CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-4237451497-277684177-954079173-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Winsock: Catalog9-x64 01 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-11-08] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-11-08] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-11-08] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-11-08] (Lavasoft Limited)
Winsock: Catalog9-x64 05 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-11-08] (Lavasoft Limited)
SearchScopes: HKU\S-1-5-21-4237451497-277684177-954079173-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4237451497-277684177-954079173-1001 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-4237451497-277684177-954079173-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4237451497-277684177-954079173-1001 -> ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
FF ProfilePath: C:\Users\Clegg family\AppData\Roaming\Mozilla\Firefox\Profiles\yvewmshx.default-1437481318584 [not found]
FF user.js: detected! => C:\Users\Clegg family\AppData\Roaming\Mozilla\Firefox\Profiles\9e0cvtmh.default-1445962399300\user.js [2015-11-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => not found
CHR Extension: (Domain Error Helper) - C:\Users\Clegg family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2015-01-18] [UpdateUrl: hxxp://update.mybrowserbar.com/update/wt/gc/domainerrorhelper/update.xml] <==== ATTENTION
U3 idsvc; no ImagePath
C:\Windows\Tasks\{52D21006-5534-EBFC-E28C-10D4E69D77FA}.job
Task: {0588A26D-616E-428E-9926-BEB105A3734B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1B4EA613-3827-4A45-9D00-EE1B44AE5C28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {26444629-7A75-4A38-B17D-0084792075A3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3AC18E74-0C9E-41A4-B9C9-4B2F4EDEF32E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {44B95C6D-C323-4432-8F36-FEBE014AE308} - System32\Tasks\Malware Protection 360 => C:\Program Files (x86)\MalwareProtection360\malwareprotection360.exe
Task: {45A3C338-C000-446A-A2F5-DBC7BED966C4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5E5927C5-4F16-4852-9C20-19C5FABC9B67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {650DA237-D9AD-4342-A150-1D7247FD5B71} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {729AFF42-EFC5-4835-9839-AE3573347C9E} - \{52D21006-5534-EBFC-E28C-10D4E69D77FA} -> No File <==== ATTENTION
Task: {7C7631CA-7561-4B2C-BD10-E63C259D9C49} - System32\Tasks\Bing Powered Search macet => Wscript.exe "C:\ProgramData\{1884DDE7-92C6-5721-1400-C9638E4242AD}\caso.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b31383834444445372d393243362d353732312d313430302d4339363338453432343241447d5c6c6564656365" "433a5c50726f6772616d446174615c7b31383834444445372d393243362d353732312d313430 (the data entry has 78 more characters).
Task: {7E4063D3-45CC-49D8-B379-038DE1702E29} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C204DD9-E48B-4E49-887E-D64C570943D5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A07DB0E7-E339-420B-A943-B43114099BFA} - System32\Tasks\Malware Protection 360 Updater => C:\Program Files (x86)\MalwareProtection360\updater.exe
Task: {A82A716D-6BB5-4F5F-8FFE-4FEC6B0F5348} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B908FDDC-4BED-4B9D-A5FB-E427DB57389E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E5BB204E-0A30-4584-87A2-014B84FC6FC2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EBA04E1B-C3EF-4118-9A13-F0B0E3E86BC9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F7F8F8DC-5C39-4F8D-AE39-2F627BA9A4CC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bing Powered Search macet.job => Wscript.exe  C:\ProgramData\{1884DDE7-92C6-5721-1400-C9638E4242AD}\caso.txt <==== ATTENTION
Task: C:\WINDOWS\Tasks\{52D21006-5534-EBFC-E28C-10D4E69D77FA}.job =>
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [346]
C:\Program Files (x86)\MalwareProtection360
C:\ProgramData\{1884DDE7-92C6-5721-1400-C9638E4242AD}
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
Hosts:
EmptyTemp: