start
CreateRestorePoint:

HKLM\...\Run: [avast5] => C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
ShortcutTarget: invicta fc Full.lnk -> C:\ProgramData\{338bb8f2-9762-ada7-338b-bb8f2976e3ca}\invicta fc Full.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} -  No File
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {f29557fd-78aa-40e6-aba8-9fa219764018} -  No File
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {ecce0073-a837-45a2-95b9-600420505f7e} -  No File
SearchScopes: HKLM -> DefaultScope {5C6F3810-F400-4E83-9D4A-5E7BAAF9E6F2} URL =
SearchScopes: HKLM -> {39391820-B754-408E-B344-2D7850F1747F} URL = http://www.ask.com/w...}&l=dis&o=cahpd
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2856416
SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...429AA4DD3&SSPV=
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...429AA4DD3&SSPV=
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...60-12D7F7EC9C5C
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {39391820-B754-408E-B344-2D7850F1747F} URL = http://www.ask.com/w...}&l=dis&o=cahpd
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {5C6F3810-F400-4E83-9D4A-5E7BAAF9E6F2} URL = http://search.condui...2026674694&UM=2
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {A75FA426-5E4E-4A28-904C-77C7BEFF7179} URL = http://ca.search.yah...ing}&fr=hp-pvdt
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} ->  No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} -  No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {F29557FD-78AA-40E6-ABA8-9FA219764018} -  No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {ECCE0073-A837-45A2-95B9-600420505F7E} -  No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Tcpip\..\Interfaces\{C74D33C5-5410-4BFB-8A69-7DD8061F99B6}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{E43C4754-1E0F-49A4-96FB-DE611413E9DE}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{E77AB3BF-46AA-4AF1-8B13-43CC40265057}: [NameServer] 208.69.150.252,208.69.150.250
FF Extension: TopArcadeHits - C:\Users\Diane\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-09-07]
CHR Extension: (MixiDJ V45) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehjklkgijkjfcfmmjmjlmcccholamaf [2013-09-07]
CHR HKLM\...\Chrome\Extension: [hndppnmigdlfmdegjjdmjoeinbbceihi] - C:\Users\Diane\AppData\Local\CRE\hndppnmigdlfmdegjjdmjoeinbbceihi.crx [2013-09-08]
CHR HKLM\...\Chrome\Extension: [iehjklkgijkjfcfmmjmjlmcccholamaf] - C:\Users\Diane\AppData\Local\CRE\iehjklkgijkjfcfmmjmjlmcccholamaf.crx [2013-09-04]
CHR HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hndppnmigdlfmdegjjdmjoeinbbceihi] - C:\Users\Diane\AppData\Local\CRE\hndppnmigdlfmdegjjdmjoeinbbceihi.crx [2013-09-08]
CHR HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iehjklkgijkjfcfmmjmjlmcccholamaf] - C:\Users\Diane\AppData\Local\CRE\iehjklkgijkjfcfmmjmjlmcccholamaf.crx [2013-09-04]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
2015-03-14 22:47 - 2013-09-07 22:56 - 00000000 ____D () C:\Program Files\Conduit
2015-03-08 14:11 - 2013-09-08 12:06 - 00000000 ____D () C:\ProgramData\IBUpdaterService
File:  C:\ProgramData\hpothb07.dat
Task: {D63CDCD5-4A3B-4B17-8358-1B70D252B5F2} - System32\Tasks\{20098AFA-5271-4D3C-9D6B-B7A7C8B35147} => pcalua.exe -a E:\setup.exe -d E:\
Task: {E343E3DF-A33B-4773-8441-97D5D89D5816} - System32\Tasks\TopArcadeHits => C:\Users\Diane\AppData\Local\TopArcadeHits\updater.exe [2013-09-07] ()
Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Diane\AppData\Local\TopArcadeHits\updater.exe

cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
CMD: bitsadmin /reset /allusers
Folder: C:\PROGRA~1\ALWILS~1\Avast5
Hosts:
EmptyTemp:
end