CreateRestorePoint:
URLSearchHook: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 - (No Name) - {5c4cae29-c754-4ca3-89e1-90b82459159a} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
FF Extension: ImTranslator - C:\Users\K8\AppData\Roaming\Mozilla\Firefox\Profiles\i2wpgulv.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-02-04] [not signed]
FF Extension: Expat Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2013-01-21] [not signed]
FF Extension: No Name - C:\Program Files (x86)\AmiExt\ZipEnhancer\ff [not found]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-21] [not signed]
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
SearchScopes: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
SearchScopes: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
Toolbar: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1979942456-1899798866-1313390409-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HomePage: Default -> hxxp://www.cassiopessa.com/?f=1&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
CHR StartupUrls: Default -> "hxxp://www.cassiopessa.com/?f=7&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=","hxxp://www.istartsurf.com/?type=hp&ts=1440006273&z=0dc21b5e62445576e3b209cgczbz1e9ebecq0g5m1c&from=tugs&uid=HitachiXHTS545025B9A300_100310PBN2043SGPTBVTX"
CHR DefaultSearchURL: Default -> hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_42&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEyEtBtB0FyE0EtAyB0EtN0D0Tzu0StCtAzztDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0ByDtD0F0E0DyBtGyDzztB0DtG0A0EzzzztGyC0C0BtBtGzyzy0EtAtBzy0F0A0DtAyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Fzz0BtDyDtCyD0EtGyCtByCtBtGyEtB0B0FtG0B0FtD0EtG0CtD0FzztD0C0EzyyEtAtB0D2QtN0A0LzutB&cr=1060497259&ir=
CHR DefaultSearchKeyword: Default -> cassiopesa.com
CHR HKU\S-1-5-21-1979942456-1899798866-1313390409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\K8\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bjeikeheijdjdfjbmknpefojickbkmom] - C:\Program Files (x86)\OfferBox\OfferBoxChromeExtension.crx <not found>
2011-06-14 09:52 - 2011-06-14 09:52 - 0000000 _____ () C:\Users\K8\AppData\Local\{F9F8B4B1-2DDA-4F07-98C9-F7E19911AE2F}
Task: {72DCFD61-3B61-46D5-988C-999C8AE79827} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.02\OptProLauncher.exe <==== ATTENTION
Task: {81544D99-FB9E-4B6D-B2CF-EC641CDDBB07} - \cfr3011 -> No File <==== ATTENTION
Task: {A5C7B997-3C10-4A2D-9A3C-0C974005C4EC} - \MixVideoPlayer Update -> No File <==== ATTENTION
C:\Program Files (x86)\Optimizer Pro 3.02
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers