CloseProcesses:
CreateRestorePoint:
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKU\S-1-5-21-3199717442-3386205327-3011415108-1008\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
C:\Program Files (x86)\Lavasoft
HKU\S-1-5-21-3199717442-3386205327-3011415108-1008\...\MountPoints2: {0dab255d-d467-11e5-b03c-e0cb4ed67335} - D:\setup.exe
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL => No File
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~2.dll => No File
SearchScopes: HKU\S-1-5-21-3199717442-3386205327-3011415108-1008 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3199717442-3386205327-3011415108-1008 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-3199717442-3386205327-3011415108-1008 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3199717442-3386205327-3011415108-1008 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3199717442-3386205327-3011415108-1008 -> {9AC709F8-DAF6-4754-B30B-0EB9F5B8B72F} URL = hxxp://www.guard-search.com/Results.aspx?gd=GB1000094&ctid=&octid=EB_ORIGINAL_CTID&ISID=E71395CF-65A4-4EED-9D93-422B3A01C9E9&SearchSource=58&CUI=SB_CUI&UM=8&UP=ED932CFA-F38E-4057-8ADF-930507335642&D=IN_DA&q={searchTerms}&SSPV=GB10A
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
S3 akshasp; \SystemRoot\system32\drivers\akshasp.sys [X]
S3 akshhl; \SystemRoot\system32\drivers\akshhl.sys [X]
S3 akspccard; \SystemRoot\system32\drivers\akspccard.sys [X]
S3 aksusb; \SystemRoot\system32\drivers\aksusb.sys [X]
S1 Teefer3; system32\DRIVERS\Teefer3.sys [X]
2016-02-16 15:26 - 2016-02-16 15:26 - 00000040 ___SH C:\ProgramData\.zreglib
2016-02-16 14:38 - 2016-02-17 01:39 - 00000000 ____D C:\Users\Dad D\AppData\Roaming\ElujpOjax
2016-02-16 14:39 - 2016-02-16 14:47 - 00000000 ____D C:\Users\Dad D\AppData\Local\TrailerTime
2016-02-16 14:39 - 2016-02-16 14:39 - 00000000 ____D C:\Program Files (x86)\RayDld
2016-02-16 14:38 - 2016-02-16 14:38 - 01203634 _____ ( ) C:\Windows\SysWOW64\lnsecsl.exe
2016-02-16 14:38 - 2016-02-16 14:38 - 00003338 _____ C:\Windows\System32\Tasks\Xegxi
2016-02-16 14:38 - 2016-02-16 14:38 - 00000000 ____D C:\Windows\system32\kenz
2016-02-16 14:38 - 2016-02-16 14:38 - 00000000 ____D C:\Users\Dad D\AppData\LocalLow\Company
2016-02-16 14:38 - 2016-02-16 14:38 - 00000000 ____D C:\Users\Dad D\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-02-16 14:38 - 2016-02-16 14:38 - 00000000 ____D C:\uninst
2014-11-19 16:00 - 2014-12-10 21:29 - 0000000 _____ () C:\Users\Dad D\AppData\Roaming\bitlord_log.txt
Optimizer Pro v3.2 (x32 Version:  - ) Hidden <==== ATTENTION
PC Cleaner v3.2 (x32 Version: 3.2 - PC Help Soft) Hidden
Task: {06E6A0FA-06D2-4632-883D-201B4889A438} - \e20aa047-a2ab-4905-b64f-21f07483fa4f-10_user -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {5187F243-6BE4-42FF-8FF7-F9BEED11DD26} - \e20aa047-a2ab-4905-b64f-21f07483fa4f-7 -> No File <==== ATTENTION
Task: {7F61216C-5504-414A-A466-0D68B09933B1} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B800A32F-7021-4A27-99D8-FFB02519B170} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {BF3F43CD-0BE9-45C3-A939-6B711E611D22} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {F9FE5BBA-2BB3-4913-85BF-F2761AB48B23} - \e20aa047-a2ab-4905-b64f-21f07483fa4f-6 -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FEAEE09D-2D7B-40EA-8667-F115307D6DCD} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION
Task: C:\Windows\Tasks\e20aa047-a2ab-4905-b64f-21f07483fa4f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV02.05\e20aa047-a2ab-4905-b64f-21f07483fa4f-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\e20aa047-a2ab-4905-b64f-21f07483fa4f-3.job => C:\Program Files (x86)\CinemaP-1.9cV02.05\e20aa047-a2ab-4905-b64f-21f07483fa4f-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\e20aa047-a2ab-4905-b64f-21f07483fa4f-6.job => C:\Program Files (x86)\CinemaP-1.9cV02.05\e20aa047-a2ab-4905-b64f-21f07483fa4f-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e20aa047-a2ab-4905-b64f-21f07483fa4f-7.job => C:\Program Files (x86)\CinemaP-1.9cV02.05\e20aa047-a2ab-4905-b64f-21f07483fa4f-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
C:\Program Files (x86)\CinemaP-1.9cV02.05
AlternateDataStreams: C:\ProgramData\TEMP:98181191
FirewallRules: [{BF264930-8622-4513-9A34-653EC1BE5FE7}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{5108F449-32E3-48D3-BA56-BAF4C82D0B0A}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{DA0E9456-614C-45F3-8070-359FAD3100A1}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{458CD983-6742-4C3D-BC7E-CF6227BB9660}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{88B2B029-5EB0-4328-8994-0DE11F96BD7A}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{197BB573-F00E-4795-9D89-9F126AD90319}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: