Thank you so much for the quick reply.
Here is a copy of FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by Vladana (administrator) on VLADANA-PC (FUJITSU LIFEBOOK AH512) (18-11-2019 14:53:34)
Running from C:\Users\Vladana\Desktop
Loaded Profiles: Vladana (Available Profiles: Vladana)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Upgrade Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iSkySoft) [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(WONBO TECHNOLOGY Co.,LIMITED -> ) C:\Program Files (x86)\KeepVid\KeepVid Pro\KeepVidProUpdateHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-19] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [169368 2012-06-29] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] (Nokia -> )
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files (x86)\KeepVid\KeepVid Pro\KeepVidProUpdateHelper.exe [33912 2017-08-15] (WONBO TECHNOLOGY Co.,LIMITED -> )
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2019-10-25] (Mixbyte Inc -> )
HKLM\...\Winlogon: [Shell] explorer.exe,d.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Run: [Google Update] => C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.342\GoogleUpdateCore.exe [218920 2019-11-05] (Google Inc -> Google LLC)
HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG -> Nero AG)
HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\RunOnce: [Uninstall C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\MountPoints2: {da4eedc7-7be1-11e2-8ac3-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-7682389-3612777877-391866582-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-07-06]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2019-11-16] () [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D4A518A-DF9A-4EF5-B2C9-BCCA25713362} - System32\Tasks\{3A66CE80-4733-4203-9F7A-462BED78E89F} => C:\Windows\system32\pcalua.exe -a E:\Boot\Setup.exe -d E:\
Task: {100579BF-7099-45D9-81DA-9283171425EF} - System32\Tasks\Opera scheduled Autoupdate 1433936833 => c:\program files (x86)\opera\launcher.exe [1534488 2019-11-05] (Opera Software AS -> Opera Software)
Task: {1BA80324-DEDD-4A84-B6B2-CA83338FEFC4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {250DFF6E-ACA0-469C-AE95-348B168F5625} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {282CF3B9-D0D3-4C91-9592-8EBE019D3CD7} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [147016 2014-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {31E39139-7D23-449D-BCED-F7C976E90C09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {3647BA06-A942-4A3A-A231-81D956C0A720} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-7682389-3612777877-391866582-1000Core => C:\Users\Vladana\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3CDCC095-85A8-4F47-A3FD-E5901E10F3FF} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [369752 2014-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {417C02B1-A8B8-4232-9ECA-7B637FC59D88} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-7682389-3612777877-391866582-1000UA => C:\Users\Vladana\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {64B1DDAF-9698-4A74-994F-0A07F4D7B428} - System32\Tasks\{EF41326F-22E8-4DCF-A020-C6061802D389} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladana\Desktop\avast_secureline_setup.exe -d C:\Users\Vladana\Desktop
Task: {7795D282-1AC8-4061-8740-20E3A1600B28} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {82855C30-C4B7-4A15-8981-4489BC782605} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {88983266-6574-4D42-9429-D9F16127D4A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)
Task: {8C89DC2A-A626-4A37-9C20-27E3EAD3A4E5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312 2014-10-30] (RealNetworks, Inc.) [File not signed]
Task: {8D71D9D7-DCCC-4240-BD4F-C4CA801119C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-06] (Google Inc -> Google Inc.)
Task: {99C2A032-6D1C-441F-87FE-DA0735A1B827} - System32\Tasks\{6243CAD4-3DB1-45D4-933D-254A23B4CA85} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {9E09A37F-ED36-420C-A03C-DE3C2082D6BE} - System32\Tasks\{375818AB-9982-4CB0-BF65-E9B77DBF0F5C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Car Thief 6 Full\Uninstall.exe" -c "C:\Program Files (x86)\Car Thief 6 Full\install.log"
Task: {A13BDE9B-63C9-405F-A251-35FF14182E3A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB15FF1F-7BDC-44D9-BC91-CA52A72C11A7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-7682389-3612777877-391866582-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [147016 2014-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {BA2E555B-536B-40B0-8F32-8AE50F08B90F} - System32\Tasks\igfxhk => C:\Users\Vladana\AppData\Roaming\Terq\srvce.exe
Task: {C3E6B74D-A015-41CB-880A-351C9A99C7A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-06] (Google Inc -> Google Inc.)
Task: {CFBA6569-6A55-4FC1-A592-F5F587B9D002} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-13] (Adobe Inc. -> Adobe)
Task: {D00D3C68-28B6-430D-83FD-061E0EAFCDA9} - System32\Tasks\{9194DE95-4B06-4F9D-B927-18DB5B401FBF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladana\AppData\Local\TNT2\2.0.0.1534\TNT2User.exe -c /UNINSTALL PARTNER=10513
Task: {D3B04CF0-75EA-4648-ACB9-9595936714D9} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] (RealNetworks, Inc. -> )
Task: {EF68E912-4810-45BB-A8DF-394E2CB49789} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-7682389-3612777877-391866582-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312 2014-10-30] (RealNetworks, Inc.) [File not signed]
Task: {F41616F1-BAE7-4545-B894-B26DB5462DA7} - System32\Tasks\SafeZone scheduled Autoupdate 1458718670 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {F99782F5-00F3-46F3-B278-C98C01F39A08} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C2497A5-01F6-4BCC-9CA4-707802C9870D}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{935B787B-988D-48CA-B7C2-9CD4F281E961}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E0977D5E-E20A-454E-B20E-ED97A614D189}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-7682389-3612777877-391866582-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26] (RealNetworks, Inc. -> RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
FireFox:
========
FF DefaultProfile: 3mk9fbgv.default-1535656138801
FF ProfilePath: C:\Users\Vladana\AppData\Roaming\Mozilla\Sunbird\Profiles\qf1m1mra.default [2016-08-26]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Sunbird\extensions\
[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [not found]
FF ProfilePath: C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801 [2019-11-09]
FF Homepage: Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801 -> hxxps://www.google.com/webhp?complete=0&hl=en
FF Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\
[email protected] [2019-11-08]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\
[email protected] [2019-11-08]
FF Extension: (uBlock Origin) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\
[email protected] [2019-11-08]
FF Extension: (Avast Online Security) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\
[email protected] [2019-11-08]
FF Extension: (Video | GIF Downloader for Twitter) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\{7bcecd12-7e59-44fd-b721-8852ae8b20a8}.xpi [2019-08-24]
FF Extension: (Tab Auto Refresh) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2019-08-24]
FF Extension: (Video Scrubber for Instagram) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\3mk9fbgv.default-1535656138801\Extensions\{a68cb35a-62b5-4786-99f4-3e435f6590aa}.xpi [2019-11-08]
FF ProfilePath: C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\yzcmo8r9.default-1474756565810 [2017-05-05]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\yzcmo8r9.default-1474756565810\Extensions\
[email protected] [2019-02-19]
FF Extension: (Avast Online Security) - C:\Users\Vladana\AppData\Roaming\Mozilla\Firefox\Profiles\yzcmo8r9.default-1474756565810\Extensions\
[email protected] [2018-07-17]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-24] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\KeepVid\KeepVid Pro\BrowserPlugin\
[email protected]_xpi
FF Extension: (KeepVid Pro) - C:\Program Files (x86)\KeepVid\KeepVid Pro\BrowserPlugin\
[email protected]_xpi [2017-09-02] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @ASC/FileLabPlugin;version=1.1.33 -> C:\ProgramData\FileLab\Plugin\Framework\npFlPluginS.dll [2012-02-20] (Ascensio System SIA -> FileLab) [File not signed]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] (Nokia -> )
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-02-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-02-06] (RealNetworks, Inc. -> RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vladana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: pokki.com/PokkiDownloadHelper -> C:\Users\Vladana\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [No File]
FF Plugin HKU\S-1-5-21-7682389-3612777877-391866582-1000: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [No File]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxps://www.google.com/webhp?complete=0&hl=en
CHR StartupUrls: Profile 1 -> "chrome://apps/"
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=2.1.0
CHR DefaultSearchKeyword: Profile 1 -> ecosia
CHR DefaultSuggestURL: Profile 1 -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=en_US
CHR Profile: C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-09-06]
CHR Profile: C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-11-18]
CHR Extension: (Slides) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-06]
CHR Extension: (Docs) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Google Drive) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Video Progress Bar & Controls for Instagram™) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhdahocbinakfolafliljfkgkdeemgcd [2019-01-07]
CHR Extension: (YouTube) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-06]
CHR Extension: (Facebook) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2018-09-06]
CHR Extension: (Chrome IG Story) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-16]
CHR Extension: (uBlock Origin) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-30]
CHR Extension: (Disable automatic tab discarding) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnhngfnfolbmhgealdpolmhimnoliiok [2019-09-26]
CHR Extension: (Ecosia Search) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-26]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2019-10-05]
CHR Extension: (Sheets) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-06]
CHR Extension: (Skyload - Music and video downloader) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnmpfimijcopbiaiobinamadmnmhckmp [2019-08-23]
CHR Extension: (Emojis - Emoji Keyboard) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaoflciahikhligngeccdecgfjngejlh [2019-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Super Auto Refresh Plus) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\globgafddkdlnalejlkcpaefakkhkdoa [2019-10-19]
CHR Extension: (Stream Video Downloader) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-10-15]
CHR Extension: (GoodTwitter) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbanhionoclikdjnjlcmefiofgjimgca [2019-10-05]
CHR Extension: (Penzu) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khgpedpfmjojllfmmhfabemdelhncneo [2018-09-06]
CHR Extension: (Google Hangouts) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2019-05-23]
CHR Extension: (Google Maps) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-09-06]
CHR Extension: (Twitter Video Downloader | Fast and Free) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nbkknbagklenkcienihfapbfpjemnfoi [2019-10-28]
CHR Extension: (IG Stories for Instagram™) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nilbfjdbacfdodpbdondbbkmoigehodg [2019-10-15]
CHR Extension: (Slinky Modern) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nilnodhmmonndffbejancdeiggflcehi [2018-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Spotify Music Dwnloader) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oefdcdmhklplgdmendjfnjeiijgcmabi [2019-01-25]
CHR Extension: (Gmail) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-24]
CHR Extension: (RightToCopy) - C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-12-02]
CHR Profile: C:\Users\Vladana\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-06]
CHR HKU\S-1-5-21-7682389-3612777877-391866582-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
Opera:
=======
OPR DownloadDir: C:\Users\Vladana\Desktop
OPR StartupUrls: "hxxps://www.google.rs/webhp?complete=0&hl=en&gws_rd=cr&ei=2SN4VYC0FIHbsgHZ8IDQCA"
OPR Extension: (Tab Auto Refresh) - C:\Users\Vladana\AppData\Roaming\Opera Software\Opera Stable\Extensions\filddmgeklidnenaibigmjeopkaccljm [2019-06-13]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Vladana\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2018-09-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (Microsoft Windows Hardware Compatibility Publisher -> DTS, Inc)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-25] (Mixbyte Inc -> Freemake)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [192384 2019-11-04] (AnchorFree Inc -> AnchorFree Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] (Intel Corporation-Mobile Wireless Group -> )
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608 2012-06-29] (FUJITSU LIMITED -> FUJITSU LIMITED)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] (RealNetworks, Inc. -> )
S4 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2015-02-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] (RealNetworks, Inc. -> )
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iSkysoft iTransfer\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [195584 2012-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195584 2012-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76192 2018-03-19] (Malwarebytes Corporation -> )
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (Microsoft Windows Hardware Compatibility Publisher -> FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (Microsoft Windows Hardware Compatibility Publisher -> FUJITSU LIMITED)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193768 2019-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2019-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2019-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2019-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [93816 2019-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsucx64; C:\Windows\System32\drivers\nmwcdnsucx64.sys [12800 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\Windows\System32\drivers\nmwcdnsux64.sys [171008 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-02-20] () [File not signed]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U3 avgbu57v; C:\Windows\System32\Drivers\avgbu57v.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U4 ekrn; no ImagePath
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-18 14:53 - 2019-11-18 14:55 - 000047409 _____ C:\Users\Vladana\Desktop\FRST.txt
2019-11-18 14:24 - 2019-11-18 14:54 - 000000000 ____D C:\FRST
2019-11-18 14:22 - 2019-11-18 14:52 - 002260480 _____ (Farbar) C:\Users\Vladana\Desktop\FRST64.exe
2019-11-17 00:22 - 2019-11-18 14:10 - 000003370 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000
2019-11-17 00:22 - 2019-11-18 14:10 - 000003240 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-7682389-3612777877-391866582-1000
2019-11-17 00:17 - 2019-10-21 20:51 - 000002930 _____ C:\Windows\e.bat
2019-11-17 00:17 - 2019-07-30 17:00 - 000004608 _____ () C:\Windows\e.exe
2019-11-17 00:16 - 2019-09-12 17:27 - 000025600 _____ () C:\Windows\fr.exe
2019-11-16 17:33 - 2019-11-16 17:45 - 000000000 ____D C:\Users\Vladana\AppData\Local\CrashDumps
2019-11-16 17:31 - 2019-11-16 17:46 - 000000000 ____D C:\Program Files (x86)\Avira
2019-11-16 16:54 - 2019-11-16 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2019-11-16 16:54 - 2019-11-16 16:54 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2019-11-16 16:52 - 2019-11-16 16:54 - 000001028 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2019-11-16 16:52 - 2019-11-16 16:54 - 000001028 _____ C:\ProgramData\Desktop\Hotspot Shield.lnk
2019-11-16 16:40 - 2019-11-16 16:54 - 000000000 ____D C:\ProgramData\Hotspot Shield
2019-11-16 16:39 - 2019-11-16 16:39 - 000000000 ____D C:\Users\Vladana\AppData\Local\Turbo.net
2019-11-16 16:28 - 2019-11-16 16:28 - 000000000 ____D C:\Windows\Wget
2019-11-16 16:28 - 2019-11-16 16:28 - 000000000 ____D C:\Windows\curl
2019-11-16 16:28 - 2019-10-12 19:40 - 000004608 _____ () C:\Windows\d.exe
2019-11-16 16:28 - 2019-09-12 15:16 - 000001241 _____ C:\Windows\d.bat
2019-11-16 16:28 - 2019-08-09 16:30 - 000000001 _____ C:\Windows\y.txt
2019-11-16 16:28 - 2019-08-09 15:28 - 000000302 _____ C:\Windows\mgr_n.reg
2019-11-16 16:28 - 2019-08-09 15:28 - 000000302 _____ C:\Windows\mgr_f.reg
2019-11-16 16:28 - 2019-08-09 15:28 - 000000290 _____ C:\Windows\e.reg
2019-11-16 16:21 - 2019-11-16 16:21 - 000000000 ____D C:\Users\Vladana\Documents\Visual Studio 2005
2019-11-16 15:55 - 2019-11-16 15:55 - 000001276 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2019-11-16 15:55 - 2019-11-16 15:55 - 000001276 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2019-11-16 15:55 - 2019-11-16 15:55 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2019-11-16 15:55 - 2019-11-16 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2019-11-16 14:14 - 2019-11-16 14:14 - 000001216 _____ C:\Users\Vladana\Desktop\4K Video Downloader.lnk
2019-11-16 14:14 - 2019-11-16 14:14 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader
2019-11-16 14:14 - 2019-11-16 14:14 - 000000000 ____D C:\Users\Vladana\AppData\Local\4kdownload.com
2019-11-16 14:14 - 2019-11-16 14:14 - 000000000 ____D C:\Program Files (x86)\4KDownload
2019-11-15 19:03 - 2019-11-17 00:15 - 000000000 ____D C:\Users\Vladana\AppData\Local\ZenMate
2019-11-11 01:34 - 2019-11-18 01:34 - 000003348 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000
2019-11-11 01:34 - 2019-11-18 01:34 - 000003218 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-7682389-3612777877-391866582-1000
2019-11-08 21:02 - 2019-11-11 01:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-10-22 01:05 - 2019-10-22 01:05 - 000000935 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2019-10-22 01:05 - 2019-10-22 01:05 - 000000935 _____ C:\ProgramData\Desktop\Mp3tag.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-18 14:05 - 2009-07-14 05:45 - 000016816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-18 14:05 - 2009-07-14 05:45 - 000016816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-18 14:03 - 2013-03-19 22:08 - 000746014 _____ C:\Windows\system32\perfh00C.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000740656 _____ C:\Windows\system32\perfh015.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000714178 _____ C:\Windows\system32\prfh0416.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000684052 _____ C:\Windows\system32\perfh00E.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000607286 _____ C:\Windows\system32\perfh008.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000494812 _____ C:\Windows\system32\perfh014.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000479312 _____ C:\Windows\system32\perfh001.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000417076 _____ C:\Windows\system32\perfh011.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000171600 _____ C:\Windows\system32\perfc00E.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000156198 _____ C:\Windows\system32\perfc015.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000149906 _____ C:\Windows\system32\perfc00C.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000147982 _____ C:\Windows\system32\prfc0416.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000122426 _____ C:\Windows\system32\perfc011.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000111454 _____ C:\Windows\system32\perfc008.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000095730 _____ C:\Windows\system32\perfc014.dat
2019-11-18 14:03 - 2013-03-19 22:08 - 000095098 _____ C:\Windows\system32\perfc001.dat
2019-11-18 14:03 - 2013-03-19 15:24 - 000481800 _____ C:\Windows\system32\perfh00B.dat
2019-11-18 14:03 - 2013-03-19 15:24 - 000101846 _____ C:\Windows\system32\perfc00B.dat
2019-11-18 14:03 - 2009-07-14 06:13 - 007211860 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-18 14:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-11-18 13:58 - 2018-07-17 21:31 - 000000000 ____D C:\Users\Vladana\AppData\Local\AVAST Software
2019-11-18 13:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-18 13:46 - 2017-09-05 15:33 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Mp3tag
2019-11-18 02:26 - 2014-10-19 23:52 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\vlc
2019-11-17 22:16 - 2013-02-21 01:36 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Azureus
2019-11-17 02:16 - 2013-02-20 22:41 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-16 17:47 - 2019-05-23 11:52 - 000003160 _____ C:\Windows\system32\Tasks\{EF41326F-22E8-4DCF-A020-C6061802D389}
2019-11-16 17:47 - 2018-09-06 18:23 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-16 17:47 - 2018-09-06 18:23 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-16 17:47 - 2018-03-14 03:40 - 000004470 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-16 17:47 - 2017-09-02 20:05 - 000003488 _____ C:\Windows\system32\Tasks\igfxhk
2019-11-16 17:47 - 2016-03-23 08:37 - 000003052 _____ C:\Windows\system32\Tasks\SafeZone scheduled Autoupdate 1458718670
2019-11-16 17:47 - 2016-01-03 12:45 - 000003652 _____ C:\Windows\system32\Tasks\DivXUpdate
2019-11-16 17:47 - 2015-12-03 22:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-11-16 17:47 - 2015-06-10 12:59 - 000004458 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-16 17:47 - 2015-06-10 12:47 - 000003850 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1433936833
2019-11-16 17:47 - 2015-02-06 11:56 - 000003432 _____ C:\Windows\system32\Tasks\RealDownloader Update Check
2019-11-16 17:47 - 2015-01-06 11:27 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-11-16 17:47 - 2014-07-14 00:42 - 000003226 _____ C:\Windows\system32\Tasks\{375818AB-9982-4CB0-BF65-E9B77DBF0F5C}
2019-11-16 17:47 - 2013-07-27 16:59 - 000003176 _____ C:\Windows\system32\Tasks\{9194DE95-4B06-4F9D-B927-18DB5B401FBF}
2019-11-16 17:47 - 2013-03-15 02:37 - 000003192 _____ C:\Windows\system32\Tasks\{6243CAD4-3DB1-45D4-933D-254A23B4CA85}
2019-11-16 17:47 - 2013-02-28 00:53 - 000003390 _____ C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-7682389-3612777877-391866582-1000
2019-11-16 17:47 - 2013-02-21 21:07 - 000003508 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-7682389-3612777877-391866582-1000UA
2019-11-16 17:47 - 2013-02-21 21:07 - 000003236 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-7682389-3612777877-391866582-1000Core
2019-11-16 17:47 - 2013-02-21 15:09 - 000003050 _____ C:\Windows\system32\Tasks\{3A66CE80-4733-4203-9F7A-462BED78E89F}
2019-11-16 17:47 - 2013-02-20 22:41 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-16 17:46 - 2019-05-23 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-11-16 16:21 - 2013-02-20 22:23 - 000000000 ____D C:\Users\Vladana\AppData\Local\Microsoft Help
2019-11-16 15:55 - 2014-08-18 11:50 - 000000000 ____D C:\Program Files (x86)\Freemake
2019-11-16 14:54 - 2017-07-25 15:43 - 000000000 ____D C:\Users\Vladana\AppData\Local\FreemakeVideoConverter
2019-11-16 14:54 - 2014-08-18 11:50 - 000000000 ____D C:\ProgramData\Freemake
2019-11-16 13:48 - 2017-08-25 02:23 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2019-11-15 19:04 - 2017-08-25 02:23 - 000000000 ____D C:\Users\Vladana\AppData\Local\SquirrelTemp
2019-11-15 17:02 - 2013-02-20 21:51 - 000000000 ____D C:\Users\Vladana\AppData\Local\Google
2019-11-13 21:40 - 2013-02-20 22:41 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-11-13 21:40 - 2013-02-20 22:41 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-11-13 21:40 - 2013-02-20 22:41 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-11 15:42 - 2016-09-25 12:57 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Apowersoft
2019-11-11 01:33 - 2017-03-14 00:19 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-11 01:28 - 2013-02-20 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-09 12:32 - 2017-04-16 10:33 - 000000000 ____D C:\Users\Vladana\AppData\LocalLow\Mozilla
2019-11-08 01:14 - 2018-09-06 18:24 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-08 01:14 - 2018-09-06 18:24 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-08 01:14 - 2018-09-06 18:24 - 000002143 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-07 18:44 - 2015-06-10 12:47 - 000000000 ____D C:\Program Files (x86)\Opera
2019-11-06 11:30 - 2016-09-05 13:58 - 000001271 _____ C:\Users\Vladana\Desktop\marker.txt
2019-11-05 05:03 - 2013-02-20 21:52 - 000000000 ____D C:\Users\Vladana\AppData\Roaming\Mozilla
2019-11-05 00:06 - 2015-10-15 21:00 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-22 01:05 - 2017-09-05 14:37 - 000000000 ____D C:\Program Files (x86)\Mp3tag
==================== Files in the root of some directories ========
2013-04-12 20:07 - 2014-11-17 02:37 - 000000580 _____ () C:\Users\Vladana\AppData\Roaming\AutoGK.ini
2013-03-15 02:55 - 2014-11-18 03:36 - 000010752 _____ () C:\Users\Vladana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-19 01:43 - 2015-05-19 01:43 - 000247298 _____ () C:\Users\Vladana\AppData\Local\Tempdivx84f8
2015-07-02 22:06 - 2015-07-02 22:06 - 000043682 _____ () C:\Users\Vladana\AppData\Local\Tempdivxffab
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-11-17 06:56
==================== End of FRST.txt ========================
And here is the copy of Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Vladana (18-11-2019 14:55:27)
Running from C:\Users\Vladana\Desktop
Windows 7 Ultimate (X64) (2013-02-20 19:53:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-7682389-3612777877-391866582-500 - Administrator - Disabled)
Guest (S-1-5-21-7682389-3612777877-391866582-501 - Limited - Disabled)
Vladana (S-1-5-21-7682389-3612777877-391866582-1000 - Administrator - Enabled) => C:\Users\Vladana
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
ACDSee 10 Photo Manager (HKLM-x32\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apowersoft Online Launcher version 1.6.1 (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Auto Gordian Knot 2.55 (HKLM-x32\...\AutoGK) (Version: 2.55 - len0x)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVI ReComp 1.5.5 (HKLM-x32\...\AVI ReComp) (Version: 1.5.5 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Awesomium.NET Redistribution Module (HKLM-x32\...\{C34CAF35-6198-4EEB-970F-C61FC51D23BD}) (Version: 1.7.4.2 - ©2014 Awesomium Technologies LLC) Hidden
Bigasoft Total Video Converter 3.7.24.4700 (HKLM-x32\...\{a72ce741-1f32-4d79-bffb-a714375c678d}_is1) (Version: - Bigasoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52032.0_WHQL - Sonix)
Freemake Video Converter version 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Fujitsu Hotkey Utility (HKLM-x32\...\{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Video Support Plugin (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.11.1200.0 - Google, LLC.)
Hotspot Shield 9.21.3 Pre-Active (HKLM\...\{719C64E2-9BD5-4C6B-A13B-36E1DD27B015}) (Version: 9.21.3.11422 - hss721.blogspot.com) Hidden
Hotspot Shield 9.21.3 Pre-Active (HKLM\...\Hotspot Shield 9.21.3 Pre-Active 9.21.3.11422) (Version: 9.21.3.11422 - hss721.blogspot.com)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{705EE775-5776-48FD-B704-C3C9CF535420}) (Version: 15.1.1.0170 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}) (Version: 15.01.1500.1034 - Intel Corporation)
iPool (HKLM-x32\...\iPool) (Version: 2.2.03 - Memir Games)
iSnooker 2.2.60 (HKLM-x32\...\isnooker_memir_is1) (Version: 2.2.60 - Memir Games Ltd)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
KeepVid Pro(Build 6.3.2.0) (HKLM-x32\...\KeepVid Pro_is1) (Version: 6.3.2.0 - KeepVid Studio)
LIFEBOOK Application Panel (HKLM\...\{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\SkyDriveSetup.exe) (Version: 17.0.2006.0314 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 70.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-US)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 70.0.1.7242 - Mozilla)
Mp3tag v2.99a (HKLM-x32\...\Mp3tag) (Version: 2.99a - Florian Heidenreich)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{B944FA21-81AF-4A77-8328-CE4F4CC51033}) (Version: 8.10.21 - Nero AG)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{B94515E1-2DD6-11E2-849E-F04DA23A5C58}) (Version: 2.0.515 - Sony)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia Software Updater (HKLM-x32\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia)
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Opera Stable 64.0.3417.92 (HKLM-x32\...\Opera 64.0.3417.92) (Version: 64.0.3417.92 - Opera Software)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PeaZip 5.2.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (HKLM\...\{E1C056BE-ACC9-4FCF-B37D-55A46648B369}) (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.043 - FUJITSU LIMITED)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM-x32\...\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}) (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{e6171278-8759-449d-9e0b-c1825debc2ad}) (Version: 17.0.15.7 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{FBEFDC9E-F8FB-4B66-A78B-09B7B380D59D}) (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RelevantKnowledge (HKLM-x32\...\{d08d9f98-1c78-4704-87e6-368b0023d831}) (Version: - ) <==== ATTENTION
SafeZone Stable 1.48.2066.44 (HKLM-x32\...\SafeZone 1.48.2066.44) (Version: 1.48.2066.44 - Avast Software) Hidden
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.0.1210.11) (Version: 2.0.1210.11 - Solveig Multimedia)
Sound Forge Pro 10.0 (HKLM-x32\...\{8EF5E2B0-2DD1-11E2-89A5-F04DA23A5C58}) (Version: 10.0.507 - Sony)
Spotify (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Spotify) (Version: 1.1.8.439.g8502297d - Spotify AB)
Subtitle Edit 3.4.3 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.3.0 - Nikse)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Unity Web Player (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Video Download Capture version 6.2.8 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.8 - APOWERSOFT LIMITED)
Video Downloader (HKLM-x32\...\{62796191-6F12-4ABE-BA8B-B4D4A266C997}) (Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-7682389-3612777877-391866582-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wondershare Filmora(Build 8.5.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version: - )
ZD Soft Screen Recorder 11.2.0 (HKLM-x32\...\{05289906-8CDE-44FD-9FA5-95866BF511A9}) (Version: 11.2.0.0 - ZD Soft)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-7682389-3612777877-391866582-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vladana\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcloudview.dll [2015-02-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.LAGS] => lagarith.dll
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [179200 2009-01-25] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Vladana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2013-05-18 17:25 - 2013-05-18 17:25 - 001350656 _____ ( ) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNGadgetClass\10d2c6adb5906a1d7bbeb75d2a713c07\PFNGadgetClass.ni.dll
2017-09-02 13:47 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-09-02 13:47 - 2016-10-08 16:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-06-05 02:08 - 2014-05-19 16:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2018-06-05 02:08 - 2014-10-31 15:40 - 001498112 _____ () [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2017-09-02 13:47 - 2017-08-15 09:10 - 000113664 _____ () [File not signed] C:\Program Files (x86)\KeepVid\KeepVid Pro\Tasks.dll
2017-09-02 13:47 - 2017-08-15 09:10 - 000139776 _____ () [File not signed] C:\Program Files (x86)\KeepVid\KeepVid Pro\Utility.dll
2017-09-02 13:46 - 2017-03-10 10:35 - 000758784 _____ () [File not signed] C:\Program Files (x86)\KeepVid\KeepVid Pro\WUL.Core.dll
2017-09-02 13:46 - 2017-03-10 10:35 - 001778688 _____ () [File not signed] C:\Program Files (x86)\KeepVid\KeepVid Pro\WUL.Ctrls.dll
2017-09-02 13:46 - 2017-03-10 10:35 - 000046080 _____ () [File not signed] C:\Program Files (x86)\KeepVid\KeepVid Pro\WUL.Localization.dll
2013-02-20 21:31 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRar\rarext64.dll
2011-12-16 15:37 - 2011-12-16 15:37 - 002437632 _____ (FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNCommon.dll
2011-12-16 15:38 - 2011-12-16 15:38 - 002246144 _____ (FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNDevice.dll
2011-12-22 09:03 - 2011-12-22 09:03 - 002281984 _____ (FUJITSU LIMITED) [File not signed] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNWLAN.dll
2013-05-18 17:25 - 2013-05-18 17:25 - 000421888 _____ (FUJITSU LIMITED) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNLocSet\b7cc59ff84258f2c78492c7ef6c33d6e\PFNLocSet.ni.dll
2013-05-18 17:25 - 2013-05-18 17:25 - 000473088 _____ (FUJITSU LIMITED) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNSwData\9a909070ecd70366e5c577eb52b4bbda\PFNSwData.ni.dll
2012-03-08 12:17 - 2012-03-08 12:17 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-01 10:52 - 2012-03-01 10:52 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2012-03-29 06:37 - 2012-03-29 06:37 - 000498176 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2012-04-17 18:35 - 2012-04-17 18:35 - 000168448 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2012-04-17 18:37 - 2012-04-17 18:37 - 000284160 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2012-04-17 18:36 - 2012-04-17 18:36 - 003280896 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2012-04-17 18:34 - 2012-04-17 18:34 - 000102400 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2012-04-17 18:38 - 2012-04-17 18:38 - 000104448 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2012-04-17 18:37 - 2012-04-17 18:37 - 000054272 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2012-04-17 18:46 - 2012-04-17 18:46 - 000545792 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2012-04-17 18:50 - 2012-04-17 18:50 - 000324608 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2012-04-17 18:43 - 2012-04-17 18:43 - 001051136 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2012-04-17 18:51 - 2012-04-17 18:51 - 000178176 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2012-04-17 18:34 - 2012-04-17 18:34 - 000020992 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2012-04-17 18:45 - 2012-04-17 18:45 - 002463744 _____ (Intel® Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2006-10-26 13:44 - 2006-10-26 13:44 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000247296 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll
2012-06-26 13:08 - 2012-06-26 13:08 - 000026112 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng-us.nlr
2012-06-26 11:58 - 2012-06-26 11:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2012-04-17 17:52 - 2012-04-17 17:52 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2017-09-02 13:47 - 2016-10-08 16:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
2018-06-05 02:08 - 2014-10-31 15:41 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:94A19129 [260]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-11-09 17:42 - 2019-11-09 17:42 - 000002330 ____R C:\Windows\system32\drivers\etc\hosts
0.0.0.0 hss.hsselite.com
0.0.0.0 www.hss.hsselite.com
0.0.0.0 d1v9mrqde8r3oj.cloudfront.net
0.0.0.0 www.d1v9mrqde8r3oj.cloudfront.net
0.0.0.0 api.hsselite.com
0.0.0.0 www.api.hsselite.com
0.0.0.0 hsselite.com/trial/step2.php
0.0.0.0 www.hsselite.com/trial/step2.php
0.0.0.0 anchorfree.com
0.0.0.0 www.anchorfree.com
0.0.0.0 box.anchorfree.net
0.0.0.0 www.box.anchorfree.net
0.0.0.0 rpt.anchorfree.net
0.0.0.0 www.rpt.anchorfree.net
0.0.0.0 123.box.anchorfree.net
0.0.0.0 www.123.box.anchorfree.net
0.0.0.0 anchorfree.us
0.0.0.0 www.anchorfree.us
0.0.0.0 delivery.anchorfree.us/land.php
0.0.0.0 www.delivery.anchorfree.us/land.php
0.0.0.0 rss2search.com
0.0.0.0 www.rss2search.com
0.0.0.0 mefeedia.com
0.0.0.0 www.mefeedia.com
0.0.0.0 a433.com
0.0.0.0 www.a433.com
0.0.0.0 techbrowsing.com
0.0.0.0 www.techbrowsing.com
0.0.0.0 techbrowsing.com/away.php
0.0.0.0 www.techbrowsing.com/away.php
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-7682389-3612777877-391866582-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vladana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RealPlayer Cloud Service => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Vladana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZenMate.bat => C:\Windows\pss\ZenMate.bat.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Vladana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Vladana\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{418A7595-F489-448D-A132-2A9519236EF0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{B0E6337C-DD13-46CD-A572-58359114E70E}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{5B4B9E35-FBA6-4F36-8798-35D35E29E74B}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{B1CC60A0-4651-4E6D-A4FA-32240C388099}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{A0A9A6FA-AE67-4AB9-B612-32D06F124746}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{CE426DDA-632D-4252-8AF5-B3999BF81124}] => (Allow) C:\Users\Vladana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC85982-754B-4DE3-977B-6E479A26C388}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F565ACF8-37C4-4665-A110-386DCCDF81E9}] => (Allow) LPort=2869
FirewallRules: [{BA538C52-47F4-4638-88FB-D4E100881E6A}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{838DFD5B-BE28-4A8A-9D48-591EFEF35AB6}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [UDP Query User{7BCDD032-7F97-4FE8-ADB0-130474CDDD9F}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{DAA4242B-32CB-43E0-B514-40A492583C52}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{87CC937C-627E-4461-A86D-A01FA1D52711}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{787EA532-6389-4D57-8CB4-56ED49F60E38}] => (Allow) C:\Users\Vladana\AppData\Local\ROX Player\roxplayer.exe No File
FirewallRules: [{F0F6824E-F9E8-401C-92A1-52EE1D31841E}] => (Allow) C:\Users\Vladana\AppData\Local\ROX Player\roxplayer.exe No File
FirewallRules: [TCP Query User{BE9D298D-4B00-4F7D-AA02-CE4B8C269C09}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe No File
FirewallRules: [UDP Query User{010D4FEB-5458-4625-B346-3F087D27F4A3}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe No File
FirewallRules: [TCP Query User{DF4734DC-C765-4167-986C-24CF01DB1137}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{E878D949-B0E7-411A-8F5A-335EE806B7C2}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{C1202602-2671-439A-8CF4-FFA06CC539FB}C:\users\vladana\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\vladana\appdata\local\google\chrome\application\chrome.exe No File
FirewallRules: [UDP Query User{3F9714B5-446C-4FD2-91A7-085A9AAF37D8}C:\users\vladana\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\vladana\appdata\local\google\chrome\application\chrome.exe No File
FirewallRules: [TCP Query User{813FD61F-108E-4C8F-8713-5C5C65A07F20}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe No File
FirewallRules: [UDP Query User{94D1C3B8-E5D6-406D-8550-D0FB1A8AFD18}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe No File
FirewallRules: [TCP Query User{EBCB1A48-8CAD-40A0-97C9-A5E7D1969006}C:\users\vladana\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\vladana\appdata\local\popcorn time\node-webkit\popcorn time.exe No File
FirewallRules: [UDP Query User{51B1713E-C3DC-4E9B-8B2E-299D5D7EB37D}C:\users\vladana\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\vladana\appdata\local\popcorn time\node-webkit\popcorn time.exe No File
FirewallRules: [{AD675AD4-8A27-4858-B7BF-64062E576C45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF4764D4-F4A6-4C99-B73E-53F8DE61E6F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{61F7EE47-9BA9-4D47-ADB6-5E48B1DF1F11}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [TCP Query User{9DA426E5-870A-46BA-ACD6-3BECCA6D3981}C:\program files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe No File
FirewallRules: [UDP Query User{E35C77F8-2476-4F58-B62F-633DD6DA4D7B}C:\program files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe No File
FirewallRules: [TCP Query User{64ADE5CF-E0E0-432A-ADCA-107CEF11A830}C:\program files (x86)\java\jre1.8.0_40\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\jp2launcher.exe No File
FirewallRules: [UDP Query User{29E89790-5F1F-403F-9200-85040488F6BF}C:\program files (x86)\java\jre1.8.0_40\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\jp2launcher.exe No File
FirewallRules: [TCP Query User{051C8ED1-8257-4C07-9843-3A321CB1D2B5}C:\program files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe No File
FirewallRules: [UDP Query User{11E9C41A-BB10-4AE0-86A2-D113F4631726}C:\program files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe No File
FirewallRules: [TCP Query User{1028E6BB-11FD-426E-9846-980F150B8359}C:\users\vladana\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vladana\appdata\local\popcorn time\nw.exe No File
FirewallRules: [UDP Query User{131B9741-3987-48AB-97A9-8EB722A5AD2D}C:\users\vladana\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vladana\appdata\local\popcorn time\nw.exe No File
FirewallRules: [{10CC44FD-3D7B-40D9-B4E9-C8B90B3CDA05}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{0F44D93E-8116-4C28-A09E-375525612959}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{DE2D1B1A-A95A-4427-8BD7-97016C528F99}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{023EC48C-AAA6-4832-8DEF-E77068991D61}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{ED5D1E50-0E04-48A8-A0FF-52EBBC8DC18D}] => (Allow) C:\Users\Vladana\AppData\Local\Temp\Andy_46.2_x64\Setup.exe No File
FirewallRules: [{A9B6A8FC-243F-45C5-B45E-B94CA201DFA7}] => (Allow) C:\Program Files\Andy\andy.exe No File
FirewallRules: [{59B2491E-5BF2-4DC5-AE8D-F34BD2AC1230}] => (Allow) C:\Program Files\Andy\andy.exe No File
FirewallRules: [{EF33A6D0-D34B-4630-9AE0-D5B6319C642D}] => (Allow) C:\Program Files\Andy\AndyConsole.exe No File
FirewallRules: [{0C8E4F25-226B-4BC9-BBD0-A6FDD1D99E01}] => (Allow) C:\Program Files\Andy\AndyConsole.exe No File
FirewallRules: [{E5EC7B01-738D-42B0-960C-4051ADBF6E85}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe No File
FirewallRules: [{28B9FA2D-E66B-453A-9DAB-DDB820A60893}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe No File
FirewallRules: [{2F79B4C8-3AFC-4E30-B1B2-EE4203877302}] => (Allow) C:\Users\Vladana\AppData\Local\Temp\Uninstall.exe No File
FirewallRules: [{FEE98E1E-A352-4C6D-A55F-F641B4E69F55}] => (Allow) C:\Users\Vladana\AppData\Local\Temp\Uninstall.exe No File
FirewallRules: [{A16DB9E7-288D-4E5B-BD58-5404E7DED756}] => (Allow) C:\Program Files\Andy\HandyAndy.exe No File
FirewallRules: [{986F830C-A0F0-4829-A1D3-6E209C9346FE}] => (Allow) C:\Program Files\Andy\HandyAndy.exe No File
FirewallRules: [{7AB977CD-EA90-4ECA-865F-E3924B0DEBC6}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{9FDF76F3-5DF0-4A94-B6C4-F6F10388EEDD}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{9E97B312-F759-4491-9B4A-9A7F7BD66B49}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{3B74B220-3059-4A75-949E-50972E487A28}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{187F27A2-9AE2-489B-B927-B8FC03CC268B}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{A9130200-545F-467A-9A36-1B798C073847}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{7F1F91ED-8AE2-4EF5-8A6E-42BCE82D179B}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [{5DEA6D27-54CF-4606-949E-BD3C17E5B786}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe No File
FirewallRules: [TCP Query User{DF58AEE1-F55F-4C53-ADDB-ACE482856AE1}C:\users\vladana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vladana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{872BEA53-323F-4801-81BF-7FFB853B9696}C:\users\vladana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vladana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EB9B601-87D3-4318-8ED9-03D843F1590B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{597233C9-A6EB-4645-8677-888825AFC9CE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{4077A009-74D8-44BE-AD00-C76EEF7EE5BD}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{DAE1B584-4569-4BAB-B953-D64ABABDAAD5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{3B57E49F-50A7-468F-A210-D44AA14F7EE4}C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe] => (Allow) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)
FirewallRules: [UDP Query User{13BD579F-4B71-49B9-9983-2D442B1932E8}C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe] => (Allow) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)
FirewallRules: [{CF745F74-D653-4FD3-8D0D-19E40F7120AE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{AB407DB0-7E44-4FFA-A876-AC39F106ECB0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{6D250D03-52C1-4019-980F-9AC5B16C218B}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{79C5FF69-9C6C-4795-BBBF-8058548DF184}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{C22CAF2C-8CE3-4B0E-B3E7-5A8C676B5F8E}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe No File
FirewallRules: [UDP Query User{DCFA2E94-61CF-4517-A82F-AA51C00BB916}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe No File
FirewallRules: [{9B9900F7-F341-4F67-A222-BA5ADB3D415F}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WShelper.exe No File
FirewallRules: [{C27B1110-1C16-4970-BA34-D7815EC04CD1}] => (Allow) c:\program files (x86)\opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5F4157A8-99BC-42D7-9E0B-83BC577FB74E}] => (Allow) c:\program files (x86)\opera\64.0.3417.92\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E312F188-3203-4E00-8BD8-6B9B54F77B8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
16-11-2019 17:22:21 Removed Betternet for Windows 5.3.0.433
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/18/2019 06:33:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/18/2019 06:30:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (11/17/2019 06:59:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/17/2019 06:56:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (11/16/2019 05:45:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.WebAppHost.exe, version: 2.26.1.17471, time stamp: 0x5d1b0ae0
Faulting module name: KERNELBASE.dll, version: 6.1.7600.17206, time stamp: 0x50e669a2
Exception code: 0xe0434352
Fault offset: 0x000000000000ac3d
Faulting process id: 0x1384
Faulting application start time: 0x01d59c9d496b5e25
Faulting application path: C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 87d7a1fc-0890-11ea-992a-2cd44493347b
Error: (11/16/2019 05:45:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.WebAppHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.InternalCreateDirectory(System.String, System.String, System.Object, Boolean)
at System.IO.Directory.InternalCreateDirectoryHelper(System.String, Boolean)
at Avira.VPN.Core.Win.XmlStorage.EnsureFileExists(System.String)
at Avira.VPN.Core.Win.ProductSettings.get_ClientId()
at Avira.VPN.Core.Win.GeneratedDeviceInfo.GetClientId()
at Avira.VPN.Core.Win.Logger.SetDefaultInstance(System.String)
at Avira.WebAppHost.Program.Main(System.String[])
Error: (11/16/2019 05:45:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.VpnService.exe, version: 2.26.1.17464, time stamp: 0x5d1b0ad1
Faulting module name: KERNELBASE.dll, version: 6.1.7600.17206, time stamp: 0x50e669a2
Exception code: 0xe0434352
Fault offset: 0x000000000000ac3d
Faulting process id: 0x410
Faulting application start time: 0x01d59c9d3e008838
Faulting application path: C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 7c39111e-0890-11ea-992a-2cd44493347b
Error: (11/16/2019 05:45:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.VpnService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.InternalCreateDirectory(System.String, System.String, System.Object, Boolean)
at System.IO.Directory.InternalCreateDirectoryHelper(System.String, Boolean)
at Avira.VPN.Core.Win.XmlStorage.EnsureFileExists(System.String)
at Avira.VPN.Core.Win.ProductSettings.get_ClientId()
at Avira.VPN.Core.Win.GeneratedDeviceInfo.GetClientId()
at Avira.VPN.Core.Win.Logger.SetDefaultInstance(System.String)
at Avira.VpnService.Program.Main(System.String[])
System errors:
=============
Error: (11/18/2019 02:02:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (11/18/2019 01:55:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/18/2019 01:55:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hotspot Shield Service service to connect.
Error: (11/18/2019 01:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/18/2019 01:55:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.
Error: (11/17/2019 12:22:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (11/17/2019 12:16:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/17/2019 12:16:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hotspot Shield Service service to connect.
CodeIntegrity:
===================================
Date: 2019-11-18 14:50:24.854
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 14:42:32.679
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 14:17:39.679
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 13:59:29.956
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 13:52:56.204
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 13:40:37.935
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 13:22:57.872
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-11-18 11:49:09.688
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.08 10/02/2012
Motherboard: FUJITSU FJNBB29
Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 96%
Total physical RAM: 3447.63 MB
Available physical RAM: 117.55 MB
Total Virtual: 6893.39 MB
Available Virtual: 2494.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:18.94 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:368.1 GB) (Free:203.89 GB) NTFS
\\?\Volume{da4eedc3-7be1-11e2-8ac3-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EB90EB90)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================