start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3250779840-2031006479-2741026425-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3250779840-2031006479-2741026425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.earthlink.net/
SearchScopes: HKU\S-1-5-21-3250779840-2031006479-2741026425-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Task: {01E209BB-CEE4-48D6-ABF8-2FC48647A292} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {06C6C2F4-2495-4F7B-A3D2-435DE4FE79DB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {11C623EC-ABD6-48E2-89D0-17E0F60E62B1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1B33937C-15A6-4A1D-81AE-815382EBD1DD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2CE90E33-D14D-43D3-BEE8-D27B556CC790} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5AA9AEE6-F123-40BA-AB0E-D744BBB04D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6CE4E446-01B9-430F-A2EC-F00370963273} - System32\Tasks\{28898337-FBD0-440F-B292-0694DB24E9E4} => pcalua.exe -a "C:\Users\RAB Office\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQCWQCYO\GFX_A00_301.42_VHXPX_Setup_ZPE.exe" -d "C:\Users\RAB Office\Desktop"
Task: {72D7B9C9-C029-4A31-BD4D-3EBDE576C59A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {82FDEFDE-2EED-4309-985A-450FEA044A20} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A3FF6F3C-469D-4C6B-BF64-9BBEC4EC3562} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7C1E223-62D2-433C-AE82-A32975038878} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
EmptyTemp:
Hosts:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
End