I have many new programs running that I did not install and ad pop-ups for malware removal and warnings running on top of eachother. Here are the logs:
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
I have many new programs running that I did not install and ad pop-ups for malware removal and warnings running on top of eachother. Here are the logs:
Hi - Yes, I am still here, just needed to wait until i got home from vacation today to start the process, i will be sending logs tomorrow. Also, on Crossbrowse, it won't let me uninstall, says there is a window running and i need to close to 'uninstall'. Eveything else i can uninstall. I am going to follow the programs later this evening and send the logs following this. Thanks for your help!
Tricia
wow, took my internet down, had to save files to a removable drive and install this way, took some time but finally I have logs:
fixlog.txt:
Fix result of Farbar Recovery Scan Tool (x64) Version:11-08-2015 02
Ran by Owner (2015-08-11 22:33:09) Run:1
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\Crossbrowse
C:\Program Files (x86)\Coupon Time
C:\Program Files (x86)\Cinema PlusV09.08-ntf
C:\Users\Owner\AppData\Roaming\TWV\winpl.exe
HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
C:\Program Files (x86)\gmsd_us_005010055
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [GoogleChromeAutoLaunch_9C0C11CE362BB547A69B6E9BF20A1C96] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048 2015-05-11] (Crossbrowse)
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcLQac9KvezFib9CWstoW67OAiRnlLqG9XDeTal_Qzbc4cJqypSIMA-n55M4QrunQCZJIzmdHd4nf2
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> {ielnksrch} URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO-x32: TunePro360 -> {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} -> C:\Program Files (x86)\adlevel\TunePRO360.dll No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\user.js [2015-08-08]
FF Extension: Cinema PlusV09.08 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] [2015-08-09]
FF Extension: SpecialSavings - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] [2012-03-18]
FF Extension: TunePro360 - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\temp [2015-08-08]
FF Extension: DrSpeedyPc - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{88d83554-2fdc-4bb9-8dcd-f2d46d175f88} [2015-08-08]
FF HKLM\...\Firefox\Extensions: [{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}] - C:\Program Files\shopperz04082015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}] - C:\Program Files\shopperz04082015\Firefox
FF Extension: SpecialSavings - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles/lghuf863.default\extensions\[email protected] [2012-03-18]
CHR Extension: (Cinema PlusV09.08) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-08-09]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-09] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-09] (globalUpdate) [File not signed] <==== ATTENTION
R2 dezyloje; C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\knsfD0EE.tmpfs [X]
U3 Winsock; no ImagePath
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 snqjhjan; \??\C:\Windows\system32\drivers\snqjhjan.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
2015-08-09 08:50 - 2015-08-09 09:50 - 00005510 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job
2015-08-09 08:50 - 2015-08-09 09:50 - 00003130 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00005174 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00004486 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00003466 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00002438 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00002438 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00001014 _____ C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00000996 _____ C:\Windows\Tasks\dum3wyST49Ex.job
2015-08-09 08:50 - 2015-08-09 08:50 - 00008538 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6
2015-08-09 08:50 - 2015-08-09 08:50 - 00008204 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7
2015-08-09 08:50 - 2015-08-09 08:50 - 00007516 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4
2015-08-09 08:50 - 2015-08-09 08:50 - 00006496 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7
2015-08-09 08:50 - 2015-08-09 08:50 - 00006158 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6
2015-08-09 08:50 - 2015-08-09 08:50 - 00005468 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5
2015-08-09 08:50 - 2015-08-09 08:50 - 00004040 _____ C:\Windows\System32\Tasks\DK8is89dyPzmla2uemyT3
2015-08-09 08:50 - 2015-08-09 08:50 - 00004022 _____ C:\Windows\System32\Tasks\dum3wyST49Ex
2015-08-09 08:50 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\e0e47087-3946-45d1-aaf1-7bd4f3f3a0b2
2015-08-09 08:49 - 2015-08-09 09:54 - 00000000 ____D C:\Program Files (x86)\ORBTR
2015-08-09 08:49 - 2015-08-09 09:49 - 00002112 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job
2015-08-09 08:49 - 2015-08-09 09:44 - 00004486 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job
2015-08-09 08:49 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\Cinema PlusV09.08
2015-08-09 08:49 - 2015-08-09 08:49 - 00007516 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3
2015-08-09 08:49 - 2015-08-09 08:49 - 00000000 ____D C:\Program Files (x86)\Cinema PlusV09.08-ntf
2015-08-08 23:36 - 2015-08-09 09:48 - 00000000 ____D C:\Users\Owner\AppData\Local\gmsd_us_005010055
2015-08-08 23:36 - 2015-08-09 08:52 - 00000000 ____D C:\Program Files (x86)\gmsd_us_005010055
2015-08-08 23:36 - 2015-08-08 23:36 - 00003490 _____ C:\Windows\System32\Tasks\snp
2015-08-08 23:36 - 2015-08-08 23:36 - 00003122 _____ C:\Windows\System32\Tasks\snf
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\Users\Owner\AppData\Local\McAfeeSecurity
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\ProgramData\Soltops
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\Program Files\Controller
2015-08-08 23:07 - 2015-08-08 23:07 - 00003072 _____ C:\Windows\System32\Tasks\DrspeedyPc Secure
2015-08-08 23:05 - 2015-08-09 09:55 - 00000000 ____D C:\Program Files (x86)\DrSpeedyPC
2015-08-08 23:00 - 2015-08-08 23:00 - 00003206 _____ C:\Windows\System32\Tasks\{A4190820-604B-403C-B3CC-528674BB0D72}
2015-08-08 22:52 - 2015-08-09 08:52 - 00000005 _____ C:\END
2015-08-08 22:51 - 2015-08-08 22:52 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
2015-08-08 22:51 - 2015-08-08 22:51 - 00026348 _____ C:\Windows\System32\Tasks\DNSWABENO
2015-08-08 22:51 - 2015-08-08 22:51 - 00002065 _____ C:\Users\Owner\Desktop\Continue SpaceSoundPro Uninstaller.lnk
2015-08-08 22:51 - 2015-08-08 22:51 - 00001009 _____ C:\Users\Owner\Desktop\GUPlayer.lnk
2015-08-08 22:51 - 2015-08-08 22:51 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-08-08 22:51 - 2015-08-08 22:51 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-08 22:48 - 2015-08-08 22:48 - 00000000 ____D C:\Program Files (x86)\predm
2015-08-08 22:46 - 2015-08-08 22:46 - 00000000 ____D C:\ProgramData\2e33e05a00007796
2015-08-08 22:31 - 2015-08-08 22:31 - 00555640 _____ C:\Users\Owner\Downloads\Unconfirmed 671830.crdownload
2015-08-08 22:30 - 2015-08-08 23:03 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-08 22:30 - 2015-08-08 23:03 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-08 22:30 - 2015-08-08 23:03 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-08 22:30 - 2015-08-08 22:32 - 00002828 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-08 22:30 - 2015-08-08 22:32 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-08 22:30 - 2015-08-08 22:32 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-08 22:29 - 2015-08-08 23:03 - 00000340 _____ C:\Windows\Tasks\Superclean.job
2015-08-08 22:29 - 2015-08-08 22:29 - 00613255 _____ (CMI Limited) C:\Users\Owner\AppData\Local\nsz777.tmp
2015-08-08 22:29 - 2015-08-08 22:29 - 00003252 _____ C:\Windows\System32\Tasks\Superclean
2015-08-08 22:29 - 2015-08-08 22:29 - 00000000 __SHD C:\Users\Owner\AppData\Roaming\AnyProtectEx
2015-08-08 22:29 - 2015-08-08 22:29 - 00000000 ____D C:\ProgramData\{4d917b50-ca18-1849-4d91-17b50ca1ed43}
2015-08-08 22:26 - 2015-08-09 09:44 - 00001018 _____ C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job
2015-08-08 22:26 - 2015-08-09 09:44 - 00001016 _____ C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job
2015-08-08 22:26 - 2015-08-08 22:26 - 00004044 _____ C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW4
2015-08-08 22:26 - 2015-08-08 22:26 - 00004042 _____ C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW
2015-08-08 22:25 - 2015-08-09 09:44 - 00000970 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-08 22:25 - 2015-08-09 09:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-08 22:25 - 2015-08-09 08:54 - 00000974 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-08-08 22:25 - 2015-08-09 08:49 - 00003972 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-08-08 22:25 - 2015-08-09 08:49 - 00003718 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-08-08 22:25 - 2015-08-08 22:25 - 00000000 ____D C:\Users\Owner\AppData\Local\globalUpdate
2015-08-08 22:25 - 2015-08-08 22:25 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-08 22:24 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\adlevel
2015-08-08 22:24 - 2015-08-08 22:24 - 00154826 _____ C:\Program Files (x86)\uninstaller.exe
2015-08-08 22:24 - 2015-08-08 22:24 - 00003060 _____ C:\Windows\System32\Tasks\TunePro360 Updater
2015-08-08 22:24 - 2015-08-08 22:24 - 00002528 _____ C:\Windows\system32\PeakoarOff.ini
2015-08-08 22:24 - 2015-08-08 22:24 - 00000000 ____D C:\Program Files (x86)\TechVedic
2015-08-08 22:23 - 2015-08-09 09:44 - 00001056 _____ C:\Windows\Tasks\Crossbrowse.job
2015-08-08 22:23 - 2015-08-08 23:03 - 00000000 ____D C:\Program Files\shopperz04082015
2015-08-08 22:23 - 2015-08-08 22:24 - 00004808 _____ C:\Windows\SysWOW64\Peakoar.ini
2015-08-08 22:23 - 2015-08-08 22:24 - 00002528 _____ C:\Windows\SysWOW64\PeakoarOff.ini
2015-08-08 22:23 - 2015-08-08 22:23 - 00004082 _____ C:\Windows\System32\Tasks\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Windows\system32\aby
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-08 22:23 - 2015-08-02 07:50 - 00353632 _____ C:\Windows\system32\Peakoar64.dll
2015-08-08 22:23 - 2015-08-02 07:50 - 00283488 _____ C:\Windows\SysWOW64\Peakoar.dll
2015-08-08 21:53 - 2015-08-09 09:58 - 00000342 ____H C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job
2015-08-08 21:53 - 2015-08-09 09:55 - 00000000 ____D C:\Users\Owner\AppData\Local\SmartWeb
2015-08-08 21:53 - 2015-08-09 09:43 - 00000330 _____ C:\Windows\Tasks\OMYQNNDMU1.job
2015-08-08 21:53 - 2015-08-09 08:49 - 00000000 ____D C:\ProgramData\FlashBeat
2015-08-08 21:53 - 2015-08-08 21:53 - 00004034 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-08 21:53 - 2015-08-08 21:53 - 00003376 _____ C:\Windows\System32\Tasks\SFNPKXCMWVMXYUKG
2015-08-08 21:53 - 2015-08-08 21:53 - 00002852 _____ C:\Windows\System32\Tasks\OMYQNNDMU1
2015-08-08 21:53 - 2015-08-08 21:53 - 00000000 ____D C:\ProgramData\Service1291
2015-08-08 21:53 - 2015-08-08 21:53 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-08 21:50 - 2015-08-08 18:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64.sys
2015-08-08 21:49 - 2009-06-10 14:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-08 21:48 - 2015-08-08 21:56 - 00000000 ____D C:\Users\Owner\AppData\Local\07599E80-1439070532-81E1-3676-5404A63C37F3
2015-08-08 21:48 - 2015-08-08 21:48 - 00003542 _____ C:\Windows\System32\Tasks\Inst_Rep
2015-08-08 21:47 - 2015-08-09 09:53 - 00000000 ____D C:\Program Files (x86)\Coupoon
2015-08-08 21:47 - 2015-08-09 09:50 - 00000000 ____D C:\Program Files (x86)\Coupon Time
2015-08-08 21:47 - 2015-08-09 09:01 - 00000000 ____D C:\ProgramData\abc
2015-08-08 21:47 - 2015-08-09 08:53 - 00000000 ____D C:\Program Files\Coupoon
2015-08-08 21:47 - 2015-08-08 21:49 - 00000000 ____D C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3
2015-08-08 21:45 - 2015-08-08 21:46 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TWV
Task: {1290AA52-EC88-4431-8DB1-A12AFAB33ACC} - System32\Tasks\OMYQNNDMU1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {184AC837-F3CE-4D07-A0B9-E34D8CCE8B7A} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Owner\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {1B7043CE-18E3-47DC-A9E0-D85BF587E190} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user => C:\Program Files (x86)\Cinema PlusV09.08-ntf\418780ce-3d28-4b57-8fc4-c70230d4f25e-10.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {209793CF-2F7A-46BB-94E7-5839D7F1D0EC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-09] (globalUpdate) <==== ATTENTION
Task: {23DBCB30-02B3-4C4A-9BDB-E6F772CB7BED} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {23F87188-439B-4D1E-9F01-4CB7BAC5AA13} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {2A6EA2D8-85D7-4D91-B0F4-FEF81D8DC820} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-08] () <==== ATTENTION
Task: {417D8296-86E9-44C1-A842-150D0E81971D} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {5056504F-6CE5-4BD7-9665-286431E81D7D} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {570A1AD0-975E-4E8B-8C79-A55973A92FE2} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5787D16F-8B36-468B-B00A-D993BE5F4D5E} - System32\Tasks\DK8is89dyPzmla2uemyT3 => C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe [2015-04-20] () <==== ATTENTION
C:\Program Files (x86)\AnyProtectEx
Task: {5E57DCEA-B730-4E34-B747-B3B2F8DBFDFD} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {66BF42E4-3DEC-46B5-9173-08F913E4966C} - System32\Tasks\DNSWABENO => C:\Program Files (x86)\DNS Unlocker\dnswabeno.exe [2015-07-15] ()
Task: {6A2D9BBF-9585-4DB7-871A-2C50751E5942} - \AdobeFlashPlayerUpdate 2 -> No File <==== ATTENTION
Task: {7258C0C7-1D18-4A99-9C7D-7D094BA06E37} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {73BF7A7B-53F0-4B43-9B19-5F45809C414D} - System32\Tasks\bProtector => Sc.exe start bProtector
Task: {7BE0C2FB-9FED-4218-9C95-2F75C6CD836F} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {8A89261B-9149-4D70-8C86-004AC210BAD2} - System32\Tasks\dum3wyST49Ex => C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe [2015-04-20] () <==== ATTENTION
Task: {8AA9E63F-BF5B-4896-9C74-09383AAA3A30} - System32\Tasks\YeUBBA7OfsskP753cAqWAW4 => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe [2015-04-20] () <==== ATTENTION
Task: {92FEAD3D-5CA4-414D-8242-01D83E308F78} - System32\Tasks\YeUBBA7OfsskP753cAqWAW => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe [2015-04-20] () <==== ATTENTION
Task: {9B061F3F-012E-4613-8FC2-DEF45441DFD7} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {9F9CBAFE-4063-4658-AAC8-5A7E770711BB} - System32\Tasks\Superclean => c:\programdata\{4d917b50-ca18-1849-4d91-17b50ca1ed43}\hqghumeaylnlf.exe [2014-08-08] (Super PC Tools Ltd) <==== ATTENTION
Task: {A0150A35-6F4B-4E69-9ACC-F319AAB271AB} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {A0B36402-EBDA-4D05-B40A-5151EC10AD82} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-09] (globalUpdate) <==== ATTENTION
C:\Program Files (x86)\globalUpdate
Task: {A1C5E39C-8392-481E-9CA2-4F070AEA782B} - System32\Tasks\TunePro360 Updater => C:\Program Files (x86)\adlevel\TunePro360Updater.exe [2015-08-08] ()
Task: {AD3C4602-C0E1-4CA4-9E72-AA85A1480A45} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B308FD4F-2BB2-4FE8-82AA-7FC233CC8E6F} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {CA586909-A8D8-4F2F-8AED-F473EB14C968} - \AdobeFlashPlayerUpdate -> No File <==== ATTENTION
Task: {DBC13FF3-DA83-4E8F-BF4A-4C49D5A800B0} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {E57A1D11-C2B9-4423-904C-45352BA05DEC} - System32\Tasks\SFNPKXCMWVMXYUKG => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {F03A0068-6773-4A95-8A6C-E8FF9FB18614} - System32\Tasks\DrspeedyPc Secure => C:\Program Files (x86)\DrSpeedyPC\secure\secureupdater.exe [2015-05-26] () <==== ATTENTION
C:\Program Files (x86)\DrSpeedyPC
Task: {F2EFC929-73AC-457B-AF5A-0C7E2E09177E} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job => C:\Program Files (x86)\Cinema PlusV09.08-ntf\418780ce-3d28-4b57-8fc4-c70230d4f25e-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job => C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe <==== ATTENTION
Task: C:\Windows\Tasks\dum3wyST49Ex.job => C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OMYQNNDMU1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{4d917b50-ca18-1849-4d91-17b50ca1ed43}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe <==== ATTENTION
Task: C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Owner\Downloads\7 Wonders_ Treasures of Seven__3422_il1095080.exe:typelib
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
FirewallRules: [{A31AA8E0-B0EB-4912-A9F1-B53421EE4B6F}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Program Files (x86)\Crossbrowse => moved successfully.
C:\Program Files (x86)\Coupon Time => moved successfully.
C:\Program Files (x86)\Cinema PlusV09.08-ntf => moved successfully.
C:\Users\Owner\AppData\Roaming\TWV\winpl.exe => moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallCleanUp => value not found.
"C:\Program Files (x86)\gmsd_us_005010055" => File/Folder not found.
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9C0C11CE362BB547A69B6E9BF20A1C96 => value removed successfully
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch" => key removed successfully
HKCR\Wow6432Node\CLSID\ielnksrch => key not found.
"HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => key removed successfully
HKCR\CLSID\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found.
"HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} => key not found.
"HKCR\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} => value not found.
HKCR\Wow6432Node\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} => key not found.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\user.js => moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] => moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\temp => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{88d83554-2fdc-4bb9-8dcd-f2d46d175f88} => moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{845257EF-A892-484e-8EB0-47F563D75939} => value removed successfully
C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} => value removed successfully
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles/lghuf863.default\extensions\[email protected] not found.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp => moved successfully.
globalUpdate => service removed successfully
globalUpdatem => service removed successfully
dezyloje => service not found.
Winsock => service removed successfully
cherimoya => service removed successfully
snqjhjan => service removed successfully
SWUMX20 => service removed successfully
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job => moved successfully.
C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job => moved successfully.
C:\Windows\Tasks\dum3wyST49Ex.job => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5 => moved successfully.
C:\Windows\System32\Tasks\DK8is89dyPzmla2uemyT3 => moved successfully.
C:\Windows\System32\Tasks\dum3wyST49Ex => moved successfully.
C:\Program Files (x86)\e0e47087-3946-45d1-aaf1-7bd4f3f3a0b2 => moved successfully.
C:\Program Files (x86)\ORBTR => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job => moved successfully.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job => moved successfully.
C:\Program Files (x86)\Cinema PlusV09.08 => moved successfully.
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3 => moved successfully.
"C:\Program Files (x86)\Cinema PlusV09.08-ntf" => File/Folder not found.
"C:\Users\Owner\AppData\Local\gmsd_us_005010055" => File/Folder not found.
"C:\Program Files (x86)\gmsd_us_005010055" => File/Folder not found.
C:\Windows\System32\Tasks\snp => moved successfully.
C:\Windows\System32\Tasks\snf => moved successfully.
C:\Users\Owner\AppData\Local\McAfeeSecurity => moved successfully.
C:\ProgramData\Soltops => moved successfully.
C:\ProgramData\Package Cache => moved successfully.
C:\Program Files\Controller => moved successfully.
C:\Windows\System32\Tasks\DrspeedyPc Secure => moved successfully.
C:\Program Files (x86)\DrSpeedyPC => moved successfully.
C:\Windows\System32\Tasks\{A4190820-604B-403C-B3CC-528674BB0D72} => moved successfully.
"C:\END" => File/Folder not found.
C:\Program Files (x86)\DNS Unlocker => moved successfully.
C:\Windows\System32\Tasks\DNSWABENO => moved successfully.
C:\Users\Owner\Desktop\Continue SpaceSoundPro Uninstaller.lnk => moved successfully.
C:\Users\Owner\Desktop\GUPlayer.lnk => moved successfully.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer => moved successfully.
C:\Program Files (x86)\GUPlayer => moved successfully.
C:\Program Files (x86)\predm => moved successfully.
C:\ProgramData\2e33e05a00007796 => moved successfully.
C:\Users\Owner\Downloads\Unconfirmed 671830.crdownload => moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => moved successfully.
C:\Windows\Tasks\Superclean.job => moved successfully.
C:\Users\Owner\AppData\Local\nsz777.tmp => moved successfully.
C:\Windows\System32\Tasks\Superclean => moved successfully.
C:\Users\Owner\AppData\Roaming\AnyProtectEx => moved successfully.
C:\ProgramData\{4d917b50-ca18-1849-4d91-17b50ca1ed43} => moved successfully.
C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job => moved successfully.
C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job => moved successfully.
C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW4 => moved successfully.
C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW => moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => moved successfully.
C:\Users\Owner\AppData\Local\globalUpdate => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\Program Files (x86)\adlevel => moved successfully.
C:\Program Files (x86)\uninstaller.exe => moved successfully.
C:\Windows\System32\Tasks\TunePro360 Updater => moved successfully.
C:\Windows\system32\PeakoarOff.ini => moved successfully.
C:\Program Files (x86)\TechVedic => moved successfully.
C:\Windows\Tasks\Crossbrowse.job => moved successfully.
C:\Program Files\shopperz04082015 => moved successfully.
C:\Windows\SysWOW64\Peakoar.ini => moved successfully.
C:\Windows\SysWOW64\PeakoarOff.ini => moved successfully.
C:\Windows\System32\Tasks\Crossbrowse => moved successfully.
C:\Windows\system32\aby => moved successfully.
C:\Users\Owner\AppData\Local\Crossbrowse => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse => moved successfully.
"C:\Program Files (x86)\Crossbrowse" => File/Folder not found.
C:\Windows\system32\Peakoar64.dll => moved successfully.
C:\Windows\SysWOW64\Peakoar.dll => moved successfully.
C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job => moved successfully.
C:\Users\Owner\AppData\Local\SmartWeb => moved successfully.
C:\Windows\Tasks\OMYQNNDMU1.job => moved successfully.
C:\ProgramData\FlashBeat => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Windows\System32\Tasks\SFNPKXCMWVMXYUKG => moved successfully.
C:\Windows\System32\Tasks\OMYQNNDMU1 => moved successfully.
C:\ProgramData\Service1291 => moved successfully.
C:\ProgramData\28341ff220e0446c9fff27c4493d622e => moved successfully.
C:\Windows\system32\Drivers\{949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64.sys => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Users\Owner\AppData\Local\07599E80-1439070532-81E1-3676-5404A63C37F3 => moved successfully.
C:\Windows\System32\Tasks\Inst_Rep => moved successfully.
C:\Program Files (x86)\Coupoon => moved successfully.
"C:\Program Files (x86)\Coupon Time" => File/Folder not found.
C:\ProgramData\abc => moved successfully.
C:\Program Files\Coupoon => moved successfully.
C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3 => moved successfully.
C:\Users\Owner\AppData\Roaming\TWV => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1290AA52-EC88-4431-8DB1-A12AFAB33ACC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1290AA52-EC88-4431-8DB1-A12AFAB33ACC}" => key removed successfully
C:\Windows\System32\Tasks\OMYQNNDMU1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OMYQNNDMU1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{184AC837-F3CE-4D07-A0B9-E34D8CCE8B7A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{184AC837-F3CE-4D07-A0B9-E34D8CCE8B7A}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B7043CE-18E3-47DC-A9E0-D85BF587E190}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B7043CE-18E3-47DC-A9E0-D85BF587E190}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{209793CF-2F7A-46BB-94E7-5839D7F1D0EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{209793CF-2F7A-46BB-94E7-5839D7F1D0EC}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23DBCB30-02B3-4C4A-9BDB-E6F772CB7BED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23DBCB30-02B3-4C4A-9BDB-E6F772CB7BED}" => key removed successfully
C:\Windows\System32\Tasks\ASUS SmartLogon Console Sensor => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS SmartLogon Console Sensor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23F87188-439B-4D1E-9F01-4CB7BAC5AA13}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F87188-439B-4D1E-9F01-4CB7BAC5AA13}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A6EA2D8-85D7-4D91-B0F4-FEF81D8DC820}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A6EA2D8-85D7-4D91-B0F4-FEF81D8DC820}" => key removed successfully
C:\Windows\System32\Tasks\Crossbrowse not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{417D8296-86E9-44C1-A842-150D0E81971D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{417D8296-86E9-44C1-A842-150D0E81971D}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5056504F-6CE5-4BD7-9665-286431E81D7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5056504F-6CE5-4BD7-9665-286431E81D7D}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{570A1AD0-975E-4E8B-8C79-A55973A92FE2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{570A1AD0-975E-4E8B-8C79-A55973A92FE2}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5787D16F-8B36-468B-B00A-D993BE5F4D5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5787D16F-8B36-468B-B00A-D993BE5F4D5E}" => key removed successfully
C:\Windows\System32\Tasks\DK8is89dyPzmla2uemyT3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DK8is89dyPzmla2uemyT3" => key removed successfully
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5E57DCEA-B730-4E34-B747-B3B2F8DBFDFD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E57DCEA-B730-4E34-B747-B3B2F8DBFDFD}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{66BF42E4-3DEC-46B5-9173-08F913E4966C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66BF42E4-3DEC-46B5-9173-08F913E4966C}" => key removed successfully
C:\Windows\System32\Tasks\DNSWABENO not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSWABENO" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6A2D9BBF-9585-4DB7-871A-2C50751E5942}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A2D9BBF-9585-4DB7-871A-2C50751E5942}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7258C0C7-1D18-4A99-9C7D-7D094BA06E37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7258C0C7-1D18-4A99-9C7D-7D094BA06E37}" => key removed successfully
C:\Windows\System32\Tasks\ACMON => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACMON" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73BF7A7B-53F0-4B43-9B19-5F45809C414D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73BF7A7B-53F0-4B43-9B19-5F45809C414D}" => key removed successfully
C:\Windows\System32\Tasks\bProtector => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bProtector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BE0C2FB-9FED-4218-9C95-2F75C6CD836F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BE0C2FB-9FED-4218-9C95-2F75C6CD836F}" => key removed successfully
C:\Windows\System32\Tasks\LaunchPreSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A89261B-9149-4D70-8C86-004AC210BAD2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A89261B-9149-4D70-8C86-004AC210BAD2}" => key removed successfully
C:\Windows\System32\Tasks\dum3wyST49Ex not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dum3wyST49Ex" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8AA9E63F-BF5B-4896-9C74-09383AAA3A30}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AA9E63F-BF5B-4896-9C74-09383AAA3A30}" => key removed successfully
C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW4 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YeUBBA7OfsskP753cAqWAW4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{92FEAD3D-5CA4-414D-8242-01D83E308F78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92FEAD3D-5CA4-414D-8242-01D83E308F78}" => key removed successfully
C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YeUBBA7OfsskP753cAqWAW" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B061F3F-012E-4613-8FC2-DEF45441DFD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B061F3F-012E-4613-8FC2-DEF45441DFD7}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F9CBAFE-4063-4658-AAC8-5A7E770711BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F9CBAFE-4063-4658-AAC8-5A7E770711BB}" => key removed successfully
C:\Windows\System32\Tasks\Superclean not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Superclean" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0150A35-6F4B-4E69-9ACC-F319AAB271AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0150A35-6F4B-4E69-9ACC-F319AAB271AB}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0B36402-EBDA-4D05-B40A-5151EC10AD82}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0B36402-EBDA-4D05-B40A-5151EC10AD82}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully
"C:\Program Files (x86)\globalUpdate" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1C5E39C-8392-481E-9CA2-4F070AEA782B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1C5E39C-8392-481E-9CA2-4F070AEA782B}" => key removed successfully
C:\Windows\System32\Tasks\TunePro360 Updater not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TunePro360 Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD3C4602-C0E1-4CA4-9E72-AA85A1480A45}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD3C4602-C0E1-4CA4-9E72-AA85A1480A45}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B308FD4F-2BB2-4FE8-82AA-7FC233CC8E6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B308FD4F-2BB2-4FE8-82AA-7FC233CC8E6F}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA586909-A8D8-4F2F-8AED-F473EB14C968}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA586909-A8D8-4F2F-8AED-F473EB14C968}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBC13FF3-DA83-4E8F-BF4A-4C49D5A800B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBC13FF3-DA83-4E8F-BF4A-4C49D5A800B0}" => key removed successfully
C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\418780ce-3d28-4b57-8fc4-c70230d4f25e-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E57A1D11-C2B9-4423-904C-45352BA05DEC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E57A1D11-C2B9-4423-904C-45352BA05DEC}" => key removed successfully
C:\Windows\System32\Tasks\SFNPKXCMWVMXYUKG not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SFNPKXCMWVMXYUKG" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F03A0068-6773-4A95-8A6C-E8FF9FB18614} => key not found.
C:\Windows\System32\Tasks\DrspeedyPc Secure not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DrspeedyPc Secure" => key removed successfully
"C:\Program Files (x86)\DrSpeedyPC" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2EFC929-73AC-457B-AF5A-0C7E2E09177E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2EFC929-73AC-457B-AF5A-0C7E2E09177E}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job not found.
C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job not found.
C:\Windows\Tasks\APSnotifierPP1.job not found.
C:\Windows\Tasks\APSnotifierPP2.job not found.
C:\Windows\Tasks\APSnotifierPP3.job not found.
C:\Windows\Tasks\Crossbrowse.job not found.
C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job not found.
C:\Windows\Tasks\dum3wyST49Ex.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\OMYQNNDMU1.job not found.
C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job not found.
C:\Windows\Tasks\Superclean.job not found.
C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job not found.
C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job not found.
C:\Users\Owner\Downloads\7 Wonders_ Treasures of Seven__3422_il1095080.exe => ":typelib" ADS removed successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRkrn" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRSVC" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A31AA8E0-B0EB-4912-A9F1-B53421EE4B6F} => value removed successfully
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {B79DBD88-DB1D-4BD5-97B4-E88B174CD9EE}.
Unable to cancel {3825FF64-003F-496F-AFE1-765E1C0F54F6}.
{ED932176-7ED4-42BE-86C7-54381FD72D42} canceled.
{B31C7E4D-FEEE-4E9F-B34B-642BF3633744} canceled.
{528068DF-EAD9-46F2-9534-4254CDFE2DBE} canceled.
{9F64E664-A920-4CD0-A084-EB7BB7B82DE6} canceled.
{3549938A-68F6-4C5F-8CD4-82DC7ECB8EE4} canceled.
Unable to cancel {0B67CF3E-3540-4424-B8EF-3C43B13557D3}.
Unable to cancel {91C0BEFD-03B5-43C9-98D6-7DDDF20456EA}.
Unable to cancel {3142AD60-A3EC-4D58-B3C6-5F7B86137BEA}.
Unable to cancel {F0DD0464-3A0C-46FC-A314-6BDF620DFABE}.
Unable to cancel {FB497C0D-A75A-4326-BFA8-20963A7124BD}.
Unable to cancel {71F80A52-7EF9-4129-AD83-DDA04266CD8B}.
Unable to cancel {C8399C09-B564-42B3-B3E9-78D837D1186A}.
Unable to cancel {6DF0E967-250F-4377-BDDF-860AFB58B97A}.
Unable to cancel {20A12F24-86BD-4303-8F44-D1F9B465538E}.
Unable to cancel {EF406309-FAF1-4B23-9490-486CDC8AA6B9}.
Unable to cancel {D23D1537-5BEC-4398-87B4-95049098B99F}.
Unable to cancel {5B1E08CC-A000-437B-A84F-F41261B3610C}.
Unable to cancel {08CF830E-5775-41F1-B0A5-BA3ABF5F58C4}.
Unable to cancel {7990EBF4-014B-4BE6-880B-DAEF43407318}.
Unable to cancel {7BCF9516-EE6D-46A4-AA69-DBB80451B0A6}.
Unable to cancel {EE5DBF86-05D4-4DD6-B616-2DCC4EE3FA29}.
Unable to cancel {D90BBDA5-8C72-4AB9-B3CD-A369657A9A0D}.
Unable to cancel {D502ED5C-8924-432C-9BD5-9A5A50AC4450}.
Unable to cancel {5FC26C25-ADBC-4B9A-A493-E018CDB9A048}.
Unable to cancel {8DD473AC-0BC7-4BFB-BA87-3837ACCA14F0}.
Unable to cancel {38B5EC32-9065-4B51-9A5D-954E5AA900D7}.
Unable to cancel {DDD3BD3E-E602-47E5-A96F-094D113C037C}.
Unable to cancel {2E56B42C-7143-4BE9-AD62-133C899EC87A}.
Unable to cancel {E093DD37-D657-4145-82D3-03DF498851B6}.
Unable to cancel {BC4CA160-FB6E-403E-B678-8FB14B9465D9}.
Unable to cancel {5E8581D4-9D62-446C-9814-71CD0EED7985}.
Unable to cancel {8B876C10-5303-4AC0-BD06-2468749A6F8E}.
Unable to cancel {5B808F21-6FE5-47E4-8262-C7DF042507A9}.
Unable to cancel {1D3BC1E0-219A-45F2-B2D1-B846351F000C}.
Unable to cancel {3FE08639-66AB-461B-AB65-48BB268EE78B}.
5 out of 37 jobs canceled.
========= End of CMD: =========
========= netsh winsock reset catalog =========
The system cannot find the file specified.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= RemoveProxy: =========
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.
EmptyTemp: => 26.3 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 22:54:12 ====
[SO].txt log:
# AdwCleaner v4.208 - Logfile created 12/08/2015 at 12:27:31
# Updated 09/07/2015 by Xplode
# Database : 2015-07-09.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\adwcleaner_4.208.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : CltMngSvc
[#] Service Deleted : consumerinput_update
[#] Service Deleted : consumerinput_updatem
[#] Service Deleted : GlobalUpdater
[#] Service Deleted : Orbiter
[#] Service Deleted : SPPD
[#] Service Deleted : MediaService
[#] Service Deleted : SushiLeadsUpdaterService
[#] Service Deleted : IMService
Service Deleted : {6ec09908-795a-4141-bffa-5fa914d42b7e}Gw64
[#] Service Deleted : {949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64
[#] Service Deleted : wsafd_1_10_0_19
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\bProtector
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\sushileads
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Consumer Input
Folder Deleted : C:\Program Files (x86)\Coupon Time
Folder Deleted : C:\Program Files (x86)\sushileads
Folder Deleted : C:\Program Files (x86)\Common Files\IMGUpdater
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
Folder Deleted : C:\Users\Owner\AppData\Local\Babylon
Folder Deleted : C:\Users\Owner\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Owner\AppData\Local\Consumer Input
Folder Deleted : C:\Users\Owner\AppData\Local\Crossbrowse
Folder Deleted : C:\Users\Owner\AppData\LocalLow\SmartWeb
Folder Deleted : C:\Users\Owner\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Users\Owner\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected]
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Deleted : C:\Windows\apppatch\apppatch64\vcldr64.dll
File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Deleted : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
File Deleted : C:\Windows\AppPatch\nbin\VC32Loader.dll
File Deleted : C:\Windows\System32\drivers\{6ec09908-795a-4141-bffa-5fa914d42b7e}Gw64.sys
File Deleted : C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW
File Deleted : C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe
File Deleted : C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4
File Deleted : C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\searchplugins\trovi.xml
***** [ Scheduled tasks ] *****
Task Deleted : ConsumerInputUpdateTaskMachineCore
Task Deleted : ConsumerInputUpdateTaskMachineUA
Task Deleted : Inst_Rep
Task Deleted : amiupdaterExd
Task Deleted : amiupdaterExi
Task Deleted : SushiLeads
Task Deleted : 4a752bbc-e718-4ff5-8948-5413ae8b7094
Task Deleted : 833cc6d2-8ea1-410b-81e6-688ff4f32372
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Owner\Desktop\Chrome .lnk
Shortcut Disinfected : C:\Users\Owner\Desktop\Firefox .lnk
Shortcut Disinfected : C:\Users\Owner\Desktop\Iexplore .lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome .lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox .lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iexplore .lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome .lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox .lnk
Shortcut Disinfected : C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Iexplore .lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [ConsumerInput@Compete]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nociobghckdhokecfeajdpimjeapnopn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\adpeheiliennogfclcgmchdfdmafjegc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SmartWeb]
Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SushiLeadsApplication]
Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Key Deleted : HKLM\SOFTWARE\277beaec-11fa-4a03-b6c8-18842003bd0a
Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Key Deleted : HKLM\SOFTWARE\a23b2255-200b-40a6-8440-bb6f4938e046
Key Deleted : HKLM\SOFTWARE\c15a9597-bfd8-b7d1-05bf-52838fc57072
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\bProtector
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\KanarCore
Key Deleted : HKCU\Software\NpApp
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\CrossBrowser
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\Online video player
Key Deleted : HKCU\Software\TWV OK
Key Deleted : HKCU\Software\twv
Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\IMGUPDATER
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKLM\SOFTWARE\ORBTR
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\FlashBeat
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\coupoon
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Coupon Time
Key Deleted : HKU\.DEFAULT\Software\bProtector
Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Consumer Input Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sushileads
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Deleted : [x64] HKLM\SOFTWARE\Iminent
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\FlashBeat
Key Deleted : [x64] HKLM\SOFTWARE\coupoon
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\snapdo.com
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v38.0.5 (x86 en-US)
[lghuf863.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=63c6abf8-8bc1-4d90-a780-bb5dba68ab77");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101587");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "dcc9ff5c00000000000064d4da65a93b");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "dcc9ff5c00000000000064d4da65a93b");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15418");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:44:27");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...]
[lghuf863.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14f205eaa0eedc845d8d290fbf37b4ea");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.BirthDate", "1439181046");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.cifs", "0");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.enableToolbar", "true");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.enabledAds", "false");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.newtabredirect", "true");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.nomsi", "true");
[lghuf863.default\prefs.js] - Line Deleted : user_pref("iminent.searchindex", "1");
-\\ Google Chrome v44.0.2403.130
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M3C8A0B2F-1FE5-42B5-927C-787973A1EAEE&SearchSource=58&CUI=&UM=8&UP=SP1F6B56EB-6ADD-474D-AB94-E47A608388C1&D=080815&q={searchTerms}&SSPV=
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&publisher=apsnapdoadvt&country=us&feedid=infospace&st=sc&dpid=usnomon&lan=en&ic=&start=1
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.iminent.com/?appId=63c6abf8-8bc1-4d90-a780-bb5dba68ab77&ref=toolbox&q={searchTerms}
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://start.iminent.com/?appId=63c6abf8-8bc1-4d90-a780-bb5dba68ab77
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : CF137FC508B704B9A562E035EF3A2A1EBD1ED8C61EE7C8BA236FCF8169981DB0"},"software_reporter":{"prompt_reason":"FAFCE86A65E3E8918597BC163438E1523EB6713C6859B81C4056FD94F67AADFE","prompt_seed":"F7D96421399FA05A8A1F831382CF7E0998611BA9855450D84A8992F666A5BCB9","prompt_version":"475CDB0EFA8AB304418528B71B81B0EDA067149FB843AE60A7ED86AEE60B0272"},"sync":{"remaining_rollback_tries":"404D896311BF4B7DE82AA01A556C23C1A10F7F1A1EFD46E4B7F5756B1AFA4A5E"}},"super_mac":"D21EB2BC79B4280DF9851386AFA1EB76027D59D9DA8B4595347CED2DF12994F7"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://start.iminent.com/?appId=63c6abf8-8bc1-4d90-a780-bb5dba68ab77
*************************
AdwCleaner[R0].txt - [27765 bytes] - [12/08/2015 12:22:34]
AdwCleaner[R1].txt - [27825 bytes] - [12/08/2015 12:26:53]
AdwCleaner[S0].txt - [27230 bytes] - [12/08/2015 12:27:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27290 bytes] ##########
JRT.txt log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Wed 08/12/2015 at 12:45:20.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] comyninu [Reboot required]
Successfully deleted: [Service] gotifufi [Reboot required]
Successfully deleted: [Service] Update Coupon Time [Reboot required]
Successfully deleted: [Service] Util Coupon Time [Reboot required]
Successfully deleted: [Service] wewatcherproxy [Reboot required]
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\CIMT_daily_S-1-5-21-3206371679-4115178929-761777742-1000
Successfully deleted: [Task] C:\Windows\system32\tasks\CIMT_S-1-5-21-3206371679-4115178929-761777742-1000
Successfully deleted: [Task] C:\Windows\Tasks\CIMT_daily_S-1-5-21-3206371679-4115178929-761777742-1000.job
Successfully deleted: [Task] C:\Windows\Tasks\CIMT_S-1-5-21-3206371679-4115178929-761777742-1000.job
Successfully deleted: [Task] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
Successfully deleted: [Task] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9C0C11CE362BB547A69B6E9BF20A1C96
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_005010055
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_005010056
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] (Default) REG_SZ Crossbrowse
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{768919B3-C6AD-47D4-94E9-A4A2FBA8A83D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{768919B3-C6AD-47D4-94E9-A4A2FBA8A83D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{768919B3-C6AD-47D4-94E9-A4A2FBA8A83D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Coupon Time
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Coupon Time
~~~ Files
Failed to delete: [File] C:\Windows\SysWOW64\number of results
Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\winfix 10 pro.lnk
Successfully deleted: [File] C:\Users\Owner\desktop\winfix 10 pro.lnk
Successfully deleted: [File] C:\Users\Public\Desktop\play more great games!.url
Successfully deleted: [File] C:\Windows\system32\drivers\{6ec09908-795a-4141-bffa-5fa914d42b7e}Gw64.sys
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{17D5A2CD-7999-45F0-A734-72353C099B2F}
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{2CE523A7-84B4-499C-A004-2FC70C442D6E}
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{438569D5-7B35-4211-8B42-44E02658863E}
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{77B2910F-11EA-4DE2-A750-151F1023362D}
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{87E86491-C4EB-416D-88A9-ABC81DE71D1B}
Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{D03083D3-9C43-4B0C-84B1-C4E347A979AA}
Successfully deleted: [Folder] C:\ProgramData\best buy pc app
Successfully deleted: [Folder] C:\Users\Owner\Appdata\Local\best buy pc app
Successfully deleted: [Folder] C:\Users\Owner\Appdata\Local\crossbrowse
Successfully deleted: [Folder] C:\Users\Owner\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Owner\Appdata\LocalLow\company
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\lghuf863.default\prefs.js
user_pref(CT3309350.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\});
user_pref(browser.search.defaultenginename.US, StartWeb);
user_pref(browser.search.selectedEngine, StartWeb);
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\lghuf863.default\minidumps [132 files]
~~~ Chrome
[C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
papbadoldddalgcjcicnikcfenodpghp
[C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/12/2015 at 13:02:32.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mbam log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/12/2015
Scan Time: 2:53 PM
Logfile: tricia.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.06.03.03
Rootkit Database: v2015.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 392670
Time Elapsed: 17 min, 31 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 85
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [65ea10a6d8b2a2947eb679290ff4cf31],
PUP.Optional.ConsumerInput.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}, Quarantined, [62ed5066107a1620d12e4d1b996a4bb5],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\Cinema PlusV09.08-nv, Quarantined, [cb84efc7cbbf9d99c860da9d26dfea16],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\CLASSES\ConsumerInput.OneClickProcessLauncherMachine, Quarantined, [b798d0e6325862d4814726c3946f6c94],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\CLASSES\ConsumerInput.OneClickProcessLauncherMachine.1.0, Quarantined, [311ee6d023673ff73c8cd019699adb25],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [aea1199d99f1d95d8016e550f60eb44c],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [95ba476fbecccf6742543ef78f75ad53],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [ba95d8dea8e274c2583ee74e60a415eb],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [0b448432b6d403339402fe376e966b95],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [cb846452f298b2843165b77e6e96db25],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [f75880363456b383a6f06dc86e96f10f],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [70df6b4bb9d12a0cb0e6d95c7c88cc34],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [74dbb6003e4cf442692dcd68fa0a07f9],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [f25debcb5436f73f2c6a5adb4cb8738d],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [cd82edc9f99193a300963ef7dd2748b8],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [8ec12f870d7d76c0bcda290c8d776f91],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [a1ae2a8cd1b96ec8cbcbd065729240c0],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [71debef83951fb3b7125b18415ef0bf5],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [5ef1b501c6c4e155069076bfa0643ec2],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [3718aa0cd3b7f93d86103500b3519d63],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [a3ac2393fd8de254128483b24cb8ff01],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [f15e199d15752016b8de3bfa14f0db25],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [c98635813357ff3783131d186d9705fb],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [70df5b5bef9b73c3f5a157dee4201ee2],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [82cddadcc7c384b2a2f4ad8848bce719],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [0b44b7ffa7e358dee2b40d2811f37f81],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [1e31a2148dfd3afcc9cd42f3749060a0],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [08472d89a5e548ee9006f045db29d828],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [e16e3b7b4149fe381e78c273f113e51b],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\CLASSES\APPID\ConsumerInputUpdate.exe, Quarantined, [5cf3278fd0ba43f3586e0fda00036d93],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\ConsumerInputUpdate.exe, Quarantined, [8bc49f17eaa09c9aa71f8069b94a6997],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , Quarantined, [f659cee886047db99fbda7da867f6898],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [d47b793dbecc8caa69130f5d2fd6e51b],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [a5aa9521d4b651e50477303ce32230d0],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\Cinema PlusV09.08, Quarantined, [0649ccea6b1feb4b1810b8bf8f76e61a],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\Cinema PlusV09.08-nv, Quarantined, [51fe20965e2cb5818b9d0e69c1448f71],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\Cinema PlusV09.08-nv-ie, Quarantined, [89c68f274446fa3c1c0c91e6778ef808],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\WOW6432NODE\ConsumerInput, Quarantined, [9ab52f870684c37343eb5a8cc93ae719],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [bb940aac008a12242808d115ae551de3],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInput.OneClickProcessLauncherMachine, Quarantined, [6de2e9cd4941b77fe0e89d4c35ceae52],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInput.OneClickProcessLauncherMachine.1.0, Quarantined, [75da674f66242d09ccfc9455dd26fd03],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [143b1b9b6f1bde58e3b3ab8a39cb6997],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [fd527046593188aebed80035c242a55b],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [cb842591d8b248eee0b6ae875ba941bf],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [3d12971feaa0fc3a069079bc9272a060],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [d57a5b5ba2e892a4187ebb7a7f85fa06],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [7cd3cee81f6b340215813df834d0d42c],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [004f9c1aadddaf873165b283e42026da],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [f659c9edee9c290d4d499e976f957f81],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [9cb3229499f139fde8ae88ad7193fa06],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [9cb3cfe7018940f6eea87cb9fc0854ac],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [f758a70fb0da9c9a682e61d46c98966a],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [77d8e6d0c2c8e84eccca0f26d0349e62],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [a4ab11a5c1c9e5514d497fb6ea1a7c84],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [b39c75413a50171f7d19a3920ef66997],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [272834821971ec4a098d89ac0ff5a65a],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [044b53633f4be650d5c136ffb450c33d],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [80cf694d2d5d69cd4d497db8a85cd32d],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [4d02585ec0ca4beb8e0889acca3a758b],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [1d327442c5c5f83e0492ff36d331a060],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [1c33962051395ed8c1d558dd689ccd33],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [cb84e0d60b7fcc6a7f17bd78e81c7e82],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [5ff07c3a0585ee48128490a510f427d9],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [85ca744291f9b581177f9e97c53faa56],
PUP.Optional.ConsumerInput.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [014ea4125b2fee48e5b1300531d32fd1],
PUP.Optional.ConsumerInput.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\ConsumerInputUpdate.exe, Quarantined, [64eb2492b5d5e551f2d448a18c777a86],
PUP.Optional.HealthCareGovTool.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WebWatcherInstall, Quarantined, [7cd3387ef793af872ac09155867d46ba],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, Quarantined, [f659694d315938fe87c97c03df26a25e],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\Cinema PlusV09.08-nv, Quarantined, [f95692249eec5bdbcb5c87f040c53dc3],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\Cinema PlusV09.08-nv-ie, Quarantined, [62ed575f0b7f15215bcc0770818428d8],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, Quarantined, [c48b00b61c6e0d29281f8fe952b3f20e],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [6be4b006c8c23600c6f30576c540d22e],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Cinema PlusV09.08, Quarantined, [0f40ab0b8bffd75f7cabc9ae37cec739],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Cinema PlusV09.08-ntf, Quarantined, [a6a9b501f199fb3b2bfc4730e52008f8],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Cinema PlusV09.08-nv, Quarantined, [a8a7863056342e08d552651236cfeb15],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Cinema PlusV09.08-nv-ie, Quarantined, [bc933d79e3a7072fbd6a81f681848c74],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\CinemaPlus-3.2cV30.07-nv-ie, Quarantined, [9fb04d69d2b86dc9e1b2f50741c226da],
PUP.Optional.ConsumerInput.C, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\ConsumerInput, Quarantined, [ce81595db8d262d4f6761eca82819d63],
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\Crossbrowse, Quarantined, [80cfd0e66f1b91a5cdbbc82040c3c040],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, Quarantined, [c18e53636822f145bff6cb56e32118e8],
Registry Values: 7
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [163923939befcb6bdc7f661b6f9607f9]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [4b04b2046a20f343500b0f7231d4a759]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [53fc684e1a70ee48db80750c61a4ea16]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [9cb345719dedde58abb01071699cfb05]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [66e97a3cc0cab680bd9e037ef60f46ba]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [440b14a2543642f4203ba9d8ae5707f9]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130838306452706584, Quarantined, [f659cee886047db99fbda7da867f6898]
Registry Data: 1
PUM.Hijack.StartMenu, HKU\S-1-5-21-3206371679-4115178929-761777742-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowSearch, 0, Good: (1), Bad: (0),Replaced,[59f6d5e14f3b5fd75db433fde026f50b]
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe, Quarantined, [341b5165365454e205764b0c0ef2cc34],
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe, Quarantined, [e56a674f2a6095a16f57f45bb64cec14],
PUP.Adbundler, C:\Users\Owner\Downloads\NI_Multisim_Student_Edition.exe, Quarantined, [3d124f67424838fed17e3b83ba46c838],
PUP.Optional.SearchProtect, C:\Users\Owner\AppData\Local\bvxvyxvec\bvxvyxvec.exe, Quarantined, [430c4d6991f90135d59b2af650b2e41c],
PUP.Optional.SearchProtect.A, C:\Users\Owner\AppData\Local\bvxvyxvec\pbqrmvbub, Quarantined, [ee61e6d0dbafd16586482899be4354ac],
PUP.Optional.SndVol.A, C:\Windows\SysWOW64\config\systemprofile\sndvol.exe, Quarantined, [67e8e4d2414954e23f5a8d57b152cd33],
Physical Sectors: 0
(No malicious items detected)
(end)
my wifi says it is connected, however when i open up any browser (firefox, chrome) it says 'server not found', iExplorer won't open at all.
Tricia
rebooted the router, then turned on in normal mode and the computer doesn't even go to the desktop, just a black screen. Did a hard shut down and restarted in safe mode with networking, no internet connection, tried to connect wifi, get error message: 'Cannot load the Remote Access Connection Manager service. Error 711: The operation could not finish because it could not start the Remote Access Connection Manager service in time. Please try operation again.'
i tried again in normal mode, takes awhile but was able to get to desktop, no internet connection, tried to connect to wifi and get an error message Error 651: the modem (or oether connecting device) has reported an error.' Howeve, I am using my router on other devices, my mac, the tv internet connections, all working just fine.
0 members, 1 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.