CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
AppInit_DLLs:  c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => No File
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
BHO: topdeall -> {479BB518-CE65-F750-177B-EE5A92D47E59} -> C:\ProgramData\topdeall\C_GuM.x64.dll => No File
BHO: ShoppEruMoaSteru -> {9144C879-0561-1CFC-5239-BEAED17C74DE} -> C:\ProgramData\ShoppEruMoaSteru\Lg.x64.dll => No File 
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9leutqkn.default -> Conduit Search 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9leutqkn.default -> Conduit Search
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\!vitruvian-autoenable.js [2014-01-13] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\vitruvian-autoenable.cfg [2014-01-13] <==== ATTENTION
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPD1DE92E4-508D-40A3-B314-DE03A7EECD00&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms} 
CHR HKLM\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-10-01]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-10-01]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-06-17]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-06-17]
U3 idsvc; no ImagePath
C:\Users\Johnny\Symbols.cmd
Task: {100504A8-60E5-4DBD-943C-90047DA2E201} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {10C9FCCF-7551-415F-8166-85DDFCE2AF11} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1256A02B-C010-477C-B0F4-D263222FA24E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {185991F2-85F3-4B8B-A164-81327E3DB60F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {27FBA111-E88C-4BFF-BDE6-2D33E71AC17E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2C2AC6FB-8A06-444F-A4EC-258763070F9F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {35A3F9F3-1DDC-439C-A3C6-20392C5EEB2B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {43E235DF-739A-4A99-BFF9-28C91187A8C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {613F3D00-F6FF-4DCD-B69F-FD6FD8499844} - \TidyNetwork Update -> No File <==== ATTENTION
Task: {839B8ACE-7DB1-4290-8D78-8F7F7EC08D8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8690C975-68A6-4268-8343-2739680FBEBF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A191C8DB-6CE7-4B0F-9A4B-7688CCEDD70A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AB79822A-58E2-43C0-9682-30C3F2823DC9} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {B422B248-B0C8-4AF3-B77E-A936965BE101} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {D5C1A222-FB0E-4562-A5F7-B27F2724DDEC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F19368D8-8075-404F-84D6-F86B2E89441A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F28502D0-D8ED-495F-8E63-6BD29C22AFB5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: