HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WinCheck] => C:\Users\owner\AppData\Local\58400D07-1431339524-7BC0-1DB7-EC9A74FE1D24\bnssE8CB.exe [205824 2015-05-10] ()
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2551946670-2892123830-3617700209-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2551946670-2892123830-3617700209-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - No File
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MF632D241-211E-4C25-BBF4-6E4F8C80E644&SearchSource=55&CUI=&UM=8&UP=SPA0115161-633F-48AA-8F80-E0CE9432416B&D=051015&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
2015-05-11 18:14 - 2015-05-12 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-05-11 18:14 - 2015-05-11 18:14 - 00000000 ____D () C:\Users\owner\AppData\Local\Crossbrowse
2015-05-11 18:13 - 2015-05-11 18:13 - 00000000 ____D () C:\Program Files (x86)\Crossbrowse
2015-05-11 10:29 - 2015-05-11 10:29 - 00000000 ____D () C:\ProgramData\f4e5e34b00006462
2015-05-11 10:22 - 2015-05-12 08:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-05-11 10:22 - 2015-05-11 10:22 - 00000000 ____D () C:\Users\owner\AppData\Local\globalUpdate
2015-05-11 10:22 - 2015-05-11 10:22 - 00000000 ____D () C:\Program Files (x86)\CinemaPlus-3.2cV11.05-ntf
2015-05-11 10:21 - 2015-05-12 08:19 - 00000000 ____D () C:\Users\owner\AppData\Local\58400D07-1431339683-7BC0-1DB7-EC9A74FE1D24
2015-05-11 10:20 - 2015-05-11 10:20 - 00000000 ____D () C:\Users\owner\Documents\Optimizer Pro
2015-05-11 10:20 - 2015-05-11 10:20 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-05-11 10:18 - 2015-05-11 14:12 - 00000000 ____D () C:\ProgramData\{bb91ccda-e84e-76bc-bb91-1ccdae84336b}
2015-05-11 10:18 - 2015-05-11 10:19 - 00000000 ____D () C:\Users\owner\AppData\Local\58400D07-1431339524-7BC0-1DB7-EC9A74FE1D24
2015-05-11 10:16 - 2015-05-12 08:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\58400D07-1431353817-7BC0-1DB7-EC9A74FE1D24
2015-05-09 17:43 - 2015-05-09 17:43 - 00000000 ____D () C:\ProgramData\COMODO
2015-05-09 17:41 - 2015-05-09 17:41 - 00000000 ____D () C:\Program Files\COMODO
2015-05-09 17:40 - 2015-05-09 17:40 - 00000000 ____D () C:\Users\owner\AppData\Local\Pro_PC_Cleaner
2015-04-19 08:20 - 2015-04-19 08:20 - 00005872 _____ () C:\Users\owner\AppData\Roaming\x5LzB43qifbi
2015-04-19 08:20 - 2015-04-19 08:20 - 00005872 _____ () C:\Users\owner\AppData\Roaming\HOexHy4EPthbUe533xux7j
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\owner\AppData\Roaming\HOexHy4EPthbUe533xux7j
2015-05-09 02:17 - 2015-05-09 02:17 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-05-09 02:15 - 2015-05-10 11:06 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2015-05-09 02:15 - 2015-05-10 11:06 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2551946670-2892123830-3617700209-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {04742F7B-7738-423D-8853-9A5F964896FE} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {0ACA1636-6F71-4985-B35D-888756A941FB} - System32\Tasks\{76EE93D4-D32F-48AE-A714-67D92E2D6BF4} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {15085879-8547-4C4E-AB1D-A19D5B3650C6} - \avabvyxvdy No Task File <==== ATTENTION
Task: {3E7A7F1C-DA61-4D68-94B2-DAC71177F757} - System32\Tasks\BLVCPRVBOV => C:\ProgramData\ef7a28a199c74980a1c30cd11a2d7718\ef7a28a199c74980a1c30cd11a2d7718.exe
Task: {9CF0B027-31ED-47D6-8DB8-03DD8BAE7CC6} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe <==== ATTENTION
Task: {D6A75CBE-429B-43AA-933C-C1B253701966} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {DDD8B52F-6509-441C-A44C-D3363983F1ED} - \SMW_UpdateTask_Time_333733393534363935362d455b2a34504141454a5a576c No Task File <==== ATTENTION
Task: {E81A073D-B3E0-4FA9-BE69-C2C6FCAB7447} - \SPBIW_UpdateTask_Time_333733393534363935362d455b2a34504141454a5a576c No Task File <==== ATTENTION
Task: {E827E846-25B0-4261-BC29-26E00065D4CD} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__333733393534363935362d455b2a34504141454a5a576c => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE
FirewallRules: [{3C92831E-90BF-4F04-BE7F-6F9A17E70E3B}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files\BubbleSound
C:\Program Files\Common Files\Goobzo
C:\PROGRA~2\SearchProtect
C:\Program Files (x86)\WindeskWinsearch
CMD: ipconfig /flushdns
EmptyTemp:
Hosts: