Post by moeko on May 8, 2015 19:19:18 GMT -8
Sorry that it takes me so long, but the computer keeps freezing and a lot of windows keep popping up and now the keyboard doesn't work properly. I have to press each key multiple times
# AdwCleaner v4.203 - Logfile created 08/05/2015 at 20:49:40
# Updated 30/04/2015 by Xplode
# Database : 2015-05-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Marius - MARIUS-PC
# Running from : C:\Users\Marius\Desktop\adwcleaner_4.203.exe
# Option : Scan
***** [ Services ] *****
Service Found : netfilter64
***** [ Files / Folders ] *****
File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Found : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage
File Found : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage-journal
File Found : C:\Users\Marius\AppData\Roaming\aps.uninstall.scan.results
File Found : C:\Users\Marius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
File Found : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\gmvxix60.default\searchplugins\bingp.xml
File Found : C:\Users\Public\Desktop\GeekBuddy.lnk
File Found : C:\windows\System32\drivers\netfilter64.sys
File Found : C:\windows\System32\log\iSafeKrnlCall.log
File Found : C:\windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\BitGuard
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\f20efdf800001b7e
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Websteroids
Folder Found : C:\Users\Marius\AppData\Local\FileViewPro
Folder Found : C:\Users\Marius\AppData\Local\globalUpdate
Folder Found : C:\Users\Marius\AppData\Local\lollipop
Folder Found : C:\Users\Marius\AppData\Local\Temp\apn
Folder Found : C:\Users\Marius\AppData\Local\Websteroids
Folder Found : C:\Users\Marius\AppData\Roaming\Activeris
Folder Found : C:\Users\Marius\AppData\Roaming\eCyber
Folder Found : C:\Users\Marius\AppData\Roaming\iSafe
Folder Found : C:\Users\Marius\AppData\Roaming\Solvusoft
Folder Found : C:\Users\Marius\AppData\Roaming\Uniblue
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\BrowserHelper
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\SafeGuard
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\AppDataLow\Software\Supra Savings
Key Found : HKCU\Software\Classes\PepperZip
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Condut
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\CrossBrowser
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\lollipop
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\deltahotels.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.deltahotels.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystart.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.search.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www-searching.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\SafeGuardApp
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Super Optimizer
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Condut
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\CrossBrowser
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\lollipop
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\SafeGuardApp
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Super Optimizer
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\V9
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\b0643379-9102-bb83-2b18-47f1c5cd7ba9
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
Key Found : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Key Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Key Found : HKLM\SOFTWARE\coupoon
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\FreeSoftToday
Key Found : HKLM\SOFTWARE\GeekBuddyRSP
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\LookSafe
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Soft-Now bundle
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Websteroids
Key Found : HKLM\SOFTWARE\SafeGuardApp
Key Found : HKLM\SOFTWARE\SiteSee
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\SystemK
Key Found : HKLM\SOFTWARE\Taronja
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Found : [x64] HKLM\SOFTWARE\coupoon
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : [x64] HKLM\SOFTWARE\suprasavings
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKU\.DEFAULT\Software\GeekBuddyRSP
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v
[gmvxix60.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3324769&octid=EB_ORIGINAL_CTID&ISID=M25827412-7801-4FC6-BCA9-014202123AE0&SearchSource=55&CUI=&UM=8&UP=SP4C619BAA-02B5-4133-AE25[...]
-\\ Google Chrome v42.0.2311.135
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3324769&octid=EB_ORIGINAL_CTID&ISID=M25827412-7801-4FC6-BCA9-014202123AE0&SearchSource=55&CUI=&UM=8&UP=SP4C619BAA-02B5-4133-AE25-8C66039ED0E7&D=042715&SSPV=SP2230TB_sp_ch
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"ahfgeienlihckogmohjhadlkjgocpleb": {
"active_permissions": {
"api": [ "management", "system.display", "system.storage", "webstorePrivate", "system.cpu", "system.memory", "system.network" ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "t",
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318766849772",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "hxxps://chrome.google.com/webstore"
},
"urls": [ "hxxps://chrome.google.com/webstore" ]
},
"description": "Discover great apps, games, extensions and themes for Google Chrome.",
"icons": {
"128": "webstore_icon_128.png",
"16": "webstore_icon_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB",
"name": "Web Store",
"permissions": [ "webstorePrivate", "management", "system.cpu", "system.display", "system.memory", "system.network", "system.storage" ],
"version": "0.2"
},
"page_ordinal": "n",
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\web_store",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"bepbmhgboaologfdajaanbcjmnhjmhfn": {
"disable_reasons": 1,
"state": 0
},
"blpcfgokakmgnkcojhhkbfbldkacnbeo": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "z",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318918783724",
"lastpingday": "13075542015167710",
"location": 1,
"manifest": {
"app": {
"launch": {
"container": "tab",
"web_url": "hxxp://www.youtube.com/?feature=ytca"
},
"web_content": {
"enabled": true,
"origin": "hxxp://www.youtube.com"
}
},
"current_locale": "en_US",
"default_locale": "en",
"description": "The world's most popular online video community.",
"icons": {
"128": "128.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB",
"manifest_version": 2,
"name": "YouTube",
"update_url": "hxxp://clients2.google.com/service/update2/crx",
"version": "4.2.7"
},
"page_ordinal": "n",
"path": "blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"booedmolknjekdopkepjjeckmjkdpfgl": {
"active_permissions": {
"api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "chrome://newtab/*", "chrome://settings-frame/*", "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "chrome://settings-frame/*" ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13074908348213632",
"location": 5,
"manifest": {
"background": {
"persistent": true,
"scripts": [ "bk.js" ]
},
"content_scripts": [ {
"js": [ "cs.js" ],
"matches": [ "chrome://settings-frame/*" ]
} ],
"content_security_policy": "default-src 'self'; script-src chrome://resources 'self' chrome://settings-frame 'unsafe-eval'; frame-src 'self' chrome://settings-frame; style-src 'self' 'unsafe-inline';object-src 'self';",
"description": "Extutil",
"incognito": "spanning",
"key": "MIAfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+ea9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",
"manifest_version": 2,
"name": "Extutil",
"permissions": [ "chrome://newtab/", "tabs", "webNavigation", "webRequest", "webRequestBlocking", "hxxp://*/*", "hxxps://*/*", "chrome://settings-frame/" ],
"version": "0.1"
},
"path": "C:\\Users\\Marius\\AppData\\Local\\Temp\\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"coobgpohoikkiipiblmjeljniedjpjpf": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "y",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318981725158",
"lastpingday": "13075542015167710",
"location": 1,
"manifest": {
"app": {
"launch": {
"web_url": "hxxp://www.google.com/webhp?source=search_app"
},
"urls": [ "*://www.google.com/search", "*://www.google.com/webhp", "*://www.google.com/imgres" ]
},
"current_locale": "en_US",
"default_locale": "en",
"description": "The fastest way to search the web.
*************************
AdwCleaner[R0].txt - [18863 bytes] - [08/05/2015 20:49:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18923 bytes] ##########
# AdwCleaner v4.203 - Logfile created 08/05/2015 at 20:49:40
# Updated 30/04/2015 by Xplode
# Database : 2015-05-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Marius - MARIUS-PC
# Running from : C:\Users\Marius\Desktop\adwcleaner_4.203.exe
# Option : Scan
***** [ Services ] *****
Service Found : netfilter64
***** [ Files / Folders ] *****
File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Found : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage
File Found : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage-journal
File Found : C:\Users\Marius\AppData\Roaming\aps.uninstall.scan.results
File Found : C:\Users\Marius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
File Found : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\gmvxix60.default\searchplugins\bingp.xml
File Found : C:\Users\Public\Desktop\GeekBuddy.lnk
File Found : C:\windows\System32\drivers\netfilter64.sys
File Found : C:\windows\System32\log\iSafeKrnlCall.log
File Found : C:\windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\BitGuard
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\f20efdf800001b7e
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Websteroids
Folder Found : C:\Users\Marius\AppData\Local\FileViewPro
Folder Found : C:\Users\Marius\AppData\Local\globalUpdate
Folder Found : C:\Users\Marius\AppData\Local\lollipop
Folder Found : C:\Users\Marius\AppData\Local\Temp\apn
Folder Found : C:\Users\Marius\AppData\Local\Websteroids
Folder Found : C:\Users\Marius\AppData\Roaming\Activeris
Folder Found : C:\Users\Marius\AppData\Roaming\eCyber
Folder Found : C:\Users\Marius\AppData\Roaming\iSafe
Folder Found : C:\Users\Marius\AppData\Roaming\Solvusoft
Folder Found : C:\Users\Marius\AppData\Roaming\Uniblue
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\BrowserHelper
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\SafeGuard
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\AppDataLow\Software\Supra Savings
Key Found : HKCU\Software\Classes\PepperZip
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Condut
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\CrossBrowser
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\lollipop
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\deltahotels.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.deltahotels.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystart.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.search.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www-searching.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\SafeGuardApp
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Super Optimizer
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Condut
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\CrossBrowser
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\lollipop
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\SafeGuardApp
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Super Optimizer
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\V9
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\b0643379-9102-bb83-2b18-47f1c5cd7ba9
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
Key Found : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Key Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Key Found : HKLM\SOFTWARE\coupoon
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\FreeSoftToday
Key Found : HKLM\SOFTWARE\GeekBuddyRSP
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\LookSafe
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Soft-Now bundle
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Websteroids
Key Found : HKLM\SOFTWARE\SafeGuardApp
Key Found : HKLM\SOFTWARE\SiteSee
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\SystemK
Key Found : HKLM\SOFTWARE\Taronja
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Found : [x64] HKLM\SOFTWARE\coupoon
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : [x64] HKLM\SOFTWARE\suprasavings
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKU\.DEFAULT\Software\GeekBuddyRSP
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v
[gmvxix60.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3324769&octid=EB_ORIGINAL_CTID&ISID=M25827412-7801-4FC6-BCA9-014202123AE0&SearchSource=55&CUI=&UM=8&UP=SP4C619BAA-02B5-4133-AE25[...]
-\\ Google Chrome v42.0.2311.135
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3324769&octid=EB_ORIGINAL_CTID&ISID=M25827412-7801-4FC6-BCA9-014202123AE0&SearchSource=55&CUI=&UM=8&UP=SP4C619BAA-02B5-4133-AE25-8C66039ED0E7&D=042715&SSPV=SP2230TB_sp_ch
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"ahfgeienlihckogmohjhadlkjgocpleb": {
"active_permissions": {
"api": [ "management", "system.display", "system.storage", "webstorePrivate", "system.cpu", "system.memory", "system.network" ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "t",
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318766849772",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "hxxps://chrome.google.com/webstore"
},
"urls": [ "hxxps://chrome.google.com/webstore" ]
},
"description": "Discover great apps, games, extensions and themes for Google Chrome.",
"icons": {
"128": "webstore_icon_128.png",
"16": "webstore_icon_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB",
"name": "Web Store",
"permissions": [ "webstorePrivate", "management", "system.cpu", "system.display", "system.memory", "system.network", "system.storage" ],
"version": "0.2"
},
"page_ordinal": "n",
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\web_store",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"bepbmhgboaologfdajaanbcjmnhjmhfn": {
"disable_reasons": 1,
"state": 0
},
"blpcfgokakmgnkcojhhkbfbldkacnbeo": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "z",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318918783724",
"lastpingday": "13075542015167710",
"location": 1,
"manifest": {
"app": {
"launch": {
"container": "tab",
"web_url": "hxxp://www.youtube.com/?feature=ytca"
},
"web_content": {
"enabled": true,
"origin": "hxxp://www.youtube.com"
}
},
"current_locale": "en_US",
"default_locale": "en",
"description": "The world's most popular online video community.",
"icons": {
"128": "128.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB",
"manifest_version": 2,
"name": "YouTube",
"update_url": "hxxp://clients2.google.com/service/update2/crx",
"version": "4.2.7"
},
"page_ordinal": "n",
"path": "blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"booedmolknjekdopkepjjeckmjkdpfgl": {
"active_permissions": {
"api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "chrome://newtab/*", "chrome://settings-frame/*", "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "chrome://settings-frame/*" ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13074908348213632",
"location": 5,
"manifest": {
"background": {
"persistent": true,
"scripts": [ "bk.js" ]
},
"content_scripts": [ {
"js": [ "cs.js" ],
"matches": [ "chrome://settings-frame/*" ]
} ],
"content_security_policy": "default-src 'self'; script-src chrome://resources 'self' chrome://settings-frame 'unsafe-eval'; frame-src 'self' chrome://settings-frame; style-src 'self' 'unsafe-inline';object-src 'self';",
"description": "Extutil",
"incognito": "spanning",
"key": "MIAfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+ea9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",
"manifest_version": 2,
"name": "Extutil",
"permissions": [ "chrome://newtab/", "tabs", "webNavigation", "webRequest", "webRequestBlocking", "hxxp://*/*", "hxxps://*/*", "chrome://settings-frame/" ],
"version": "0.1"
},
"path": "C:\\Users\\Marius\\AppData\\Local\\Temp\\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"coobgpohoikkiipiblmjeljniedjpjpf": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "y",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13074318981725158",
"lastpingday": "13075542015167710",
"location": 1,
"manifest": {
"app": {
"launch": {
"web_url": "hxxp://www.google.com/webhp?source=search_app"
},
"urls": [ "*://www.google.com/search", "*://www.google.com/webhp", "*://www.google.com/imgres" ]
},
"current_locale": "en_US",
"default_locale": "en",
"description": "The fastest way to search the web.
*************************
AdwCleaner[R0].txt - [18863 bytes] - [08/05/2015 20:49:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18923 bytes] ##########