Start::
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_mdaffmarmarie_17_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDtDtAyDyC0F0EyDyE0EtAtN0D0Tzu0StBtDtAtCtN1L2XzutAtFtBzytFtCtDyEtFyDtCtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0BtD0EyByEyByBtGtCtA0B0FtG0EtDtCyDtGyEzy0ByDtGtC0C0B0FtA0DyCtD0DtC0CtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0EtDtD0EtCtG0CtB0E0BtGyEyBtCyDtGzzyD0F0FtG0AyCtC0EyE0F0EyB0AyB0EtD2QtN0A0LzuyE%26cr%3D1142949544%26a%3Dwbf_mdaffmarmarie_17_30%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_mdaffmarmarie_17_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDtDtAyDyC0F0EyDyE0EtAtN0D0Tzu0StBtDtAtCtN1L2XzutAtFtBzytFtCtDyEtFyDtCtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0BtD0EyByEyByBtGtCtA0B0FtG0EtDtCyDtGyEzy0ByDtGtC0C0B0FtA0DyCtD0DtC0CtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0EtDtD0EtCtG0CtB0E0BtGyEyBtCyDtGzzyD0F0FtG0AyCtC0EyE0F0EyB0AyB0EtD2QtN0A0LzuyE%26cr%3D1142949544%26a%3Dwbf_mdaffmarmarie_17_30%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {04DC2DC9-CCF8-4595-9A21-ACA942CB4DCC} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_mdaffmarmarie_17_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDtDtAyDyC0F0EyDyE0EtAtN0D0Tzu0StBtDtAtCtN1L2XzutAtFtBzytFtCtDyEtFyDtCtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0BtD0EyByEyByBtGtCtA0B0FtG0EtDtCyDtGyEzy0ByDtGtC0C0B0FtA0DyCtD0DtC0CtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0EtDtD0EtCtG0CtB0E0BtGyEyBtCyDtGzzyD0F0FtG0AyCtC0EyE0F0EyB0AyB0EtD2QtN0A0LzuyE%26cr%3D1142949544%26a%3Dwbf_mdaffmarmarie_17_30%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> DefaultScope {1DA1963F-AC7D-4B7F-8874-9588C6F75419} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20160113&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> {04DC2DC9-CCF8-4595-9A21-ACA942CB4DCC} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3101810&CUI=UN12070141693219125&SSPV=IED
SearchScopes: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> {1DA1963F-AC7D-4B7F-8874-9588C6F75419} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20160113&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20160113&p={searchTerms}
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Somoto Toolbar -> {bb45ef8e-1e36-4535-a017-ec908fb1e335} -> C:\Program Files (x86)\Somoto\prxtbSom0.dll [2013-04-14] (Conduit Ltd.)
Toolbar: HKLM-x32 - Somoto Toolbar - {bb45ef8e-1e36-4535-a017-ec908fb1e335} - C:\Program Files (x86)\Somoto\prxtbSom0.dll [2013-04-14] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1578578303-3324816548-2500361984-1001 -> No Name - {BB45EF8E-1E36-4535-A017-EC908FB1E335} - No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> No File
Task: {08D2B678-76E3-4D22-B87E-0B1D3B22F60C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {139DB17A-1453-4FE1-80D5-793F88EB2302} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {34ACCB81-F29E-4376-B55D-C223A9261302} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {440A8B0A-C5BF-4567-8095-887005726425} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {74AFB16E-BE2F-44B3-B025-AD7E15CC72D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {79BE8B40-0DC2-4DC4-8A28-BCC7FD63BF88} - \WPD\SqmUpload_S-1-5-21-1578578303-3324816548-2500361984-1001 -> No File <==== ATTENTION
Task: {887FAAB7-E9A4-478D-A9C0-27E1A5F010AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8B172B57-C74E-4FF9-97C5-8612B5A0114B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9568E742-0F6B-4FB8-B726-7CB4D302189D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9A69CADA-28D2-47B8-8E08-733780451129} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B95A1186-BA65-413B-807F-DA20DB8F451F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {C5022F41-6642-4F43-946D-934BD93D7265} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E332637D-F79E-409E-A4A0-8A3DAFC224CC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FCC20C1E-58ED-4F59-A53E-D74C6FD876E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Emptytemp:
End::