Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Daniel M. Burkus (15-05-2020 17:38:08)
Running from C:\Users\Daniel M. Burkus\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2019-07-03 19:20:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2181456502-4158230203-1033552464-500 - Administrator - Disabled)
Daniel M. Burkus (S-1-5-21-2181456502-4158230203-1033552464-1000 - Administrator - Enabled) => C:\Users\Daniel M. Burkus
Guest (S-1-5-21-2181456502-4158230203-1033552464-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2181456502-4158230203-1033552464-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.120.0.1081 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CloneSpy 3.42 - 64 bit (HKLM\...\CloneSpy) (Version: 3.42 - The CloneSpy Team)
CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.38.7312 - FreeDownloadManager.ORG)
Free Excel Viewer V2 (HKLM-x32\...\Free Excel Viewer_is1) (Version: - hxxps://www.PDFZilla.com/free-excel-viewer.html/free-excel-viewer.html)
FVD Downloader Module (HKLM-x32\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.49.5311 - GOM & Company)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.2 (HKLM-x32\...\HandBrake) (Version: 1.3.2 - )
Hangul 2002 SE (HKLM-x32\...\{CECBC29F-6D3A-4ED6-A686-7220EF9B69CC}) (Version: 5.7.5.3007 - Haansoft)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 3.1.2.2472 - Kakao Corp.)
K-Lite Mega Codec Pack 15.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.4 - KLCP)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MKVToolNix 46.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 46.0.0 - Moritz Bunkus)
Movavi Video Suite 2020 (HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\Movavi Video Suite 2020) (Version: 20.0.0 - Movavi)
Mozilla Firefox 76.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 76.0.1 (x64 en-US)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
Nero Burning ROM 2014 (HKLM-x32\...\{B0E4ACBC-4CFA-4B6D-9B7B-E13C171BCC23}) (Version: 15.0.05300 - Nero AG)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
PicosmosTools 2.4.0.1 (HKLM-x32\...\PicosmosTools) (Version: 2.4.0.1 - Free Time)
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 14.4.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.4.2.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1048 - SUPERAntiSpyware.com)
TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\PicosmosTools\ShellEx64_102.dll [2019-08-06] (Free Time) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-21] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Daniel M. Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CloneSpy\Website.lnk -> hxxp://www.clonespy.com
==================== Loaded Modules (Whitelisted) =============
2020-01-13 02:33 - 2020-01-13 02:33 - 001506304 _____ () [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\libass.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 012242432 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 001825792 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 002158592 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 000485376 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2019-07-08 14:53 - 2017-04-13 11:46 - 069740544 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2019-07-08 14:53 - 2018-05-15 06:32 - 000015360 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2019-07-08 14:53 - 2018-05-15 06:32 - 002521088 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 000138752 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 000662016 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2019-07-15 15:36 - 2012-07-21 03:55 - 000180736 _____ (fccHandler) [File not signed] C:\Windows\system32\ac3acm.acm
2020-01-13 02:33 - 2020-01-13 02:33 - 014108592 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\avcodec-gp-57.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 004189666 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\avformat-gp-57.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 001515893 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\avutil-gp-55.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 000608575 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\swresample-gp-2.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 001089978 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\swscale-gp-4.dll
2019-07-08 14:52 - 2019-01-30 21:59 - 000436224 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2019-07-08 14:52 - 2019-01-30 21:59 - 000110080 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\mediahelper.dll
2019-07-08 14:52 - 2019-01-30 21:59 - 000676864 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\wba.dll
2020-01-13 02:32 - 2020-01-13 02:32 - 000177152 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\CrashDumpCollector.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 000119808 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\GifMaker.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 003296768 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\Subtitle.dll
2020-01-13 02:33 - 2020-01-13 02:33 - 001310720 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\gaf.ax
2020-01-13 02:33 - 2020-01-13 02:33 - 001943040 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\grfu.ax
2020-01-13 02:32 - 2020-01-13 02:32 - 003599872 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\gvf.ax
2020-01-13 02:33 - 2020-01-13 02:33 - 004131328 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GRETECH\GOMPlayer\modules\MediaSource.ax
2019-07-08 14:53 - 2017-04-13 11:42 - 001712640 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\LIBEAY32.dll
2019-07-08 14:53 - 2017-04-13 11:42 - 000351744 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\SSLEAY32.dll
2019-07-08 14:53 - 2018-05-15 06:39 - 000049152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\bearer\qgenericbearer.dll
2019-07-08 14:53 - 2018-05-15 06:38 - 000032768 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qgif.dll
2019-07-08 14:53 - 2018-05-15 06:48 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qicns.dll
2019-07-08 14:53 - 2018-05-15 06:38 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qico.dll
2019-07-08 14:53 - 2018-05-15 06:39 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qjpeg.dll
2019-07-08 14:53 - 2018-05-15 06:48 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qtga.dll
2019-07-08 14:53 - 2018-05-15 06:48 - 000371712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qtiff.dll
2019-07-08 14:53 - 2018-05-15 06:48 - 000024064 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qwbmp.dll
2019-07-08 14:53 - 2018-05-15 06:48 - 000478720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qwebp.dll
2019-07-08 14:53 - 2018-05-15 06:40 - 001439744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\platforms\qwindows.dll
2019-07-08 14:52 - 2019-01-30 22:01 - 005938176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2019-07-08 14:53 - 2018-05-15 06:35 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2019-07-08 14:53 - 2018-05-15 06:35 - 001256960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2019-07-08 14:53 - 2018-05-15 06:33 - 000207360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2019-07-08 14:53 - 2018-05-15 06:38 - 005515264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2019-07-08 14:53 - 2018-05-15 06:39 - 001121280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\sqldrivers\qsqlite.dll
2019-07-08 14:53 - 2018-05-15 06:39 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\styles\qwindowsvistastyle.dll
2019-07-15 15:36 - 2019-12-19 07:58 - 001805824 _____ (xy-VSFilter Team) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub\vsfilter.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27177577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27177577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com ->
www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com ->
www.123simsen.com
There are 7941 more sites.
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\...\123simsen.com ->
www.123simsen.com
There are 7941 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2020-05-12 19:50 - 016583274 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2181456502-4158230203-1033552464-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel M. Burkus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 210.220.163.82 - 219.250.36.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8AFFE4A-5BB0-4990-87BC-A1E759E70F4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8CD5A309-B013-42E5-B680-5C452CAC6B84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4BE02C49-572C-4BF4-9028-42BD9A4D1672}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{A551BA96-4373-46D6-911D-5F0279B2A6D0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{7F1AD1DC-41EF-459F-8070-0AD12BD4645B}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{4820D31C-8A0D-4EC8-B995-1E0497012F83}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [TCP Query User{3F8BF312-92B5-4724-9EB1-14DB380A2980}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [UDP Query User{A5DC9F4F-FD05-4E99-95DC-2F8B702A495E}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{69A73AAE-629C-41EA-B015-3BEE21D4C02A}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
14-05-2020 00:14:50 Windows Update
==================== Faulty Device Manager Devices ============
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/14/2020 07:28:00 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/14/2020 07:28:00 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/14/2020 07:28:00 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/14/2020 07:28:00 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (05/14/2020 07:28:00 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/14/2020 07:27:59 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/14/2020 07:27:59 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/14/2020 07:27:59 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (05/15/2020 12:03:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Foxit Reader Update Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/15/2020 11:12:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/15/2020 11:09:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/15/2020 11:07:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/15/2020 11:07:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/15/2020 08:37:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/15/2020 08:37:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/14/2020 10:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Windows Defender:
===================================
Date: 2020-03-11 17:43:34.032
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{64DA1F07-B4C0-4677-BC34-84380A8B3D3D}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2020-03-11 17:43:11.896
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{E200BA57-4726-4E2F-801F-5A64553AA45C}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2019-10-05 08:41:27.803
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{85B61DC9-54EB-4985-A95D-428D49299793}
Scan Type:AntiSpyware
Scan Parameters:Full Scan
Date: 2019-10-05 08:07:13.543
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{854549B5-C4CF-4CDD-B2E4-62F03B6A53EA}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2019-07-26 20:31:55.726
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0
==================== Memory info ===========================
BIOS: SAMSUNG ELECTRONICS CO.,LTD 09JS 02/16/2012
Motherboard: SAMSUNG ELECTRONICS CO.,LTD Samsung DeskTop System
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz
Percentage of memory in use: 96%
Total physical RAM: 4006.48 MB
Available physical RAM: 122 MB
Total Virtual: 8011.11 MB
Available Virtual: 3099.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:28.71 GB) NTFS
Drive d: (D-drive) (Fixed) (Total:465.76 GB) (Free:34.05 GB) NTFS
Drive f: (EasySuitecc) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{9d32bbca-9dc6-11e9-814b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 368B3D91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4867EFF2)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================