CreateRestorePoint:
(Crawler.com) C:\Program Files\Spyware Terminator\sp_rsser.exe
() C:\ProgramData\Trusted Publisher\SW-Booster\SW-Booster.exe
C:\ProgramData\Trusted Publisher
() C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe
C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AnyProtect Scanner] => "C:\Program Files\AnyProtectEx\AnyProtect.exe"
C:\Program Files\AnyProtectEx
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [se] => C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe  /minimized 
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {125455f7-730c-11e1-b195-fe93e5c86024} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {12545601-730c-11e1-b195-810d70a76acb} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {12545671-730c-11e1-b195-c85622b6b4be} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {1d5b41de-e447-11e1-b0c6-fd68a3cebc60} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {1d5b41e7-e447-11e1-b0c6-ce3d81501a1b} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {5b7a2728-ff3b-11e0-906f-823332b82114} - F:\Setup.exe /Auto
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {9dd422bd-6701-11dd-81bc-001d09b30651} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Sys.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {acc5c1d9-1f88-11e4-a92f-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {adf0e9fe-2749-11e4-9ac2-001d09b30651} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {b0d1cfb3-7a14-11e1-b5e3-d760c0553e51} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {b6d8a72f-e9df-11e1-b68f-fdbd6f5861f1} - G:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {cb2824ac-1ec7-11e4-b21b-001dd9e8829b} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {e28707c4-e56f-11e1-af60-d142243269b5} - G:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.sea...&cc=IN&unqvl=69
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} -  No File
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=IN&unqvl=69
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2790392
SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=IN&unqvl=69
SearchScopes: HKU\.DEFAULT -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.c...rms}&tbid=60327
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2790392
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {0B8DCF56-50E2-494C-A325-E0BD2C6B5126} URL = http://in.search.yah...p={searchTerms}
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.c...rms}&tbid=60327
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:466...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {837120EB-FFE3-48FD-8F7B-F2761B06F918} URL = http://websearch.ask...DA-BEDB00C0D3C6
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2790392
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=IN&unqvl=69
BHO: NewSaver -> {06f6f85c-bac2-43be-bece-e15eb4c475e8} -> C:\ProgramData\NewSaver\tzwCSK8UufN0Xr.dll [2014-11-22] ()
BHO: SaveLots -> {48910c32-ad9e-4c84-8b67-adc12dd96b33} -> C:\ProgramData\SaveLots\h3pa0wL8juCiLv.dll [2014-11-20] ()
BHO: SaverExtension -> {4c282ea3-6f71-42c7-bb27-d21973d82f4c} -> C:\ProgramData\SaverExtension\juoCGNsZDb21JF.dll [2014-11-22] ()
BHO: CoupExtension -> {5c614e31-e6b7-452d-b9ac-84c4aa2fcb0a} -> C:\ProgramData\CoupExtension\dljAtBLwlPxX5B.dll [2014-11-20] ()
Toolbar: HKU\.DEFAULT -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
C:\ProgramData\NewSaver
C:\ProgramData\SaveLots
C:\ProgramData\SaverExtension
C:\ProgramData\CoupExtension
Toolbar: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
CHR HKLM\...\Chrome\Extension: [cgpnojibjokpoghebklhkdeijehkohhb] - C:\Users\Abhishek\AppData\Local\Temp\tbch.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mpjidcokcfencofcmondgimdoobddnoe] - C:\Users\Abhishek\AppData\Local\CRE\mpjidcokcfencofcmondgimdoobddnoe.crx [2012-05-08]
R2 24c54e38; c:\Program Files\DeltaFix\DeltaFix.dll [3906048 2014-11-16] () [File not signed] <==== ATTENTION
c:\Program Files\DeltaFix\DeltaFix.dll
R2 MaintainerSvc2.02.5636706; C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe [123632 2015-03-14] ()
C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8
R2 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [570880 2008-08-30] (Crawler.com) [File not signed]
C:\Program Files\Spyware Terminator
2015-03-14 18:02 - 2014-11-16 22:10 - 00000482 ____H () C:\Windows\Tasks\SW-Booster-S-792098896.job
2014-09-09 07:23 - 2014-09-09 07:23 - 0000000 _____ () C:\Users\Abhishek\AppData\Local\{53F4DD30-6599-4858-AC72-0DA3ECAD8514}
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209F0-0000-4b30-A977-D214852036FF}\InprocServer32 ->  No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540086-5750-5300-4B49-4E47534F4655}\InprocServer32 ->  No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{91493443-94BF-4940-926D-4F38FECF2A48}\InprocServer32 ->  No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{B6CE1A28-A831-43E4-A81F-E2B429D66231}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\AskToolbar\Downloaded Program Files\Nero.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Abhishek\AppData\Local\Temp\e1605937\temp\Download.exe No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {2487AE63-6C7A-4479-9ABD-1E7C8B06AE88} - \{35DC3473-A719-4d14-B7C1-FD326CA84A0C} No Task File <==== ATTENTION
Task: {2EE2027E-415B-4A49-BABD-947193469DB0} - System32\Tasks\SW-Booster-S-792098896 => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe [2014-11-16] () <==== ATTENTION
Task: {48A1C5B8-70E1-400A-895D-FF14337BD979} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {59C5AF6B-06D2-4B46-8392-73D58A8AD652} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {8D03BECD-CE00-41FD-A701-9A337B93B57E} - \{66BA574B-1E11-49b8-909C-8CC9E0E8E015} No Task File <==== ATTENTION
Task: {97E4E69E-19EC-4C83-8ABF-10483E4C0D98} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {9D454D67-0B49-4FA0-A2C9-52651399FED3} - \ASP No Task File <==== ATTENTION
Task: {B08BEFB2-8905-46BB-8E23-FB99ECF897F7} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exeO/schedule /profile c:\programdata\trusted publisher\sw-booster\792098896.ini <==== ATTENTION
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
cmd: bitsadmin /reset /allusers
EmptyTemp: