CreateRestorePoint: 
HKLM\...\Run: [AccessSecureData] => C:\Users\jklm\AppData\Local\Temp\{8565EB50-E289-4892-A596-DA6331E51B86}\AccessSecureData.exe <===== ATTENTION
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\nwjkm2z2y3mwbdd.exe [2422784 2015-06-18] ()
HKLM-x32\...\Run: [WinCheck] => C:\Users\jklm\AppData\Local\4C4C4544-1434754703-5610-8048-B7C04F445131\bnsl9328.exe [359936 2015-06-05] ()
HKLM-x32\...\Run: [SmartWeb] => C:\Users\jklm\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_us_005010007] => C:\Program Files (x86)\gmsd_us_005010007\gmsd_us_005010007.exe [3984040 2015-06-19] ()
HKLM-x32\...\RunOnce: [upgmsd_us_005010007.exe] => C:\Users\jklm\AppData\Local\gmsd_us_005010007\upgmsd_us_005010007.exe [3319976 2015-06-19] ()
HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\...\Run: [GamesBot] => C:\Program Files (x86)\Games Bot\GamesBot.exe [311912 2015-04-22] ()
HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\...\Run: [GoogleChromeAutoLaunch_D1B0517A1A5838A6E831285B01BA7F9A] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)
HKU\S-1-5-21-2695581885-3589152984-3162700467-1003\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-2695581885-3589152984-3162700467-1003\...\MountPoints2: {c7c4d253-80c7-11e2-94b1-782bcb8d9336} - I:\LaunchU3.exe -a
HKU\S-1-5-21-2695581885-3589152984-3162700467-1004\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [263952 2015-06-03] (Client Connect LTD)
AppInit_DLLs:  C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll [905728 2015-06-03] (FlashBeat)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [223504 2015-06-03] (Client Connect LTD)
AppInit_DLLs-x32:  C:\ProgramData\FlashBeat\FlashBeat32.dll => C:\ProgramData\FlashBeat\FlashBeat32.dll [630272 2015-06-03] (FlashBeat)
Startup: C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-06-19]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
Startup: C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-06-19]
ShortcutTarget: SmartWeb.lnk -> C:\Users\jklm\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...C&D=062015=
SearchScopes: HKU\S-1-5-21-2695581885-3589152984-3162700467-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2695581885-3589152984-3162700467-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
BHO: IneedSpeed -> {9480B134-F446-56C2-81C2-8E7E24D11E5F} -> C:\Program Files (x86)\version85IneedSpeed\192_x64.dll [2015-06-19] ()
BHO: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\x64\dca-bho.dll [2015-02-25] (Compete, Inc.)
BHO-x32: IneedSpeed -> {9480B134-F446-56C2-81C2-8E7E24D11E5F} -> C:\Program Files (x86)\version85IneedSpeed\192.dll [2015-06-19] ()
BHO-x32: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll [2015-02-25] (Compete, Inc.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-06-19] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-06-19] (globalUpdate)
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-05-05]
FF HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\...\Firefox\Extensions: [{C6476A68-B06E-82C0-8E2F-D79F1A73C235}] - C:\Program Files (x86)\version85IneedSpeed\192.xpi
FF Extension: IneedSpeed - C:\Program Files (x86)\version85IneedSpeed\192.xpi [2015-06-19]
FF HKU\S-1-5-21-2695581885-3589152984-3162700467-1001\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12099.xpi
FF Extension: Consumer Input - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12099.xpi [2015-01-21]
CHR Extension: (IneedSpeed) - C:\Users\jklm\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdhhjbhbfhkmmcjojicgkoplildbkbk [2015-06-19]
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-05-05]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3285776 2015-06-03] (Client Connect LTD)
S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [105944 2015-06-19] (ConsumerInput)
S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [105944 2015-06-19] (ConsumerInput)
R2 GamesBotService; C:\Program Files (x86)\Games Bot\GamesBotSvc.exe [53352 2015-06-09] (Games Bot Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-06-19] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-06-19] (globalUpdate) [File not signed] <==== ATTENTION
R2 insvc_1.10.0.14; C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600 2015-04-10] (Infonaut)
R2 kysykiti; C:\Users\jklm\AppData\Local\4C4C4544-1434754844-5610-8048-B7C04F445131\snsrA659.tmp [147456 2015-06-19] () [File not signed]
R2 Orbiter; C:\Program Files (x86)\ORBTR\orbiter.dll [558544 2015-06-19] (Client Connect LTD)
R2 UniversalUpdater; C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.exe [710144 2015-06-18] () [File not signed]
R2 xfrcCqRE; C:\ProgramData\WBRYXRSt\xfrcCqRE.exe [2730984 2015-06-19] (Time Lapse Solutions)
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [58224 2015-04-10] (Infonaut)
R1 nwjkm2z2y3mwbdd; C:\Windows\System32\drivers\nwjkm2z2y3mwbdd.sys [50520 2015-06-18] (Windows Ž Win 7 DDK provider)
S0 SpfdBus; C:\Windows\System32\DRIVERS\SpfdBus.sys [11296 2013-02-21] (Safend Ltd.)
R2 webTinstMKTN84; C:\Windows\system32\Drivers\webTinstMKTN84.sys [50216 2015-06-19] ()
2015-06-19 23:27 - 2015-06-19 23:47 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-06-19 23:27 - 2015-06-19 23:27 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-06-19 23:27 - 2015-06-19 23:27 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-06-19 23:27 - 2015-06-19 23:27 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-06-19 23:27 - 2015-06-19 23:27 - 00001011 _____ C:\Users\jklm\Desktop\AnyProtect.lnk
2015-06-19 23:27 - 2015-06-19 23:27 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-06-19 23:27 - 2015-06-19 23:27 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-06-19 23:27 - 2015-06-19 23:27 - 00000000 ____D C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-06-19 23:21 - 2015-06-19 23:27 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-06-19 23:21 - 2015-06-19 23:21 - 00613255 _____ (CMI Limited) C:\Users\jklm\AppData\Local\nsjBCD4.tmp
2015-06-19 23:21 - 2015-06-19 23:21 - 00000000 __SHD C:\Users\jklm\AppData\Roaming\AnyProtectEx
2015-06-19 23:20 - 2015-06-19 23:20 - 00000000 ____D C:\Users\jklm\AppData\Roaming\Compete
2015-06-19 23:17 - 2015-06-20 05:25 - 00000000 ____D C:\Users\jklm\AppData\Local\gmsd_us_005010007
2015-06-19 23:17 - 2015-06-20 05:17 - 00001054 _____ C:\Windows\Tasks\Crossbrowse.job
2015-06-19 23:17 - 2015-06-19 23:17 - 00004076 _____ C:\Windows\System32\Tasks\Crossbrowse
2015-06-19 23:17 - 2015-06-19 23:17 - 00002360 _____ C:\Users\Public\Desktop\Crossbrowse.lnk
2015-06-19 23:17 - 2015-06-19 23:17 - 00002215 _____ C:\Users\Public\Desktop\Search.lnk
2015-06-19 23:17 - 2015-06-19 23:17 - 00000000 ____D C:\Users\Leslie\AppData\Local\Crossbrowse
2015-06-19 23:17 - 2015-06-19 23:17 - 00000000 ____D C:\Users\jklm\AppData\Local\Crossbrowse
2015-06-19 23:17 - 2015-06-19 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-06-19 23:17 - 2015-06-19 23:17 - 00000000 ____D C:\Program Files (x86)\gmsd_us_005010007
2015-06-19 23:17 - 2015-06-19 23:17 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-06-19 23:14 - 2015-06-19 23:25 - 00000000 ____D C:\Users\jklm\AppData\Local\Games Bot
2015-06-19 23:14 - 2015-06-19 23:14 - 00003456 _____ C:\Windows\System32\Tasks\avabvbavad
2015-06-19 23:14 - 2015-06-19 23:14 - 00000000 ____D C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
2015-06-19 23:14 - 2015-06-19 23:14 - 00000000 ____D C:\Users\jklm\AppData\Local\avabvbavad
2015-06-19 23:14 - 2015-06-19 23:14 - 00000000 ____D C:\Program Files (x86)\Games Bot
2015-06-19 23:13 - 2015-06-19 23:14 - 00000000 ____D C:\Users\jklm\AppData\Local\SearchProtect
2015-06-19 23:13 - 2015-06-19 23:14 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-06-19 23:12 - 2015-06-19 23:12 - 00004028 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-19 23:12 - 2015-06-19 23:12 - 00000000 ____D C:\Users\jklm\AppData\Local\SmartWeb
2015-06-19 23:11 - 2015-06-19 23:11 - 00000000 ____D C:\Program Files (x86)\ORBTR
2015-06-19 23:10 - 2015-06-19 23:10 - 00000000 ____D C:\Program Files (x86)\Infonaut_1.10.0.14
2015-06-19 23:02 - 2015-06-20 06:20 - 00000358 _____ C:\Windows\Tasks\CIMT_S-1-5-21-2695581885-3589152984-3162700467-1001.job
2015-06-19 23:02 - 2015-06-19 23:02 - 00003394 _____ C:\Windows\System32\Tasks\CIMT_daily_S-1-5-21-2695581885-3589152984-3162700467-1001
2015-06-19 23:02 - 2015-06-19 23:02 - 00003270 _____ C:\Windows\System32\Tasks\CIMT_S-1-5-21-2695581885-3589152984-3162700467-1001
2015-06-19 23:02 - 2015-06-19 23:02 - 00000392 _____ C:\Windows\Tasks\CIMT_daily_S-1-5-21-2695581885-3589152984-3162700467-1001.job
2015-06-19 23:02 - 2015-06-19 23:02 - 00000000 ____D C:\Program Files (x86)\Setup Support for Consumer Input
2015-06-19 23:01 - 2015-06-20 03:01 - 00003434 _____ C:\Windows\System32\Tasks\Msouflui
2015-06-19 23:01 - 2015-06-19 23:01 - 00000000 ____D C:\ProgramData\Msouflui
2015-06-19 23:00 - 2015-06-19 23:06 - 00000000 ____D C:\Users\jklm\AppData\Local\4C4C4544-1434754844-5610-8048-B7C04F445131
2015-06-19 22:59 - 2015-06-20 06:04 - 00000966 _____ C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
2015-06-19 22:59 - 2015-06-19 22:59 - 00003962 _____ C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2015-06-19 22:58 - 2015-06-19 23:03 - 00000962 _____ C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
2015-06-19 22:58 - 2015-06-19 23:02 - 00000000 ____D C:\Program Files (x86)\Consumer Input
2015-06-19 22:58 - 2015-06-19 22:58 - 00003710 _____ C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2015-06-19 22:58 - 2015-06-19 22:58 - 00000000 ____D C:\Users\jklm\AppData\Local\Zeoinsight
2015-06-19 22:58 - 2015-06-19 22:58 - 00000000 ____D C:\Users\jklm\AppData\Local\ZBAnalyticsCore
2015-06-19 22:58 - 2015-06-19 22:58 - 00000000 ____D C:\Users\jklm\AppData\Local\Kromtech
2015-06-19 22:58 - 2015-06-19 22:58 - 00000000 ____D C:\Users\jklm\AppData\Local\Consumer Input
2015-06-19 22:58 - 2015-06-19 22:58 - 00000000 ____D C:\Users\jklm\AppData\Local\4C4C4544-1434754703-5610-8048-B7C04F445131
2015-06-19 22:57 - 2015-06-20 01:45 - 00000000 ____D C:\Users\jklm\AppData\Local\ZombieNews
2015-06-19 22:57 - 2015-06-19 23:20 - 00000000 ____D C:\Users\jklm\AppData\Roaming\4C4C4544-1434779849-5610-8048-B7C04F445131
2015-06-19 22:57 - 2015-06-19 22:57 - 00000000 ____D C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-06-19 22:57 - 2015-06-19 22:57 - 00000000 ____D C:\Users\jklm\AppData\Roaming\ASPackage
2015-06-19 22:56 - 2015-06-19 22:56 - 00003076 _____ C:\Windows\System32\Tasks\IneedSpeed Update
2015-06-19 22:56 - 2015-06-19 22:56 - 00001822 _____ C:\Windows\patsearch.bin
2015-06-19 22:56 - 2015-06-19 22:56 - 00000430 _____ C:\Windows\Tasks\IneedSpeed Update.job
2015-06-19 22:56 - 2015-06-19 22:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-06-19 22:56 - 2015-06-19 22:56 - 00000000 ____D C:\ProgramData\ZombieNews
2015-06-19 22:56 - 2015-06-19 22:56 - 00000000 ____D C:\ProgramData\WBRYXRSt
2015-06-19 22:56 - 2015-06-19 22:56 - 00000000 ____D C:\Program Files (x86)\version85IneedSpeed
2015-06-19 22:56 - 2015-06-19 22:55 - 00050216 _____ C:\Windows\system32\Drivers\webTinstMKTN84.sys
2015-06-19 22:55 - 2015-06-20 04:55 - 00002444 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5_user.job
2015-06-19 22:55 - 2015-06-20 04:55 - 00002444 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.job
2015-06-19 22:55 - 2015-06-19 22:55 - 00005474 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5
2015-06-19 22:55 - 2015-06-19 22:55 - 00004032 _____ C:\Windows\System32\Tasks\g5EHHvd7KBE2FYc8jv1Ik
2015-06-19 22:55 - 2015-06-19 22:55 - 00001010 _____ C:\Windows\Tasks\g5EHHvd7KBE2FYc8jv1Ik.job
2015-06-19 22:54 - 2015-06-20 05:54 - 00005516 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6.job
2015-06-19 22:54 - 2015-06-20 05:54 - 00003136 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6.job
2015-06-19 22:54 - 2015-06-20 04:59 - 00000996 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-19 22:54 - 2015-06-20 04:54 - 00005180 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7.job
2015-06-19 22:54 - 2015-06-20 04:54 - 00003136 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7.job
2015-06-19 22:54 - 2015-06-19 22:59 - 00000992 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-19 22:54 - 2015-06-19 22:54 - 00008544 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6
2015-06-19 22:54 - 2015-06-19 22:54 - 00008210 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7
2015-06-19 22:54 - 2015-06-19 22:54 - 00006166 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7
2015-06-19 22:54 - 2015-06-19 22:54 - 00006164 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6
2015-06-19 22:54 - 2015-06-19 22:54 - 00003994 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-06-19 22:54 - 2015-06-19 22:54 - 00003740 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-06-19 22:54 - 2015-06-19 22:54 - 00000000 ____D C:\Program Files (x86)\Umtayyznhndq1ntz
2015-06-19 22:54 - 2015-06-19 22:54 - 00000000 ____D C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-06-19 22:54 - 2015-06-19 22:54 - 00000000 ____D C:\Program Files (x86)\Hades
2015-06-19 22:54 - 2015-06-19 22:54 - 00000000 ____D C:\Program Files (x86)\22c5dbb2-38e8-401e-a36d-e396d9be6748
2015-06-19 22:53 - 2015-06-20 05:53 - 00002110 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-10_user.job
2015-06-19 22:53 - 2015-06-20 05:53 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-19 22:53 - 2015-06-20 04:54 - 00004156 _____ C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3.job
2015-06-19 22:53 - 2015-06-19 22:55 - 00000000 ____D C:\Program Files (x86)\Cinema_Plus-1.2V19.06
2015-06-19 22:53 - 2015-06-19 22:54 - 00007186 _____ C:\Windows\System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3
2015-06-19 22:53 - 2015-06-19 22:53 - 00000000 ____D C:\Users\jklm\AppData\Local\globalUpdate
2015-06-19 22:53 - 2015-06-19 22:53 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-19 22:52 - 2015-06-19 23:11 - 00000000 ____D C:\ProgramData\FlashBeat
2015-06-19 22:52 - 2015-06-19 22:57 - 00000000 ____D C:\ProgramData\Kromtech
2015-06-19 22:52 - 2015-06-19 22:53 - 00000328 _____ C:\Windows\Tasks\MTCYOKLOLS1.job
2015-06-19 22:52 - 2015-06-19 22:52 - 00003552 _____ C:\Windows\System32\Tasks\ZYICP
2015-06-19 22:52 - 2015-06-19 22:52 - 00002850 _____ C:\Windows\System32\Tasks\MTCYOKLOLS1
2015-06-19 22:52 - 2015-06-19 22:52 - 00000000 ____D C:\ProgramData\5aae4531dc23473f8da7a5bac9f3a51f
2015-06-19 22:52 - 2015-06-19 22:52 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-06-19 22:51 - 2015-06-19 22:51 - 00003396 _____ C:\Windows\System32\Tasks\LuckyTab
2015-06-19 22:51 - 2015-06-19 22:51 - 00000000 ____D C:\Users\jklm\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2015-06-19 22:51 - 2015-06-19 22:51 - 00000000 ____D C:\Program Files (x86)\LuckyTab
2015-06-18 21:08 - 2015-06-18 21:08 - 00050520 _____ (Windows Ž Win 7 DDK provider) C:\Windows\system32\Drivers\nwjkm2z2y3mwbdd.sys
2015-04-19 05:20 - 2015-04-19 05:20 - 0005872 _____ () C:\Users\jklm\AppData\Roaming\g5EHHvd7KBE2FYc8jv1Ik
2015-04-20 07:05 - 2015-04-20 07:05 - 1579520 _____ () C:\Users\jklm\AppData\Roaming\g5EHHvd7KBE2FYc8jv1Ik.exe
2015-06-19 23:21 - 2015-06-19 23:21 - 0613255 _____ (CMI Limited) C:\Users\jklm\AppData\Local\nsjBCD4.tmp
Task: {0DEFAFC1-A326-4FA8-BC49-510BF138920B} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {1119667B-611D-4249-8854-A7DB8636EE64} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {16702F08-2E8E-469D-837A-ADA64D90C7D7} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-19] (globalUpdate) <==== ATTENTION
Task: {1EA97C4B-FCAE-4BBB-A71E-1265724A8955} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5_user => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {1F1A23DE-DD68-41CA-8CB4-7F08C9C49FEE} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {206C1510-E887-4CB4-9303-E73F18B176B7} - System32\Tasks\MTCYOKLOLS1 => C:\ProgramData\FlashBeat\FlashBeat.exe [2015-06-03] (FlashBeat) <==== ATTENTION
Task: {25D9EEC0-2AF8-44B2-A0DE-5C910129442E} - System32\Tasks\g5EHHvd7KBE2FYc8jv1Ik => C:\Users\jklm\AppData\Roaming\g5EHHvd7KBE2FYc8jv1Ik.exe [2015-04-20] () <==== ATTENTION
Task: {2B6B43A6-FF97-4D56-8D35-9A0666E4B960} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {30FB7E70-077A-495C-BC25-EDC2F61043C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-19] (AnyProtect.com) <==== ATTENTION
Task: {35E59BE4-062B-4B39-B401-99DA02CE3991} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2015-06-19] (http://lucky-tab.com/) <==== ATTENTION
Task: {36FE590F-92E9-4DE1-B322-AB15E75D3186} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-19] (AnyProtect.com) <==== ATTENTION
Task: {3F808F81-6AC0-4CDB-B723-3B0E2E67A628} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {498BB6A0-883F-4F56-B7FB-EE1A512BDC3F} - System32\Tasks\avabvbavad => C:\Users\jklm\AppData\Local\avabvbavad\avabvbavad.exe [2015-06-03] () <==== ATTENTION
Task: {53471D25-BB8E-4994-B0A3-3CA2587DE723} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-19] (AnyProtect.com) <==== ATTENTION
Task: {5B1E65F8-26D7-4002-A143-9946E067CBEB} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-06-19] (ConsumerInput) <==== ATTENTION
Task: {60A9363C-5270-4A43-A6E4-A2FF10BD0F10} - System32\Tasks\Msouflui => C:\ProgramData\Msouflui\1.0.1.0\uawiemem.exe [2015-06-19] ()
Task: {65FAB375-5C9B-422C-BA52-D4640BECE2E7} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\jklm\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {7EB4D63B-B9FB-44BE-8150-330461C9086D} - System32\Tasks\CIMT_daily_S-1-5-21-2695581885-3589152984-3162700467-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2015-05-28] () <==== ATTENTION
Task: {91CEDBA4-F59A-458E-9872-3BC242A2B768} - System32\Tasks\CIMT_S-1-5-21-2695581885-3589152984-3162700467-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2015-05-28] () <==== ATTENTION
Task: {939DD84A-EE72-462A-B5F7-4EC770D77172} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-06-19] () <==== ATTENTION
Task: {9F8AC108-4F23-45DB-B348-FFC30CA00E9A} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {A3F5DF1A-12BD-4A6B-B88E-C9409B1CB21C} - System32\Tasks\IneedSpeed Update => C:\Program Files (x86)\version85IneedSpeed\b4IneedSpeedQ95.exe [2015-06-19] ()
Task: {A9B0AB88-B394-44E4-8592-0165F8527AFD} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-19] (globalUpdate) <==== ATTENTION
Task: {AB812764-E1CD-4ED6-BEB3-A6716B7380CE} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-06-19] (ConsumerInput) <==== ATTENTION
Task: {C0E64DAA-FBD4-4DFC-ACF7-49054E9B9283} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7 => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {C36928FA-A219-4712-B78B-FEB4D55EE9BA} - System32\Tasks\{B73072F1-ABE4-455D-9175-7FB9C096E10F} => pcalua.exe -a "C:\Program Files (x86)\Zenographics\{B49F7068-1268-46E3-B682-21CCEDD4CF9E}\setup.exe" -c -u "HPLJInstaller.dll=Hpl_1020.inf"
Task: {D2AB08C0-8901-4919-BA8F-14EF972CB55D} - System32\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-10_user => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-10.exe [2015-06-19] (Cinema_Plus-1.2V19.06) <==== ATTENTION
Task: {F6D8D14C-B9F6-41B1-8BC8-8678D8DD69E5} - System32\Tasks\ZYICP => C:\ProgramData\5aae4531dc23473f8da7a5bac9f3a51f\5aae4531dc23473f8da7a5bac9f3a51f.exe [2015-06-03] () <==== ATTENTION
Task: {FBE3C925-A7EC-4FFE-A4BD-78C505289737} - System32\Tasks\{509E09E5-D60C-454A-A352-E9175BD2F7C4} => pcalua.exe -a C:\Users\jklm\Downloads\HijackThis.exe -d C:\Users\jklm\Downloads
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-10_user.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5_user.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7.job => C:\Program Files (x86)\Cinema_Plus-1.2V19.06\ca281dfc-e383-4fa1-80fa-dc79c4d0c772-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_daily_S-1-5-21-2695581885-3589152984-3162700467-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_S-1-5-21-2695581885-3589152984-3162700467-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\g5EHHvd7KBE2FYc8jv1Ik.job => C:\Users\jklm\AppData\Roaming\g5EHHvd7KBE2FYc8jv1Ik.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\IneedSpeed Update.job => C:\Program Files (x86)\version85IneedSpeed\b4IneedSpeedQ95.exe
Task: C:\Windows\Tasks\MTCYOKLOLS1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
C:\Users\jklm\AppData\Local\Temp\7T02k5WOk0.tmp
C:\ProgramData\FlashBeat
C:\Program Files (x86)\Cinema_Plus-1.2V19.06
C:\ProgramData\WBRYXRSt
C:\Users\jklm\AppData\Local\4C4C4544-1434754703-5610-8048-B7C04F445131
C:\Program Files (x86)\Infonaut_1.10.0.14
C:\Users\jklm\AppData\Local\SmartWeb
C:\Program Files (x86)\SearchProtect
C:\Users\jklm\AppData\Local\Temp\{8565EB50-E289-4892-A596-DA6331E51B86}
C:\Program Files (x86)\Smwyyntm1ndi1zdz
C:\Users\jklm\AppData\Local\SmartWeb
C:\Program Files\Kromtech
C:\Program Files (x86)\version85IneedSpeed
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\Kotato
C:\ProgramData\WBRYXRSt
C:\Windows\System32\drivers\nwjkm2z2y3mwbdd.sys
C:\Windows\system32\Drivers\webTinstMKTN84.sys
C:\Program Files (x86)\Smwyyntm1ndi1zdz\nwjkm2z2y3mwbdd.exe
C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.exe
C:\Users\jklm\AppData\Local\4C4C4544-1434754703-5610-8048-B7C04F445131
C:\ProgramData\Msouflui
C:\Program Files (x86)\Consumer Input
C:\Program Files (x86)\Games Bot
C:\Users\jklm\AppData\Local\gmsd_us_005010007
C:\Program Files (x86)\Crossbrowse\Crossbrowse
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON 
CMD: ipconfig /flushdns 
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt 
CMD: ipconfig /release
CMD: ipconfig /renew 
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp: 
CMD: bitsadmin /reset /allusers