CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [cpuminer] => C:\Users\Audio User\AppData\Roaming\cpuminer\cpm.exe
HKLM\...\Run: [applica] => "C:\Program Files (x86)\applica\applica.exe"
HKLM\...\RunOnce: [OTUTPRODUCT_CWVQN] => "C:\Program Files (x86)\mpck\otutnetwork.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\ProgramData\Zonekix\PlusTough.dll => No File
AppInit_DLLs-x32: C:\ProgramData\Zonekix\Stimis.dll => No File
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} =>  No File
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} =>  No File
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} =>  No File
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} =>  No File
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GeekBuddy.lnk [2016-07-17]
ShortcutTarget: GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.pogo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000 -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Tanfuurpeubota -> {764447F3-A06A-4432-8788-F04BC76DECE3} -> C:\Program Files\Tanfuurpeubota\Keeio64.dll => No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: No Name -> {D3EE7876-057D-431E-8848-3D1A3EDC4F59} -> No File
BHO-x32: Tanfuurpeubota -> {764447F3-A06A-4432-8788-F04BC76DECE3} -> C:\Program Files\Tanfuurpeubota\Keeio.dll => No File
BHO-x32: No Name -> {D3EE7876-057D-431E-8848-3D1A3EDC4F59} -> No File
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=G7Hzftpbl0cshmoAR,f105e1c5-37f4-4be8-b3d3-4517333acd0d,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=G7Hzftpbl0cshmoAR,f105e1c5-37f4-4be8-b3d3-4517333acd0d,"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=G7Hzftpbl0cshmoAR,f105e1c5-37f4-4be8-b3d3-4517333acd0d,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [X]
S2 E945B08D-A156-4A92-941E-F97888CD7E6E; "C:\Program Files\Tanfuurpeubota\Ekitgu.exe" [X]
S2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service [X]
S4 GTFPOQUOTT Updater; C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe [X]
S2 Komjokj; "C:\Users\Audio User\AppData\Roaming\HoyiPaawur\Kaotwodx.exe" -cms [X]
S2 Kouns; "C:\Users\Audio User\AppData\Roaming\SivmuUphem\Wephhik.exe" -cms [X]
S2 Lhpalauf; "C:\Users\Audio User\AppData\Roaming\Kiwlikdou\Kiwlikdou.exe" -cms [X]
S2 OutfoxTvService; no ImagePath
S2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe /service [X]
S2 Tanfuurpeubota Updater; C:\Program Files\Tanfuurpeubota\Jooukvo.exe [X]
S2 Uuoha; "C:\Users\Audio User\AppData\Roaming\Fupbyorc\Fupbyorc.exe" -cms [X]
S2 Zonekix; C:\ProgramData\\Zonekix\\Zonekix.exe shuz -f "C:\ProgramData\\Zonekix\\Zonekix.dat" -l -a
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [X]
U4 WSearch; no ImagePath
2016-07-17 08:44 - 2016-07-17 12:42 - 00000000 ____D C:\ProgramData\b70986d7-6261-1
2016-07-17 08:44 - 2016-07-17 12:42 - 00000000 ____D C:\ProgramData\b70986d7-10e5-0
2016-07-17 08:44 - 2016-07-17 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-07-17 08:32 - 2016-07-17 08:32 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-07-17 08:32 - 2016-07-17 08:32 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-07-17 08:32 - 2016-07-17 08:32 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-07-17 07:38 - 2016-07-17 07:38 - 00027456 _____ C:\Windows\system32\Drivers\bsdpf64.sys
2016-07-17 07:38 - 2016-07-17 07:38 - 00026944 _____ C:\Windows\system32\Drivers\bsdpr64.sys
2016-07-12 02:34 - 2016-07-12 02:37 - 00000140 _____ C:\Windows\Reimage.ini
2016-05-18 15:36 - 2016-05-18 15:36 - 00005632 _____ C:\Users\Audio User\AppData\Local\ddnow4.exe
2016-05-18 15:35 - 2016-05-18 15:35 - 00005120 _____ C:\Users\Audio User\AppData\Local\ddnow.exe
2016-05-12 15:45 - 2016-05-12 15:45 - 00007680 _____ C:\Users\Audio User\AppData\Local\tinstall4.exe
C:\ProgramData\smp2.exe
Task: {19EE7B53-ACA0-4312-BCA8-3DCEA71C2968} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {1B260579-139B-4158-877F-4E91BA2F5C90} - \{689543B2-D1E8-4CDB-B175-0FBAB4717638} -> No File <==== ATTENTION
Task: {27FC23D3-02FE-4745-9FB9-EE1574278F6A} - \bvyvbvyf -> No File <==== ATTENTION
Task: {2820E264-1489-448D-9CFF-D6C7D108FCCD} - \{98CC4B01-7CFC-4E52-838C-3A1AE015DA74} -> No File <==== ATTENTION
Task: {29D3780A-6541-4BA3-87AE-DAF3078DB8FE} - \User_Feed_Synchronization-{EE66B57E-A4B2-4C59-BD7E-4DEAB7DF2236} -> No File <==== ATTENTION
Task: {2C4C51A6-8A79-44FD-9B8B-7C11F6BF3A5A} - \{CCB88131-79A5-4E2F-8065-9615D6939433} -> No File <==== ATTENTION
Task: {2D5041A7-2404-4262-B22E-AAB87B7FF1B4} - \{4DB5B96E-ECFE-480F-A199-73AF5FEAD2B1} -> No File <==== ATTENTION
Task: {435B0548-4CDD-4883-99CF-C7889EEC2FD1} - \{CCA46C81-AC32-4BEF-A80B-B2C4A7B922CC} -> No File <==== ATTENTION
Task: {436322C6-7BB5-497C-9710-C13B0F59285D} - \{4E874C02-58BC-474B-9BC5-B30D3769C7A9} -> No File <==== ATTENTION
Task: {437AEF62-1AAA-429B-8EE5-5C086572A4A5} - \{C833CA22-AE31-4BF0-94AC-DD7112270425} -> No File <==== ATTENTION
Task: {478C3DB9-5A87-4E7E-AC38-5DB61CCD74E3} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {49E5A31A-F64D-48B3-BAD7-5511F8CE1743} - \{DCD51D10-F096-4FF0-87B1-8574BA8948C2} -> No File <==== ATTENTION
Task: {4C00DB0E-4071-4872-90BF-DEAB1AA855B5} - \{2294BC3A-A918-4269-93BB-E3569D509869} -> No File <==== ATTENTION
Task: {4C9FC4E7-CDC4-4518-94D8-BFDB3C3AC3D5} - \{B4BF941B-271C-477B-9B45-0CC6C612E8E7} -> No File <==== ATTENTION
Task: {4D642726-689D-4890-B755-9A5B80141AAD} - \HPCeeScheduleForAudio User -> No File <==== ATTENTION
Task: {5732D656-FBE8-4ADD-91A1-CC8A6EA694F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {5F11FC22-DCCB-4BBA-9F25-8DD76C2E478E} - \{01AFF4F1-8DA7-4FE8-B75B-7898043DCB42} -> No File <==== ATTENTION
Task: {5F5D1FB4-757C-4046-BBBF-24A6C166F87C} - \{7D8B0684-4E21-421A-9DA3-22E875D90BC5} -> No File <==== ATTENTION
Task: {620D0FA0-7AB7-45B8-9892-9EFFF77A4573} - \{5745C39A-3B26-438F-B47A-597FD044E408} -> No File <==== ATTENTION
Task: {6551D92C-827F-407E-B29B-F85A66441CC6} - \{738C6031-AEE0-4467-B021-99E56A92283C} -> No File <==== ATTENTION
Task: {68975819-C141-48CA-8E84-0A2B1E1E53CA} - \{8C4B97E4-242B-45A5-B7CA-D968019EE02D} -> No File <==== ATTENTION
Task: {72987859-2B31-4980-94BD-38D7C855C0CF} - \{11D1D1EE-610E-4E26-9ABE-CDF087450E0E} -> No File <==== ATTENTION
Task: {7679D5E0-B6DA-4938-ACA0-ECB027F435F3} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {8AF844C1-2FE2-4A0A-A0DC-45F7068DB1FF} - \{4F0A5C75-0C96-48D0-8CAB-ED73E892BD0F} -> No File <==== ATTENTION
Task: {8CB2B761-F9A5-4D84-8917-B8ADD7E9F249} - \{4476F1CD-B142-496F-9233-397311D32C1F} -> No File <==== ATTENTION
Task: {94365D0A-7804-42B4-B90C-EB83442DDD67} - \SMW_P -> No File <==== ATTENTION
Task: {9A338660-DE8C-4787-9A17-9C7C15E44C46} - \Opera scheduled Autoupdate 1436904114 -> No File <==== ATTENTION
Task: {9C16C985-1749-4B01-9E8E-E4C1053107CC} - \{6EC65ECE-07AD-4BB1-8330-2D90306B992F} -> No File <==== ATTENTION
Task: {9DAA0B85-6A92-4DEE-9C8C-05BC6CCB07AD} - \{1D41E91B-212B-4C82-9515-D8D3BC4F3D7E} -> No File <==== ATTENTION
Task: {A163075E-C918-413E-9B49-7F4793BE782F} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {A18C2DCF-E648-4901-862F-B1B788BB4563} - \GTFPOQUOTT -> No File <==== ATTENTION
Task: {A209D341-DCB8-43A1-A1BD-BBFA09ADEE25} - \{AB1DE566-54CF-4F83-AFDE-17137BE0F280} -> No File <==== ATTENTION
Task: {A49CA0BD-E2B1-403A-A173-43A49DE8A5FA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B0744C5E-0996-42BF-9B74-9BBB2D949173} - \{57453332-E9F4-4093-B4AB-8A1C0C0D5707} -> No File <==== ATTENTION
Task: {B601BC48-667A-43E3-867B-EFCC15833D08} - \AdobeAAMUpdater-1.0-AudioUser-PC-Audio User -> No File <==== ATTENTION
Task: {B86F6A4B-FB07-4676-9B80-1280DA10F0BD} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {BCD28677-D2F0-483F-BABB-1524C6F2F812} - \{CD18775E-7A9E-4167-8C63-1ADF504334D7} -> No File <==== ATTENTION
Task: {C61EA3A5-03D1-43ED-BA23-8D1264DB8E2D} - \{19B409AC-4ED8-4FE5-B771-BA649E064B40} -> No File <==== ATTENTION
Task: {C6369937-B5E2-4CE2-AE3C-E6ED819E817F} - \{EA6CE454-0CAB-4E15-8C62-9BAD01D34962} -> No File <==== ATTENTION
Task: {C69307F9-A159-4E7F-87A8-E4CB77B20CA3} - \{EA478442-06BD-40D9-99EE-E2A5D4EF31B5} -> No File <==== ATTENTION
Task: {C94419C8-629F-4021-B8CB-D9D33151BB45} - \{51B09220-0A0A-4302-B129-FCD1119106BA} -> No File <==== ATTENTION
Task: {D349114A-41F1-4752-B809-8FE29E70CE9D} - \{B0A151AA-7659-482A-8D0E-4C3270186686} -> No File <==== ATTENTION
Task: {D3DE2350-202E-41E3-BE63-A9F6E599113A} - \{09C97923-5FCE-4D37-9528-6A5DA8E5C872} -> No File <==== ATTENTION
Task: {D604963D-C8AC-4493-9C14-999289A6223C} - \{E752D505-44E8-4FB0-944C-C994CA17BE39} -> No File <==== ATTENTION
Task: {E42D372E-A225-41BD-A22B-C2A930D8CB5C} - \RunAsStdUser Task -> No File <==== ATTENTION
Task: {EB2BB628-B3BA-4E35-87E8-30A675472AA8} - \{422A65CB-1FCB-4305-AA2B-F7A0BE88ABF4} -> No File <==== ATTENTION
C:\Users\Audio User\AppData\Local\ba75\5e9c.lnk -> C:\Users\Audio User\AppData\Local\ba75\88f9.bat (No File)
AlternateDataStreams: C:\Windows:AstInfo [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:0738A6D5 [336]
AlternateDataStreams: C:\ProgramData\TEMP:090FB735 [120]
AlternateDataStreams: C:\ProgramData\TEMP:092BD83A [460]
AlternateDataStreams: C:\ProgramData\TEMP:0FA1FA1F [226]
AlternateDataStreams: C:\ProgramData\TEMP:1A14B3AF [234]
AlternateDataStreams: C:\ProgramData\TEMP:1B506EA3 [121]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [176]
AlternateDataStreams: C:\ProgramData\TEMP:1D5FADCD [238]
AlternateDataStreams: C:\ProgramData\TEMP:1FF82161 [233]
AlternateDataStreams: C:\ProgramData\TEMP:219DB32E [247]
AlternateDataStreams: C:\ProgramData\TEMP:236FF5C6 [228]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:2D5180DD [243]
AlternateDataStreams: C:\ProgramData\TEMP:2DB4FB78 [251]
AlternateDataStreams: C:\ProgramData\TEMP:31403DF7 [133]
AlternateDataStreams: C:\ProgramData\TEMP:320208DA [510]
AlternateDataStreams: C:\ProgramData\TEMP:3BDF57F4 [252]
AlternateDataStreams: C:\ProgramData\TEMP:3C8B784A [286]
AlternateDataStreams: C:\ProgramData\TEMP:3EC5BC08 [484]
AlternateDataStreams: C:\ProgramData\TEMP:4762F1D2 [236]
AlternateDataStreams: C:\ProgramData\TEMP:4FD3435F [246]
AlternateDataStreams: C:\ProgramData\TEMP:5106F19A [131]
AlternateDataStreams: C:\ProgramData\TEMP:566B9179 [520]
AlternateDataStreams: C:\ProgramData\TEMP:605645B0 [147]
AlternateDataStreams: C:\ProgramData\TEMP:63BA523E [245]
AlternateDataStreams: C:\ProgramData\TEMP:63C48B80 [243]
AlternateDataStreams: C:\ProgramData\TEMP:667D4A95 [235]
AlternateDataStreams: C:\ProgramData\TEMP:669AB5E1 [232]
AlternateDataStreams: C:\ProgramData\TEMP:6B2FBF73 [388]
AlternateDataStreams: C:\ProgramData\TEMP:6F604181 [227]
AlternateDataStreams: C:\ProgramData\TEMP:7687A3E3 [332]
AlternateDataStreams: C:\ProgramData\TEMP:7FA0D639 [175]
AlternateDataStreams: C:\ProgramData\TEMP:82756AB7 [147]
AlternateDataStreams: C:\ProgramData\TEMP:82D85D00 [140]
AlternateDataStreams: C:\ProgramData\TEMP:89B7A4D9 [230]
AlternateDataStreams: C:\ProgramData\TEMP:8C84E358 [147]
AlternateDataStreams: C:\ProgramData\TEMP:92D35C13 [143]
AlternateDataStreams: C:\ProgramData\TEMP:997DA6D7 [141]
AlternateDataStreams: C:\ProgramData\TEMP:9A6195F4 [498]
AlternateDataStreams: C:\ProgramData\TEMP:9FB6814A [137]
AlternateDataStreams: C:\ProgramData\TEMP:C3E7F2E9 [252]
AlternateDataStreams: C:\ProgramData\TEMP:C5A156B6 [233]
AlternateDataStreams: C:\ProgramData\TEMP:CA1F3AC3 [233]
AlternateDataStreams: C:\ProgramData\TEMP:CF8AEC6E [292]
AlternateDataStreams: C:\ProgramData\TEMP:DBB979D4 [242]
AlternateDataStreams: C:\ProgramData\TEMP:DC938322 [243]
AlternateDataStreams: C:\ProgramData\TEMP:E3615992 [132]
AlternateDataStreams: C:\ProgramData\TEMP:EC970DB6 [472]
AlternateDataStreams: C:\ProgramData\TEMP:ED2D63E4 [133]
AlternateDataStreams: C:\ProgramData\TEMP:EE2DD6CC [498]
AlternateDataStreams: C:\ProgramData\TEMP:EF69BA58 [488]
AlternateDataStreams: C:\ProgramData\TEMP:F74EC668 [464]
AlternateDataStreams: C:\ProgramData\TEMP:F9000065 [178]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
FirewallRules: [{1E415958-4029-4170-B081-EACAA246C847}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{AA64215A-9700-41C5-8EF1-A94173C50364}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{14D65D09-E1F7-40DE-B8D0-CA42BF7D4A56}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{DDA99010-6C92-429F-98A8-D49039F91010}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{72E8112A-7F6B-4D76-BA07-52BC09F1E026}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{4329A88A-55B3-4452-87D4-B80036D0AF4A}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{AD078D95-74DE-4E62-9819-CA7E22B4BC85}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{D11FCBF6-BF45-4CEE-84E1-9D19B4852BB4}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: