CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [NoCDBurning] 0
ShellExecuteHooks:  - {56F9679E-7826-4C84-81F3-532071A8BCC5} -  No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
ProxyServer: [.DEFAULT] => ftp=192.168.0.1:23;http=192.168.0.1:80
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {55BF085E-B9D8-4A5A-A701-9B6A3A79C28D} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20150405&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google 
Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]
S2 adfs; no ImagePath
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; no ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job
Task: C:\WINDOWS\Tasks\At1.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At2.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At3.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At4.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At5.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At6.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At7.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At8.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\WINDOWS\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51 [124]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [220]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD [149]
AlternateDataStreams: C:\Documents and Settings\Milisa\My Documents\Files named ablog jemima and hitler .fnd:{4c8cc155-6c1e-
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: