CloseProcesses:
CreateRestorePoint:
(Unique Solutions) C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe
() C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
() C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
R2 yXjrmwrcMEW; C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe [2731488 2015-08-24] (Unique Solutions)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41632 2015-08-24] ()
2015-08-24 14:32 - 2015-08-24 14:41 - 00000370 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2015-08-24 14:32 - 2015-08-24 14:32 - 00003440 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp
2015-08-24 14:32 - 2015-08-24 14:32 - 00000000 ____D C:\Users\vineet\AppData\Local\14877
2015-08-24 14:31 - 2015-08-24 14:31 - 00002537 _____ C:\Users\vineet\Desktop\Reimage2.lnk
2015-08-24 14:30 - 2015-08-24 22:34 - 00000000 ____D C:\Users\vineet\AppData\Local\DesktopSearch
2015-08-24 14:30 - 2015-08-24 14:30 - 00000000 ____D C:\DesktopSearch
2015-08-24 14:26 - 2015-08-24 22:44 - 00003542 _____ C:\WINDOWS\System32\Tasks\Ssiulaurxaf
2015-08-24 14:26 - 2015-08-24 14:26 - 00000000 ____D C:\ProgramData\Ssiulaurxaf
2015-08-24 14:21 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Search
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\ZRPkKEesI
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-08-24 14:18 - 2015-08-24 20:18 - 00001078 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-08-24 14:18 - 2015-08-24 14:18 - 00004198 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00001264 _____ C:\Users\vineet\Desktop\Continue Max Driver Updater Uninstaller.lnk
2015-08-24 14:18 - 2015-08-24 14:18 - 00000008 _____ C:\END
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Users\vineet\AppData\Local\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-24 14:16 - 2015-08-24 14:39 - 00001024 _____ C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job
2015-08-24 14:16 - 2015-08-24 14:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\yRYXdCg1yVyJmA
2015-08-24 14:14 - 2015-08-24 20:19 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-24 14:14 - 2015-08-24 14:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-24 14:14 - 2015-08-24 14:14 - 00000000 ____D C:\Users\vineet\AppData\Local\globalUpdate
2015-08-24 14:13 - 2015-08-24 22:44 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater
2015-08-24 14:13 - 2015-08-24 14:15 - 00000000 ____D C:\Users\vineet\AppData\Local\BrowserHelper
2015-08-24 14:13 - 2015-08-24 14:13 - 00004412 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\ProgramData\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:13 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:12 - 00003680 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieUserList
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieSiteList
2015-04-19 17:50 - 2015-04-19 17:50 - 0005872 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA
2015-04-20 19:35 - 2015-04-20 19:35 - 1579520 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION
DesktopSearch (HKLM-x32\...\DesktopSearch) (Version: 3.0.80 - Unique Solutions)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== ATTENTION
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION
Task: {0C45EB53-CDC5-4ED9-A34A-190573725B08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {32195FD2-0B75-4404-B7A5-525DD624023A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F4CC402-8F65-4F04-B427-60A6BFA07A02} - System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {49DF82F1-12EB-4324-A30A-0F32AF1C31A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {51705565-8779-4B6D-94C4-83E2FCFE8314} - System32\Tasks\AmiUpdXp => C:\Users\vineet\AppData\Local\14877\Updater.exe [2015-08-24] () <==== ATTENTION
Task: {6A7B9FA9-1E31-48A4-9F71-763E09F1BC47} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {75E6AA35-8387-4415-9B33-F621599986FE} - System32\Tasks\yRYXdCg1yVyJmA => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe [2015-04-20] () <==== ATTENTION
Task: {8C307AA8-4156-4B75-B431-911129BEB0DD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8CC5AB22-B687-44C4-9B9B-21BD00A0B100} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B1DC49BC-CECF-4AED-9A70-0B3DE0E0CF61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B433CA6F-9151-423B-9B83-5EC11B9A60E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B8032E26-0066-438F-B1BC-68C70D32FFFA} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-24] () <==== ATTENTION
Task: {BC65A603-0034-4926-8A34-5EFEE76D7ED1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C55AE608-299F-47D8-B313-DC14D81F60DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EDE6E884-7AE1-4CF7-BA1C-8F723D954537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EFB5E153-F6DB-46EC-BDB9-ECBCC3FE045D} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {F98385B2-7376-49D7-AE1F-D0DEE00BCDB8} - System32\Tasks\Ssiulaurxaf => C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe [2015-08-24] ()
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\vineet\AppData\Local\14877\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe <==== ATTENTION
2015-08-24 22:44 - 2015-08-24 22:44 - 00083208 _____ () C:\ProgramData\Browser\prompt.exe
FirewallRules: [{D49CCE38-D3F7-4FF3-AAF1-9B0E1E82436F}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{844F16CB-1A7A-4E4B-B287-40B4C550179C}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset