start
CreateRestorePoint:
CloseProcesses:
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nxtad_16_05¶m1=1¶m2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByCyDyE0FtA0FyB0D0A0EtBtCtAtN0D0Tzu0StCyEzytAtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEzyzyzyyEyDtCyDtGyBtAyDyCtGyCyDtBzztGyBzzzzyBtGzyyEtAyDtCzz0CyD0F0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0AzzyD0C0AyB0AtG0B0DzyyBtGyEyCyB0DtGzz0EyE0FtG0FyEtBtDzztA0E0Ezy0AtByB2QtN0A0LzuyE%26cr%3D1001654787%26a%3Dwncy_nxtad_16_05%26os_ver%3D6.3%26os%3DWindows%2B8.1
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1569399677-2339013464-2643545198-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {601ED020-FB6C-11D3-87D8-0050DA59922B} -> No File
Toolbar: HKU\S-1-5-21-1569399677-2339013464-2643545198-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
AlternateDataStreams: C:\Windows:4E0E77A0ED053531
CMD: ipconfig /flushdns
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
End