Task: {0D4A518A-DF9A-4EF5-B2C9-BCCA25713362} - System32\Tasks\{3A66CE80-4733-4203-9F7A-462BED78E89F} => C:\Windows\system32\pcalua.exe -a E:\Boot\Setup.exe -d E:\
Task: {BA2E555B-536B-40B0-8F32-8AE50F08B90F} - System32\Tasks\igfxhk => C:\Users\Vladana\AppData\Roaming\Terq\srvce.exe
C:\Users\Vladana\AppData\Roaming\Terq
Task: {D00D3C68-28B6-430D-83FD-061E0EAFCDA9} - System32\Tasks\{9194DE95-4B06-4F9D-B927-18DB5B401FBF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladana\AppData\Local\TNT2\2.0.0.1534\TNT2User.exe -c /UNINSTALL PARTNER=10513
C:\Users\Vladana\AppData\Local\TNT2
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 -  No File
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: pokki.com/PokkiDownloadHelper -> C:\Users\Vladana\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [No File]
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iSkysoft iTransfer\DriverInstall.exe [X]
U3 avgbu57v; C:\Windows\System32\Drivers\avgbu57v.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U4 ekrn; no ImagePath
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
CMD: dir C:\Windows\Wget
CMD: dir C:\Windows\Curl
CMD: type c:\windows\e.bat
CMD: type c:\windows\y.txt
CMD: type c:\windows\d.bat
CMD: type C:\Windows\mgr_n.reg
CMD: type  C:\Windows\mgr_f.reg
CMD: type  C:\Windows\e.reg
VirusTotal: C:\Windows\e.exe
VirusTotal: C:\Windows\d.exe
VirusTotal: C:\Windows\fr.exe
2019-11-17 00:17 - 2019-10-21 20:51 - 000002930 _____ C:\Windows\e.bat
2019-11-17 00:17 - 2019-07-30 17:00 - 000004608 _____ () C:\Windows\e.exe
2019-11-17 00:16 - 2019-09-12 17:27 - 000025600 _____ () C:\Windows\fr.exe
2019-11-16 16:28 - 2019-11-16 16:28 - 000000000 ____D C:\Windows\Wget
2019-11-16 16:28 - 2019-11-16 16:28 - 000000000 ____D C:\Windows\curl
2019-11-16 16:28 - 2019-10-12 19:40 - 000004608 _____ () C:\Windows\d.exe
2019-11-16 16:28 - 2019-09-12 15:16 - 000001241 _____ C:\Windows\d.bat
2019-11-16 16:28 - 2019-08-09 16:30 - 000000001 _____ C:\Windows\y.txt
2019-11-16 16:28 - 2019-08-09 15:28 - 000000302 _____ C:\Windows\mgr_n.reg
2019-11-16 16:28 - 2019-08-09 15:28 - 000000302 _____ C:\Windows\mgr_f.reg
2019-11-16 16:28 - 2019-08-09 15:28 - 000000290 _____ C:\Windows\e.reg
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: