CreateRestorePoint: HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [OpenSoftwareUpdater] => C:\Program Files (x86)\OpenSoftwareUpdater\OpenSoftwareUpdater.exe [3733504 2014-04-08] (Installer Technology Co.) HKLM-x32\...\RunOnce: [SpaceSondPro_v53.1434] => C:\Program Files (x86)\SpaceSondPro_v53.1434\SpaceSondPro_Service.exe [33480 2015-08-12] () Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [SushiLeadsApplication] => C:\Program Files (x86)\sushileads\SushiLeadsApplication.exe [381440 2015-08-03] () AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [247032 2015-08-03] (Client Connect LTD) AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [219896 2015-08-03] (Client Connect LTD) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-1505448478-352576845-3373465650-1004\User: Restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-1505448478-352576845-3373465650-1001\User: Restriction detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1505448478-352576845-3373465650-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:47574 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_installertech_15_32&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyC0B0D0E0DyDyE0BtCyCyEtN0D0Tzu0StCtAtCyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1R1B1E1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0DyC0Ezz0DtB0FtGyB0CyEtDtG0FzyyDtBtGyCyB0E0EtG0B0E0CzyyC0CyD0EtBtA0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtByD0DtC0ByCtG0FtCyDtAtGyEtAyDtAtGzzyC0C0EtGtAyC0EtCyB0Azy0E0CyB0EtA2QtN0A0LzuyE&cr=2047286878&ir= SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_installertech_15_32&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyC0B0D0E0DyDyE0BtCyCyEtN0D0Tzu0StCtAtCyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1R1B1E1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0DyC0Ezz0DtB0FtGyB0CyEtDtG0FzyyDtBtGyCyB0E0EtG0B0E0CzyyC0CyD0EtBtA0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtByD0DtC0ByCtG0FtCyDtAtGyEtAyDtAtGzzyC0C0EtGtAyC0EtCyB0Azy0E0CyB0EtA2QtN0A0LzuyE&cr=2047286878&ir= SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3325283&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2A3F2634-37E6-4F8D-912E-937AEB6007EF&q={searchTerms}&SSPV= Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher) Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher) Winsock: Catalog9-x64 01 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher) Winsock: Catalog9-x64 16 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher) FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=&D=081215 FF SearchPlugin: C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default\searchplugins\cassiopesa.xml [2015-08-12] CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3240184 2015-08-03] (Client Connect LTD) R2 comyninu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\hnsq5471.tmp [161792 2015-08-08] () [File not signed] R2 FindingDiscount; C:\Program Files (x86)\Windows Discount\FindingDiscount\FindingDiscount.exe [330240 2015-06-10] () [File not signed] R2 hyverumu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\jnsi33E7.tmp [209920 2015-08-08] () [File not signed] R2 RuntimeManager; C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe [101888 2015-06-10] () [File not signed] R2 SushiLeadsUpdaterService; C:\Program Files (x86)\sushileads\NpUpdaterService.exe [10240 2015-08-03] () [File not signed] R2 WaInterEnhancer Service; C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1182720 2015-08-07] () [File not signed] R2 WeWatcherProxy; C:\Program Files (x86)\ServiceUpdater\WeWatcherProxy.exe [1741016 2015-08-06] (WeWatcher) R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-15] (Word Surfer) R2 wyhumyqu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\knsc1441.tmp [647680 2015-08-14] () [File not signed] S2 consumerinput_update; no ImagePath S3 consumerinput_updatem; no ImagePath S2 RelevantKnowledge; no ImagePath <==== ATTENTION R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [57728 2015-06-15] (Word Surfer) S1 netfilter64; system32\drivers\netfilter64.sys [X] S3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X] 2015-08-14 19:22 - 2015-08-14 19:22 - 00000000 ____D C:\ProgramData\FlashBeat 2015-08-14 19:12 - 2015-08-15 10:15 - 00001154 _____ C:\Users\Kiersten\Desktop\Continue Live Installation.lnk 2015-08-14 05:39 - 2015-08-14 06:38 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP3.job 2015-08-14 05:39 - 2015-08-14 06:38 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP2.job 2015-08-14 05:39 - 2015-08-14 05:59 - 00000378 _____ C:\WINDOWS\Tasks\APSnotifierPP1.job 2015-08-14 05:39 - 2015-08-14 05:39 - 00002830 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP1 2015-08-14 05:39 - 2015-08-14 05:39 - 00002828 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP3 2015-08-14 05:39 - 2015-08-14 05:39 - 00002828 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP2 2015-08-14 05:36 - 2015-08-13 21:26 - 00613255 _____ (CMI Limited) C:\Users\Kiersten\AppData\Local\nscB0F3.tmp 2015-08-13 21:26 - 2015-08-13 21:26 - 00000000 __SHD C:\Users\Kiersten\AppData\Roaming\AnyProtectEx 2015-08-13 21:23 - 2015-08-14 18:39 - 00000000 ____D C:\Users\Kiersten\AppData\Local\SmartWeb 2015-08-12 20:23 - 2015-08-12 20:23 - 00000000 ____D C:\Users\Kiersten\Documents\DailyPCClean 2015-08-12 20:22 - 2015-08-14 05:37 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support 2015-08-12 20:21 - 2015-08-13 02:58 - 00009848 _____ C:\WINDOWS\SysWOW64\WeWatcherProxyOff.ini 2015-08-12 20:21 - 2015-08-13 02:58 - 00009848 _____ C:\WINDOWS\system32\WeWatcherProxyOff.ini 2015-08-12 20:21 - 2015-08-12 20:21 - 00003252 _____ C:\WINDOWS\System32\Tasks\runTask 2015-08-12 20:21 - 2015-08-12 20:21 - 00003156 _____ C:\WINDOWS\System32\Tasks\updateTask 2015-08-12 20:21 - 2015-08-12 20:21 - 00000217 _____ C:\task.vbs 2015-08-12 20:21 - 2015-08-12 20:21 - 00000000 ____D C:\Program Files (x86)\ServiceUpdater 2015-08-12 20:21 - 2015-08-06 18:19 - 00357432 _____ (WeWatcher) C:\WINDOWS\system32\WeWatcherLSP64.dll 2015-08-12 20:21 - 2015-08-06 18:18 - 00305960 _____ (WeWatcher) C:\WINDOWS\SysWOW64\WeWatcherLSP.dll 2015-08-12 20:14 - 2015-08-13 00:19 - 00000000 ____D C:\ProgramData\sushileads 2015-08-12 20:14 - 2015-08-12 20:14 - 00003518 _____ C:\WINDOWS\System32\Tasks\SushiLeads 2015-08-12 20:14 - 2015-08-12 20:14 - 00000000 ____D C:\Program Files (x86)\sushileads 2015-08-12 19:39 - 2015-08-14 18:44 - 00000000 ____D C:\Program Files\SpaceSoundPro 2015-08-12 19:39 - 2015-08-12 20:21 - 00000000 _____ C:\END 2015-08-12 19:39 - 2015-08-12 19:44 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.1434 2015-08-12 19:39 - 2015-08-12 19:39 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro 2015-08-12 19:39 - 2015-08-12 19:39 - 00000000 _____ C:\WINDOWS\SysWOW64\Number of results 2015-08-12 19:29 - 2015-08-12 19:29 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\Compete 2015-08-08 12:21 - 2015-07-21 12:17 - 01084696 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll 2015-08-08 12:20 - 2015-08-08 12:20 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\Compete 2015-08-08 12:19 - 2015-08-08 12:19 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\OpenSoftwareUpdater 2015-08-08 12:19 - 2015-08-08 12:19 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\InstantSupport 2015-08-08 12:18 - 2015-08-08 12:18 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\PCAcceleratePro 2015-08-08 12:17 - 2015-08-08 12:17 - 00003488 _____ C:\WINDOWS\System32\Tasks\bvxvyxvec 2015-08-08 12:16 - 2015-08-15 09:54 - 00000354 _____ C:\WINDOWS\Tasks\OMYQNNDMU1.job 2015-08-08 12:16 - 2015-08-14 07:16 - 00000000 ____D C:\Program Files (x86)\SearchProtect 2015-08-08 12:16 - 2015-08-12 19:25 - 00000000 ____D C:\Users\Kiersten\AppData\Local\SearchProtect 2015-08-08 12:16 - 2015-08-08 12:18 - 00000000 ____D C:\ProgramData\Service1291 2015-08-08 12:16 - 2015-08-08 12:17 - 00000000 ____D C:\Users\Kiersten\AppData\Local\bvxvyxvec 2015-08-08 12:16 - 2015-08-08 12:16 - 00002868 _____ C:\WINDOWS\System32\Tasks\OMYQNNDMU1 2015-08-08 12:16 - 2015-08-08 12:16 - 00000000 ____D C:\Users\CareBear17\AppData\Local\SearchProtect 2015-08-08 12:16 - 2015-08-08 12:16 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e 2015-08-08 12:15 - 2015-08-08 12:15 - 00004180 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update 2015-08-08 12:15 - 2015-08-08 12:15 - 00004170 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core 2015-08-08 12:15 - 2015-08-08 12:15 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19 2015-08-08 12:07 - 2015-08-15 10:12 - 00000992 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job 2015-08-08 12:07 - 2015-08-15 09:54 - 00000988 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job 2015-08-08 12:07 - 2015-08-08 12:07 - 00003862 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA 2015-08-08 12:07 - 2015-08-08 12:07 - 00003626 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore 2015-08-08 12:07 - 2015-08-08 12:07 - 00001162 _____ C:\Users\Public\Desktop\OpenSoftwareUpdater.lnk 2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\OpenSoftwareUpdater 2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSoftwareUpdater 2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\Program Files (x86)\OpenSoftwareUpdater 2015-08-08 12:06 - 2015-08-08 12:06 - 00000000 ____D C:\ProgramData\Windows Discount 2015-08-08 12:06 - 2015-08-08 12:06 - 00000000 ____D C:\Program Files (x86)\Windows Discount 2015-08-08 12:05 - 2015-08-14 05:37 - 00000000 ____D C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E 2015-08-08 12:05 - 2015-08-12 19:30 - 00000000 ____D C:\Program Files (x86)\OneSystemCare 2015-08-08 12:05 - 2015-08-08 12:05 - 00003256 _____ C:\WINDOWS\System32\Tasks\One System Care Monitor 2015-08-08 12:05 - 2015-08-08 12:05 - 00001090 _____ C:\Users\Public\Desktop\Launch One System Care.lnk 2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhancer 2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care 2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\Program Files (x86)\WaInterEnhancer 2015-08-08 12:04 - 2015-08-08 12:04 - 03719524 _____ C:\Users\CareBear17\Downloads\forge-1.8-11.14.3.1502-installer.jar 2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Users\Kiersten\AppData\Local\59790140 2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Users\Kiersten\AppData\Local\{C35BF507-E7F3-99BF-8A6B-BC57AE0340CF} 2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Program Files (x86)\TestXp Task: {0AAB1B5D-C707-4706-B31E-1FA577F47CEF} - System32\Tasks\bvxvyxvec => C:\Users\Kiersten\AppData\Local\bvxvyxvec\bvxvyxvec.exe [2015-08-03] () <==== ATTENTION Task: {0C1AD099-B7C9-459C-94B8-304166BBDFA9} - \ProPCCleaner_Popup -> No File <==== ATTENTION Task: {0F23281E-688D-406A-937D-B9D31FD51139} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-07-31] () Task: {1CEFB9CD-0DFE-47CA-A74A-6B18DEF92CAB} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {2E230C96-DC86-4858-9ED7-768E6FED8C5A} - System32\Tasks\OMYQNNDMU1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION Task: {5151ED8B-07EE-45AC-8E74-7107D2752C55} - System32\Tasks\{ED9F8D0B-4A34-4DE7-8103-6CEC5E3CBBB8} => pcalua.exe -a "C:\Program Files (x86)\AnyProtectEx\uninstall.exe" <==== ATTENTION Task: {61195080-B284-4AEA-8C83-7B536CBEEC1A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {7375A6A9-E560-48AE-A811-DD1FBF702843} - \One System Care Run Delay -> No File <==== ATTENTION Task: {76DB686F-AC50-43EE-8971-FEFD12BB88C6} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION Task: {7C8EA910-6B1F-4251-B74A-8AA54F8D89B3} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe Task: {7DDB85A3-5086-477B-8D93-1FD7B3CEE020} - System32\Tasks\Kaomonaenuvn => C:\ProgramData\Kaomonaenuvn\1.0.1.0\jlewroan.exe <==== ATTENTION Task: {820F8488-4F1B-4C16-8B2E-FA99306D80AC} - System32\Tasks\runTask => %TEMP%/Updater.exe Task: {83C4FBA0-2389-48DF-9A3F-531F055C89C8} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION Task: {84E5164E-1A4D-4834-ABE1-CD184C7B634E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION Task: {8675385C-87AA-4D64-AF15-2B55C8347137} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-15] (Word Surfer) Task: {9AFB7AD6-53F0-4FD0-B40F-B5D90F731EA3} - System32\Tasks\SushiLeads => C:\Program Files (x86)\sushileads\ScheduledTask.exe [2015-08-03] () Task: {A5F3B644-7F68-4BC4-B5F2-881E9341C414} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {AA43EE18-EC9A-4DFF-9BC3-AC656808AAD3} - \PennyBee -> No File <==== ATTENTION Task: {AB864495-C7A3-4D17-B8B8-30C9E3C4897B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {EDC411FF-FC17-421C-A3B3-78562294A7C0} - System32\Tasks\updateTask => c:\task.vbs [2015-08-12] () Task: {F8C498A3-C4A9-4ABB-A093-7C53DBA1FCA4} - \ProPCCleaner_Start -> No File <==== ATTENTION Task: {FC34BC7A-110D-41BB-B52F-C875FA80F7CB} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-15] (Word Surfer) Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\OMYQNNDMU1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WeWatcherProxy => ""="service" C:\Program Files (x86)\MyPC Backup C:\Program Files (x86)\Optimizer Pro C:\Program Files (x86)\Windows Discount C:\Program Files (x86)\Windows NT C:\Program Files (x86)\sushileads C:\Program Files (x86)\WaInterEnhancer C:\Program Files (x86)\ServiceUpdater C:\Program Files (x86)\WordSurfer_1.10.0.19 C:\Program Files (x86)\SearchProtect C:\Program Files (x86)\OneSystemCare C:\Program Files (x86)\SpaceSondPro_v53.1434 C:\Program Files (x86)\OpenSoftwareUpdater C:\Program Files (x86)\Lavasoft\ C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F RemoveProxy: Hosts: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: CMD: bitsadmin /reset /allusers