start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
ProxyServer: [S-1-5-21-4166634823-2150066620-1418166359-1000] => localhost:21320
AutoConfigURL: [S-1-5-21-4166634823-2150066620-1418166359-1000] => localhost:21320
ManualProxies: 0hxxp://stoppblock.biz/wpad.dat?ea35fd3ae550deddb0663b33cdfe130215396243
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4166634823-2150066620-1418166359-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-4166634823-2150066620-1418166359-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2015-03-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-21] (Oracle Corporation)
C:\Users\Chris\Desktop\FileFinder.lnk
C:\ProgramData\FileFinder
C:\Program Files\FileFinder
CustomCLSID: HKU\S-1-5-21-4166634823-2150066620-1418166359-1000_Classes\CLSID\{8A791F0C-C63C-4EC5-B97F-FBCE74EDBC54}\InprocServer32 -> F:\Program Files\TextPad 7\System\shellext32.dll => No File
ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472573513&a=1101982&src=sh&uuid=ecb07899-cd1f-4c4a-aab3-99845e65ff1e,1472573342937"
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
EmptyTemp:
End