639073983-2094825787-1002\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION HKU\S-1-5-21-3339490808-3639073983-2094825787-1002\Software\Classes\exefile: "%1" %* <===== ATTENTION CMD: bitsadmin /reset /allusers CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state on Hosts: EmptyTemp: