CreateRestorePoint: 
HKLM\...\Run: [RadPlayer Tray] => C:\Program Files (x86)\RadPlayer\TyV1.exe [294824 2015-05-29] (RadPlayer)
HKLM\...\Run: [shopperz12072015] => C:\Program Files\shopperz12072015\Bzvra.exe [433512 2015-07-13] ()
HKLM\...\Run: [shopperz1207201564] => C:\Program Files\shopperz12072015\Bzvra64.exe [464744 2015-07-13] ()
HKLM-x32\...\Run: [StormWatch] => C:\Program Files (x86)\StormWatch\StormWatchApp.exe [1556504 2015-04-10] ()
HKLM-x32\...\Run: [cpx] => C:\Program Files (x86)\cpx\cpx.exe [1162240 2015-06-26] ()
HKLM-x32\...\Run: [msrtn32] => C:\Program Files (x86)\msrtn32\msrtn32.exe [1221120 2015-06-28] ()
HKLM-x32\...\Run: [WinCheck] => C:\Users\Kathy\AppData\Local\5670549A-1436745935-DE00-E918-1C7508113231\bnshDF4A.exe [350720 2015-06-24] ()
HKLM-x32\...\Run: [gmsd_us_005010030] => C:\Program Files (x86)\gmsd_us_005010030\gmsd_us_005010030.exe [3986064 2015-07-13] ()
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\ywi2mzv2zhnjbdh.exe [2422272 2015-07-13] ()
HKLM-x32\...\Run: [gmsd_us_005010031] => C:\Program Files (x86)\gmsd_us_005010031\gmsd_us_005010031.exe [3985552 2015-07-14] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3184640 2015-06-03] (MovieDea)
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Kathy\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\RunOnce: [upospd_us_014010029.exe] => C:\Users\Kathy\AppData\Local\ospd_us_014010029\upospd_us_014010029.exe [3287696 2015-07-12] ()
HKU\S-1-5-21-171533428-321824291-3300133993-1000\...\Run: [NinjaLoader] => C:\Program Files (x86)\Ninja Loader\Ninja Loader.exe [1575016 2015-07-02] (CLICK YES BELOW LP)
HKU\S-1-5-21-171533428-321824291-3300133993-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [148112 2015-07-03] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [246544 2015-07-02] (Client Connect LTD)
AppInit_DLLs:  C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll File not found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [213776 2015-07-02] (Client Connect LTD)
AppInit_DLLs-x32:  C:\ProgramData\FlashBeat\FlashBeat32.dll => C:\ProgramData\FlashBeat\FlashBeat32.dll [805376 2015-07-13] (FlashBeat)
AppInit_DLLs-x32:  C:\ProgramData\EpsanDrive\EpsanDrive32.dll => C:\ProgramData\EpsanDrive\EpsanDrive32.dll [805376 2015-07-08] (EpsanDrive)
AppInit_DLLs-x32:  C:\PROGRA~3\{63B88~1\1173~1.1\tiso.dll => "C:\PROGRA~3\{63B88~1\1173~1.1\tiso.dll" File not found
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk [2015-07-18]
ShortcutTarget: bm.lnk -> C:\Users\Kathy\AppData\Local\yva2vtutzeljbjh\yxa2bzvwzf9jdth.exe (PU-App)
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-07-13]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (No File)
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-07-18]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Kathy\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk [2015-07-12]
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-171533428-321824291-3300133993-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-171533428-321824291-3300133993-1000 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM -> OldSearch URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_installertech_15_26&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtC0EzztD0BzzyCtByDyDtAtN0D0Tzu0StCtByBtAtN1L2XzutAtFtCtCtFtAtFtCtN1L1Czu1R1B1E1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2StB0A0BtCtCyB0C0BtGyCyCtAtAtG0Azz0BtBtGyEzzyCzytGtBzz0C0ByE0DyB0BtA0D0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0E0DyC0E0DzytBtGtBtD0D0FtGyE0FtA0EtG0B0AtB0EtGyEzy0AtByByEzzyC0F0E0FtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztBtB&cr=1202157401&ir=
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=8437c40c-c891-4a5e-8eea-ca8568502d51&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-171533428-321824291-3300133993-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M1890E6BC-BF65-41CA-B1ED-FCA8EC054D11&SearchSource=58&CUI=&UM=8&UP=SPA98636E4-750F-401C-BC08-F5A740811DAD&D=071415&q={searchTerms}&SSPV=SP30339T2B_sp_ie
SearchScopes: HKU\S-1-5-21-171533428-321824291-3300133993-1000 -> {BC4A5ADC-08EE-4734-9171-5A5035FF16D7} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-07-18] (IObit)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll [2015-06-10] (SIEN)
BHO: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\x64\dca-bho.dll [2015-06-25] (Compete, Inc.)
BHO: shopperz12072015 -> {c49ac435-5c4d-450f-aa56-cd31f96613b3} -> C:\Program Files\shopperz12072015\Eixrizl64.dll [2015-07-13] ()
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll [2015-06-10] (SIEN)
BHO-x32: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll [2015-06-25] (Compete, Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: shopperz12072015 -> {c49ac435-5c4d-450f-aa56-cd31f96613b3} -> C:\Program Files\shopperz12072015\Eixrizl.dll [2015-07-13] ()
Winsock: Catalog9 01 C:\Windows\SysWOW64\Cofvopjy.dll [279040 2015-07-14] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\Cofvopjy.dll [279040 2015-07-14] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\Cofvopjy.dll [279040 2015-07-14] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\Cofvopjy.dll [279040 2015-07-14] ()
Winsock: Catalog9 05 C:\Windows\SysWOW64\myradioplayer.dll [358824 2015-07-12] (myradioplayer)
Winsock: Catalog9 06 C:\Windows\SysWOW64\myradioplayer.dll [358824 2015-07-12] (myradioplayer)
Winsock: Catalog9 07 C:\Windows\SysWOW64\myradioplayer.dll [358824 2015-07-12] (myradioplayer)
Winsock: Catalog9 08 C:\Windows\SysWOW64\myradioplayer.dll [358824 2015-07-12] (myradioplayer)
Winsock: Catalog9 19 C:\Windows\SysWOW64\myradioplayer.dll [358824 2015-07-12] (myradioplayer)
Winsock: Catalog9 20 C:\Windows\SysWOW64\Cofvopjy.dll [279040 2015-07-14] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\myradioplayer64.dll [465320 2015-07-12] (myradioplayer)
Winsock: Catalog9-x64 02 C:\Windows\system32\myradioplayer64.dll [465320 2015-07-12] (myradioplayer)
Winsock: Catalog9-x64 03 C:\Windows\system32\myradioplayer64.dll [465320 2015-07-12] (myradioplayer)
Winsock: Catalog9-x64 04 C:\Windows\system32\myradioplayer64.dll [465320 2015-07-12] (myradioplayer)
Winsock: Catalog9-x64 15 C:\Windows\system32\myradioplayer64.dll [465320 2015-07-12] (myradioplayer)
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (?????)
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (?????)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-19] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-19] (globalUpdate)
FF Plugin HKU\S-1-5-21-171533428-321824291-3300133993-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (?????)
FF Plugin HKU\S-1-5-21-171533428-321824291-3300133993-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kathy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{c49ac435-5c4d-450f-aa56-cd31f96613b3}] - C:\Program Files\shopperz12072015\Firefox
FF Extension: shopperz12072015 - C:\Program Files\shopperz12072015\Firefox [2015-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{c49ac435-5c4d-450f-aa56-cd31f96613b3}] - C:\Program Files\shopperz12072015\Firefox
FF HKU\S-1-5-21-171533428-321824291-3300133993-1000\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12191.xpi
FF Extension: Consumer Input - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12191.xpi [2015-06-25]
FF HKU\S-1-5-21-171533428-321824291-3300133993-1000\...\Firefox\Extensions: [ninjaloader@mail.com] - C:\Program Files (x86)\Ninja Loader\FireFox
FF Extension: NinjaLoader - C:\Program Files (x86)\Ninja Loader\FireFox [2015-07-13]
CHR Extension: (HQCinema Pro 2.1V12.07) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-07-12]
CHR Extension: (CinemaPlus-3.2cV13.07) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-07-13]
CHR HKLM-x32\...\Chrome\Extension: [adpeheiliennogfclcgmchdfdmafjegc] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cmlhbjpgeogifjnmlajdaealbdlfonah] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - https://clients2.goo...ice/update2/crx
R2 46784c7a-2afb-4c2f-b299-133de9a46a66; C:\Program Files\shopperz12072015\Igivkorcb.exe [285544 2015-07-13] ()
S2 c31ed948; c:\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll [2570896 2015-07-13] () <==== ATTENTION
R3 Cofvopjy; C:\Program Files\shopperz12072015\Cofvopjy.exe [2020864 2015-07-13] () [File not signed]
S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [105944 2015-07-12] (ConsumerInput)
S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [105944 2015-07-12] (ConsumerInput)
S2 CoupoonService64; C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe [172344 2015-04-02] ()
R2 csrcc; C:\Program Files\shopperz12072015\csrcc.exe [1448808 2015-07-13] ()
R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2015-06-29] () [File not signed] <==== ATTENTION
S2 FlashBeat; C:\ProgramData\FlashBeat\FlashBeat.exe [814080 2015-07-13] (FlashBeat) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-19] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-19] (globalUpdate) [File not signed] <==== ATTENTION
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2015-07-02] (SIEN S.A.)
R2 IMService; C:\Program Files (x86)\Common Files\Umbrella\Umbrella234.exe [5315224 2015-07-02] (Iminent)
R2 LosdyLijfeu; C:\Program Files\shopperz12072015\ZazyjiKotn.exe [171920 2015-07-13] () [File not signed]
R2 myradioplayer; C:\Program Files (x86)\RadPlayer\myradioplayer.exe [3904936 2015-05-29] (myradioplayer)
R2 NinjaLoaderService; C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe [59496 2015-07-02] (Ninja Soft Inc.)
R2 RadPlayerV1; C:\Program Files (x86)\RadPlayer\RadPlayerSvc.exe [323496 2015-05-29] (RadPlayer)
S2 RadPlayerV2; C:\Program Files (x86)\RadPlayer\RadPlayer.Service.exe [78248 2015-05-29] (RadPlayer)
R2 REhsGdKiASD; C:\ProgramData\caGSSMRD\REhsGdKiASD.exe [2732288 2015-07-13] (Valid Applications)
R2 relibily; C:\Users\Kathy\AppData\Local\5670549A-1436745948-DE00-E918-1C7508113231\cnsh175B.tmp [219136 2015-07-13] () [File not signed]
R2 serveras; C:\Users\Kathy\AppData\Roaming\ASPackage\ASSrv.exe [183808 2015-07-13] () [File not signed]
R2 shopperz12072015 Updater; C:\Program Files\shopperz12072015\Xzeexmh.exe [174952 2015-07-13] ()
R2 StormWatch Update Service; C:\Program Files (x86)\StormWatch\StormWatchSrv.exe [586264 2015-04-10] ()
R2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
R2 UdvdPork; C:\ProgramData\1436760085\s9.exe [404480 2015-04-07] () [File not signed]
R2 UpdateCheck; C:\Program Files (x86)\Coupoon\UpdateCheck.exe [53040 2015-07-12] ()
R2 WajIEn Monitor; C:\Program Files\WajIEn\wajam_64.exe [1997824 2015-07-13] () [File not signed]
S2 wbsvc; C:\Program Files\WebBar\wbsvc.exe [37144 2015-02-18] (Web Bar Media)
R2 windowsmanagementservice; C:\Users\Kathy\AppData\Local\Temp\20150713\ct.exe [848384 2015-06-29] (Google Inc.) [File not signed]
R2 wssvc_1.10.0.20; C:\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe [300120 2015-07-06] (WS)
S2 SMUpdPlus; no ImagePath
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [61336 2015-06-18] (Cherimoya Ltd)
S3 SMUpdd; no ImagePath
S1 vfbhiosb; C:\Windows\system32\drivers\vfbhiosb.sys [55168 2015-08-16] (Microsoft Corporation)
R1 wsfd_vt_1_10_0_20; C:\Windows\System32\drivers\wsfd_vt_1_10_0_20.sys [61312 2015-07-06] (WS)
R1 ywi2mzv2zhnjbdh; C:\Windows\System32\drivers\ywi2mzv2zhnjbdh.sys [50520 2015-07-13] (Windows Ž Win 7 DDK provider)
2015-08-16 16:50 - 2015-08-16 16:50 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vfbhiosb.sys
2015-08-16 16:39 - 2015-08-16 16:39 - 00000000 ____D C:\Users\Kathy\AppData\Local\CEF
2015-07-28 20:15 - 2015-07-28 20:16 - 00000000 ____D C:\Program Files (x86)\GUMBFC5.tmp
2015-07-28 20:15 - 2015-07-28 20:15 - 06420480 _____ C:\Program Files (x86)\GUTC294.tmp
2015-07-28 20:15 - 2015-07-28 20:15 - 00000010 _____ C:\Windows\TEMPcoral.vbs
2015-07-28 20:15 - 2015-07-28 20:15 - 00000000 ____D C:\ProgramData\Ninja Loader
2015-07-28 20:10 - 2015-07-28 20:42 - 00118082 _____ C:\Windows\SysWOW64\debug.log
2015-08-19 10:08 - 2015-07-12 23:59 - 00000360 _____ C:\Windows\Tasks\CIMT_S-1-5-21-171533428-321824291-3300133993-1000.job
2015-08-19 10:05 - 2015-07-19 00:04 - 00002112 _____ C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-10_user.job
2015-08-19 10:05 - 2015-07-12 23:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-19 10:04 - 2015-07-13 12:59 - 00000342 ____H C:\Windows\Tasks\GLQHQICXMFBVKQCB.job
2015-08-19 10:01 - 2015-07-12 23:56 - 00000968 _____ C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
2015-08-19 09:58 - 2015-07-12 23:58 - 00003140 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-6.job
2015-08-19 09:57 - 2015-07-12 23:57 - 00005520 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-6.job
2015-08-19 09:55 - 2015-07-12 23:55 - 00002114 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-10_user.job
2015-08-19 09:33 - 2015-07-13 13:29 - 00003254 _____ C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-08-19 09:32 - 2015-07-13 13:09 - 00002112 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-10_user.job
2015-08-16 22:53 - 2015-07-19 00:13 - 00005862 _____ C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.job
2015-08-16 22:53 - 2015-07-13 13:13 - 00003138 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-6.job
2015-08-16 22:53 - 2015-07-13 13:12 - 00005518 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-6.job
2015-08-16 16:40 - 2015-07-12 11:01 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-16 16:39 - 2015-07-14 14:16 - 00004704 _____ C:\Windows\SysWOW64\Cofvopjy.ini
2015-08-16 16:39 - 2015-07-14 14:16 - 00002416 _____ C:\Windows\SysWOW64\CofvopjyOff.ini
2015-08-16 16:39 - 2015-07-14 14:16 - 00002416 _____ C:\Windows\system32\CofvopjyOff.ini
2015-08-16 16:37 - 2015-07-13 00:01 - 00000000 ____D C:\Users\Kathy\AppData\Local\ospd_us_014010029
2015-08-16 16:36 - 2015-07-13 12:15 - 00000000 ____D C:\Users\Kathy\AppData\Local\mstrn32
2015-08-16 16:34 - 2015-07-13 13:15 - 00000996 _____ C:\Windows\Tasks\WdEL9n2eiowr.job
2015-08-16 16:34 - 2015-07-12 23:59 - 00000986 _____ C:\Windows\Tasks\FYLVp79.job
2015-08-16 16:33 - 2015-07-19 00:13 - 00005518 _____ C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-7.job
2015-08-16 16:33 - 2015-07-19 00:07 - 00004494 _____ C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-3.job
2015-08-16 16:33 - 2015-07-13 13:15 - 00002446 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5_user.job
2015-08-16 16:33 - 2015-07-13 13:14 - 00002446 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.job
2015-08-16 16:33 - 2015-07-13 13:13 - 00003474 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-7.job
2015-08-16 16:33 - 2015-07-13 13:12 - 00005518 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-7.job
2015-08-16 16:33 - 2015-07-13 13:10 - 00004494 _____ C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-3.job
2015-08-16 16:33 - 2015-07-13 13:07 - 00001056 _____ C:\Windows\Tasks\Crossbrowse.job
2015-08-16 16:33 - 2015-07-12 23:59 - 00002448 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5_user.job
2015-08-16 16:33 - 2015-07-12 23:59 - 00002448 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5.job
2015-08-16 16:33 - 2015-07-12 23:58 - 00003476 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-7.job
2015-08-16 16:33 - 2015-07-12 23:57 - 00005184 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-7.job
2015-08-16 16:33 - 2015-07-12 23:56 - 00004496 _____ C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-3.job
2015-08-16 16:33 - 2015-07-12 23:56 - 00000970 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-16 16:33 - 2015-07-12 23:56 - 00000964 _____ C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
2015-08-16 16:33 - 2015-07-12 23:55 - 00000342 ____H C:\Windows\Tasks\JWRTYVMXFBIVCPWL.job
2015-08-16 16:33 - 2015-07-12 23:55 - 00000336 _____ C:\Windows\Tasks\NLSAGZR1.job
2015-07-28 20:22 - 2015-07-13 16:29 - 00003444 _____ C:\Windows\System32\Tasks\Epuifuuva
2015-07-28 20:15 - 2015-07-13 12:08 - 00000000 ____D C:\Users\Kathy\AppData\Local\Ninja Loader
2015-07-28 20:12 - 2014-12-29 14:58 - 00000000 ____D C:\ProgramData\ProductData
2015-07-28 20:15 - 2015-07-28 20:15 - 6420480 _____ () C:\Program Files (x86)\GUTC294.tmp
2015-07-18 21:58 - 2015-07-18 21:58 - 6420480 _____ () C:\Program Files (x86)\GUTFD53.tmp
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Kathy\AppData\Roaming\FYLVp79
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\Kathy\AppData\Roaming\FYLVp79.exe
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Kathy\AppData\Roaming\WdEL9n2eiowr
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\Kathy\AppData\Roaming\WdEL9n2eiowr.exe
2015-07-13 13:52 - 2015-07-13 13:52 - 0613255 _____ (CMI Limited) C:\Users\Kathy\AppData\Local\nsiBAD8.tmp
2015-07-28 20:08 - 2015-07-19 00:16 - 00005086 _____ C:\Windows\Tasks\temp_5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.job
Task: {01A22A0D-37F6-4D85-A408-491ACA67BF31} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-6 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-6.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {02956738-DE99-47D8-A6C6-DCEE22EE7C4B} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-7 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-7.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {0473C0CA-9A3F-462C-9BB2-BB768544A91A} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-3 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-3.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {0C67CC53-4D97-46D6-A447-A0C70698D63C} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe [2015-02-18] (Web Bar Media) <==== ATTENTION
Task: {12826CD3-979A-4778-9E55-62298738037F} - System32\Tasks\WdEL9n2eiowr => C:\Users\Kathy\AppData\Roaming\WdEL9n2eiowr.exe [2015-04-20] () <==== ATTENTION
Task: {13C77BBA-4D9D-4CC4-9783-0F09749EBC89} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {168DBC36-AAF6-4F39-8483-52C63048B4FE} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-3 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-3.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {1BEAFD01-BB2F-4D5D-A4CB-F3456C100409} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-07-12] (ConsumerInput) <==== ATTENTION
Task: {1D2B5213-0A0B-4933-8409-5B6CCA9D31C4} - System32\Tasks\SMW_UpdateTask_Time_333833393739363037312d235b783432415b45345a2d6c => Wscript.exe //B "C:\ProgramData\SearchModulePlus\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {1EC32D4B-9503-4E11-9581-F33F5490D6C8} - System32\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-10.exe [2015-07-19] (Cinema PlusV18.07) <==== ATTENTION
Task: {25FCAB52-144F-4DF6-9ED8-A783CF9663E3} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {26C1D14B-D736-4340-AA04-29E5B0EE9912} - System32\Tasks\CIMT_S-1-5-21-171533428-321824291-3300133993-1000 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2015-06-19] () <==== ATTENTION
Task: {2C86BA2E-43EA-43C1-9CC7-DC321BFFF485} - System32\Tasks\Snmix => C:\Program Files\shopperz12072015\Ubehsi.bat [2015-07-13] () <==== ATTENTION
Task: {325746AD-5A6F-430F-8E30-6CD44422ABDB} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-6.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {36F19701-E5F7-4483-856F-F95E73176541} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-6 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-1-6.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {3C325D05-59F7-4AA8-A14C-0D30C25CACC4} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {41F7B16E-395A-4581-81BD-04F429088AC9} - System32\Tasks\Driver Booster SkipUAC (Kathy) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {423821BC-96E6-4D84-9341-34C7D6544576} - System32\Tasks\temp_5375a8f1-d04e-4014-8417-fe3a4f558ce7-6 => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.exe [2015-07-19] (Cinema PlusV18.07) <==== ATTENTION
Task: {4315E182-2227-4C77-880F-D8ED0781664D} - System32\Tasks\NLSAGZR1 => C:\ProgramData\EpsanDrive\EpsanDrive.exe [2015-07-08] (EpsanDrive) <==== ATTENTION
Task: {46EEB3FE-4979-4D71-B642-E6812F1A1B63} - System32\Tasks\SMWPUpd => C:\Program Files\Common Files\Goobzo\GBUpdatePlus\updater.exe <==== ATTENTION
Task: {4F7AA969-E2FB-46AC-A550-70B132457A08} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdatePlus\smp.exe <==== ATTENTION
Task: {519D5601-B701-4EF4-942D-023EB0776066} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [2015-07-03] () <==== ATTENTION
Task: {536F625C-BFB1-4834-BC2B-BD6198974A9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {58BC472B-603B-41F5-A0F2-3D4FBD8E8B49} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe [2015-02-18] (Web Bar Media) <==== ATTENTION
Task: {5AE88653-7D39-4018-A2D6-1B1865993C94} - System32\Tasks\BD634EFB-4435-4228-B1B1-B9F4709D5F79 => C:\Users\Kathy\AppData\Local\BD634EFB-4435-4228-B1B1-B9F4709D5F79\BD634EFB-4435-4228-B1B1-B9F4709D5F79.exe [2015-07-18] () <==== ATTENTION
Task: {5B84AF85-C877-4407-9B54-51E465C67CD3} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-10.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {5BAFB821-7E9C-44DA-8FF3-BA06AA1A580A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-26] (Adobe Systems Incorporated)
Task: {5D16852C-3009-4836-B678-96DD5F24BE7B} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-07-12] (ConsumerInput) <==== ATTENTION
Task: {610A4D52-9E85-4E0B-A680-BEA500D4EF11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {691E87A2-9D64-45C3-A667-ABE98310143F} - System32\Tasks\GLQHQICXMFBVKQCB => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {6F7B2104-C5A2-4870-8DAA-94359F4B295E} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-6 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-6.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {80ECF25B-E055-4C3B-B841-3F10B6413105} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: {83886EC4-445C-4DB0-9EB6-83B465472564} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5_user => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-5.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {88726888-5908-4FB8-A3FA-9043CB5B1478} - System32\Tasks\WordShark Auto Updater 1.10.0.20 Core => C:\Program Files (x86)\WordShark_1.10.0.20\Update\WordSharkAutoUpdateClient.exe [2015-07-06] (WS) <==== ATTENTION
Task: {8C648E3B-AA13-45C1-832C-77C99013C7F4} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe [2015-07-09] (Pro PC Cleaner) <==== ATTENTION
Task: {8D2D9211-2FB9-4C3E-AB7B-548D36C48621} - System32\Tasks\Epuifuuva => C:\ProgramData\Epuifuuva\1.0.4.1\allomlom.exe [2015-07-13] ()
Task: {8E797C65-1C95-4E33-BD35-2B67CFA422CC} - System32\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6 => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.exe [2015-07-19] (Cinema PlusV18.07) <==== ATTENTION
Task: {8F31C890-7EC5-49DE-B3B9-7476E1ADAD00} - System32\Tasks\CIMT_daily_S-1-5-21-171533428-321824291-3300133993-1000 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2015-06-19] () <==== ATTENTION
Task: {8FCE26CD-8109-40D2-84C9-EC4D6052F068} - System32\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-3 => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-3.exe [2015-07-19] (Cinema PlusV18.07) <==== ATTENTION
Task: {9A4092C6-EB94-4323-A130-EEA16B56DCD3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-19] (globalUpdate) <==== ATTENTION
Task: {9A6CF26F-A597-49B7-8D92-A65B8241C305} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-10_user => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-10.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {9C38A35C-5BD6-4388-BC91-FED16EF2B1F4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-171533428-321824291-3300133993-1000
Task: {9DC79A38-C865-43F3-9280-76CE0AC74000} - System32\Tasks\Uninstaller_SkipUac_Kathy => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {ACC2C1A7-672C-479B-91FF-EB6428145187} - System32\Tasks\SushiLeads => C:\Program Files (x86)\sushileads\ScheduledTask.exe
Task: {B3E4C79F-31B0-4CEC-8855-3A125AFCA943} - System32\Tasks\FYLVp79 => C:\Users\Kathy\AppData\Roaming\FYLVp79.exe [2015-04-20] () <==== ATTENTION
Task: {B50E6BBF-9E5C-4375-A579-BA67BBBB3632} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {BEFA25DD-72D7-4DCD-A9B5-609E7D25109A} - System32\Tasks\WordShark Auto Updater 1.10.0.20 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.20\Update\WordSharkAutoUpdateClient.exe [2015-07-06] (WS) <==== ATTENTION
Task: {BFD5E5F7-A581-4986-AA96-C25F1196ED50} - System32\Tasks\JWRTYVMXFBIVCPWL => C:\ProgramData\Service1198\Service1198.exe [2015-06-28] () <==== ATTENTION
Task: {CC0931E2-8841-4E30-A9AC-B3C127345ED4} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {CD043251-2487-4869-A33C-C07A835E7188} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {CF6E7CAA-8B5F-4C52-A529-903EEF71BD58} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D0A3F695-CFF9-4D08-A2A2-A4FC09D36290} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-5.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {D17B14BD-B3E2-4FD2-AFBE-644A6A3B1782} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {D67D6154-0544-43C0-A94B-02B9B1A17E7C} - System32\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-7.exe [2015-07-13] (Cinema PlusV13.07) <==== ATTENTION
Task: {E95208D8-3FF8-4D59-AFCB-CDC5937532DF} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-7 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-7.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {E9AADAD9-F283-4AA1-9839-E55321CC24D3} - System32\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-7 => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-7.exe [2015-07-19] (Cinema PlusV18.07) <==== ATTENTION
Task: {F4309D18-BE10-4EE4-A49A-13DC9F49921B} - System32\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-7 => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-1-7.exe [2015-07-12] (HQ-VideoV12.07) <==== ATTENTION
Task: {F48924F7-2B13-4189-BEFC-7813745D4972} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-19] (globalUpdate) <==== ATTENTION
Task: {F60157AF-D870-485B-87FD-5F992DA7ACD1} - System32\Tasks\GlobalUpdate-ywy2yzvxzgtjbth => C:\Users\Kathy\AppData\Roaming\ywy2yzvxzgtjbth\ywy2yzvxzgtjbth.exe [2015-07-13] () <==== ATTENTION
Task: {F6838031-AB36-4284-9FC7-8677F4B77864} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F93A1729-BC6D-42A0-888E-D2BEB8D08BA5} - System32\Tasks\avastBCLRestartS-1-5-21-171533428-321824291-3300133993-1000 => Chrome.exe 
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV13.07\24590c5b-2a5f-42b8-91a2-fa4788a2a0d9-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\5375a8f1-d04e-4014-8417-fe3a4f558ce7-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-6.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-1-7.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-10_user.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-3.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-5_user.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-6.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\a1e5f7dc-19c6-44a2-882d-e75547499632-7.job => C:\Program Files (x86)\HQCinema Pro 2.1V12.07\a1e5f7dc-19c6-44a2-882d-e75547499632-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_daily_S-1-5-21-171533428-321824291-3300133993-1000.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_S-1-5-21-171533428-321824291-3300133993-1000.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\FYLVp79.job => C:\Users\Kathy\AppData\Roaming\FYLVp79.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GLQHQICXMFBVKQCB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\JWRTYVMXFBIVCPWL.job => C:\ProgramData\Service1198\Service1198.exe <==== ATTENTION
Task: C:\Windows\Tasks\NLSAGZR1.job => C:\ProgramData\EpsanDrive\EpsanDrive.exe <==== ATTENTION
Task: C:\Windows\Tasks\temp_5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV18.07\5375a8f1-d04e-4014-8417-fe3a4f558ce7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\WdEL9n2eiowr.job => C:\Users\Kathy\AppData\Roaming\WdEL9n2eiowr.exe <==== ATTENTION
AlternateDataStreams: C:\Windows\system32\Drivers\vfbhiosb.sys:changelist
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Cofvopjy => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
 C:\Program Files (x86)\cpx
C:\Program Files (x86)\Smwyyntm1ndi1zdz
 C:\Program Files (x86)\MovieDea
C:\Program Files (x86)\Optimizer Pro 3.99
C:\Program Files (x86)\SearchProtect\
C:\Users\Kathy\AppData\Local\yva2vtutzeljbjh
C:\Program Files (x86)\Crossbrowse
C:\Program Files (x86)\Iminent
C:\Windows\system32\myradioplayer64.dll
C:\Windows\SysWOW64\Cofvopjy.dll 
C:\Windows\SysWOW64\myradioplayer.dll
C:\Users\Kathy\AppData\Local\Ninja Loader
C:\Users\Kathy\AppData\Roaming\ASPackage
C:\Users\Kathy\AppData\Local\Temp\20150713
C:\Users\Kathy\AppData\Local\5670549A-1436745948-DE00-E918-1C7508113231
C:\ProgramData\caGSSMRD
C:\Program Files (x86)\WordShark_1.10.0.20
C:\Program Files\WajIEn
C:\Program Files (x86)\Coupoon
C:\ProgramData\1436760085
C:\Users\Kathy\AppData\Roaming\ASPackage
C:\Users\Kathy\AppData\Local\5670549A-1436745948-DE00-E918-1C7508113231
C:\Program Files (x86)\msrtn32
C:\Program Files (x86)\RadPlayer
C:\Program Files (x86)\Common Files\Umbrella
C:\Program Files (x86)\Common Files\IMGUpdater
C:\ProgramData\FlashBeat
C:\Program Files (x86)\dataup
C:\Program Files (x86)\gmsd_us_005010030\gmsd_us_005010030.exe
C:\Program Files (x86)\Smwyyntm1ndi1zdz\ywi2mzv2zhnjbdh.exe
C:\Program Files (x86)\gmsd_us_005010031\gmsd_us_005010031.exe
C:\Program Files (x86)\msrtn32\msrtn32.exe
C:\Program Files (x86)\StormWatch
C:\Users\Kathy\AppData\Local\SmartWeb
C:\Users\Kathy\AppData\Local\yva2vtutzeljbjh
C:\Program Files (x86)\Ninja Loader
C:\ProgramData\EpsanDrive
C:\Program Files (x86)\Consumer Input
C:\Program Files (x86)\globalUpdate
C:\Users\Kathy\AppData\Local\ospd_us_014010029\upospd_us_014010029.exe
C:\Program Files (x86)\CinemaPlus-3.2cV13.07
C:\Program Files\shopperz12072015
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON 
CMD: ipconfig /flushdns 
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt 
CMD: ipconfig /release
CMD: ipconfig /renew 
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp: 
CMD: bitsadmin /reset /allusers