Closed/Inactive Can't Open Certain .exe

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
Hi, for example i have two pretty much the same exe files. (except for the size) It's 2 patches for a game (first of 300mb, second of 6mb).
The first i can open, the second i cant due to 0xc000006 error. So if a program (mostly games) can't be opened because of 0xc000006 error i rename them to .bat and it sometimes helps. what could be the cause ?
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
==============================================================

Download EXE Fix
Save it to your desktop.
Unzip it there.
Right click the registry file.
Then select merge.
Accept any prompts.
Reboot your machine.
Let us know how this works for you.

=========================================================

After the reboot, download the attached R-kill file.
Save it to your desktop.
Unzip it there.
Right click run as Admin.
Post the log created.
 

Attachments

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
==============================================================

Download EXE Fix
Save it to your desktop.
Unzip it there.
Right click the registry file.
Then select merge.
Accept any prompts.
Reboot your machine.
Let us know how this works for you.

=========================================================

After the reboot, download the attached R-kill file.
Save it to your desktop.
Unzip it there.
Right click run as Admin.
Post the log created.
It says
==============================================================

Download EXE Fix
Save it to your desktop.
Unzip it there.
Right click the registry file.
Then select merge.
Accept any prompts.
Reboot your machine.
Let us know how this works for you.

=========================================================

After the reboot, download the attached R-kill file.
Save it to your desktop.
Unzip it there.
Right click run as Admin.
Post the log created.
sorry i didn't even know i posted that ... i cant open that regedit file, its says something like(roughly in english) "cannot import : cannot succesfully import all data, some keys are opened by system or other processes." i tried reboot and do that again , same result
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
ZHP Diag Scan Click here to download.


1. Right Click Run as Admin.

2. Click the Options button.

Click on Check All
Then Click Validate
Then click close.






2. Click the Scanner button.






When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
Post the log from R-Kill and the Zhp Diag program. I am headed out for some food, I will be back to look at this thread later. :)
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
after opening ZHP it just sits in the tray doin nothing.
this is from Rkill
Rkill 2.9.1 by Lawrence Abrams (Grinler)

Copyright 2008-2019 BleepingComputer.com
More Information about Rkill can be found at this link:


Program started at: 07/28/2019 06:39:21 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\rpcnetp.exe (PID: 2480) [WD-HEUR]
* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 5024) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 07/28/2019 06:47:05 PM
Execution time: 0 hours(s), 7 minute(s), and 43 seconds(s)
 
Last edited by a moderator:

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

icon2.jpg


If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

frst disclaimer.jpg



  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
frst.jpg


Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

2016-08-12_152002.jpg


Please Copy and Paste the contents of these logs in your next post for review by our Security Team
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

icon2.jpg


If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

frst disclaimer.jpg



  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
frst.jpg


Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

2016-08-12_152002.jpg


Please Copy and Paste the contents of these logs in your next post for review by our Security Team
link says "sorry we could not find that" i'll get it from here and post logs (hopefuly) https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
yes, that is fine.........

This is a more in depth scanner


Download Quick Diag to your desktop.
Very Important!! -- Make sure program is on your desktop.
Disable your Antivirus/Antispyware prior to scanning.
Right Click Run as Administrator.
Select the Quick Scan.









Post the log that is generated in your next post.
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
Additional.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Reed (29-07-2019 06:41:14)
Running from C:\Users\Reed\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-03 12:02:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

948C0E24B46E49D0BB35 (S-1-5-21-3705052320-4263949473-626607969-1020 - Limited - Enabled)
Administrator (S-1-5-21-3705052320-4263949473-626607969-500 - Administrator - Disabled)
Guest (S-1-5-21-3705052320-4263949473-626607969-501 - Limited - Disabled)
Reed (S-1-5-21-3705052320-4263949473-626607969-1001 - Administrator - Enabled) => C:\Users\Reed

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
3GP Player 1.1.5 (HKLM-x32\...\3GP Player_is1) (Version: - Bobabo)
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: - )
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Brackets (HKLM-x32\...\{9E1DE4E6-DA6C-46E9-9EF2-15189E534511}) (Version: 1.11 - brackets.io)
Budík (HKLM-x32\...\{762BC342-BEB1-42D4-BE99-C096189484FA}_is1) (Version: 1511250 - Ondřej Cenek)
C++ to C# Converter (HKLM-x32\...\C++ to C# Converter_is1) (Version: - Tangible Software Solutions)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Croc (HKLM-x32\...\Croc) (Version: - )
Croc 2 (HKLM-x32\...\Croc 2) (Version: - )
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dopefish Screen Saver v1.00 (HKLM-x32\...\ST5UNST #1) (Version: - )
Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.7.0 Beta - Alexandre Devilliers (aka Elbereth))
Driver Easy 5.6.12 (HKLM\...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EditPlus (64 bit) (HKLM\...\EditPlus) (Version: - ES-Computing)
EditPlus (HKLM-x32\...\EditPlus) (Version: - ES-Computing)
Epic Games Launcher (HKLM-x32\...\{50CBA62D-4E71-47DE-B37B-0C36DD9121DE}) (Version: 1.1.47.0 - Epic Games, Inc.)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
FOMM 0.14.14.5 (HKLM-x32\...\{072C2AEF-16B2-46B7-BA7F-D0CAA7B4F89F}_is1) (Version: - niveuseverto)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free 3GP Player (HKLM-x32\...\{5D6999FF-7382-45ED-8893-4EB33DC6701B}_is1) (Version: - free3gpplayer.com)
Free Audio Recorder 6.6.6.a (HKLM-x32\...\EE9C4A93-0E83-4C66-9802-5DC13C189C12_is1) (Version: - Accmeware Corporation)
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Freelang (HKLM-x32\...\{0F44DC3F-6E62-4AB1-A14B-56223C512F9B}_is1) (Version: 4.3.0.0 - Freelang.net)
Freelang (HKLM-x32\...\{A09E2D66-B931-415C-A9DE-FF030AB5AD77}_is1) (Version: - Freelang)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GreenBrowser (HKLM-x32\...\GreenBrowser_is1) (Version: - MoreQuick.com)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
HiAlgo BOOST 5.0 (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\HiAlgoBOOST) (Version: 5.0 - HiAlgo Inc.)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{7F104712-BE1D-4359-B8EA-8003E9721001}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{99A768BB-C508-44E5-AE78-72ABE55728CF}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
KH Ultra Trainer (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\4f344c4511ef18b2) (Version: 0.1.0.64 - KongHack)
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MediaPlayerLite 0.5.4.0 (HKLM-x32\...\MediaPlayerLite) (Version: 0.5.4.0 - MediaPlayerLite)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1095.110 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mono for Windows (x86) (HKLM-x32\...\{E504EC8B-E776-470E-A3A4-B260D1586D93}) (Version: 4.6.0 - Xamarin, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 268.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 268.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.74 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA Systémový software PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.5.3 (HKLM-x32\...\OpenTTD) (Version: 1.5.3 - OpenTTD)
Opera Stable 62.0.3331.72 (HKLM-x32\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Ovládací panel NVIDIA 268.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 268.74 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Primal Rage, CD-ROM (DOS, 1995) (HKLM-x32\...\{4977027D-598F-4BB0-8EF3-AFD7A36F83ED}_is1) (Version: 2.0 - DJ OldGames)
Programmer's Notepad (HKLM-x32\...\{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1) (Version: 2.4.2.1440 - Simon Steele)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.6.3 (32-bit) (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 (32-bit) (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\{24ac8299-2abd-4ddd-8be3-031debb6093c}) (Version: 3.7.3150.0 - Python Software Foundation)
Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32\...\{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Development Libraries (32-bit) (HKLM-x32\...\{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Documentation (32-bit) (HKLM-x32\...\{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Executables (32-bit) (HKLM-x32\...\{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32\...\{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Standard Library (32-bit) (HKLM-x32\...\{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Test Suite (32-bit) (HKLM-x32\...\{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32\...\{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Registry Repair 5.0.1.102 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.102 - Glarysoft Ltd)
Rex (HKLM-x32\...\Rex) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Soldier of Fortune Platinum (HKLM-x32\...\Soldier of Fortune Platinum) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SunsetScreen (HKLM\...\{155DF28A-39B0-4447-BA5F-4347AC6A3197}) (Version: - Skytopia)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Syncrosoft License Control (HKLM-x32\...\Syncrosoft License Control) (Version: - SIA Syncrosoft)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TechnoMage Demo (HKLM-x32\...\TechnoMage Demo) (Version: - )
TexturePacker (HKLM\...\{2C3FE65C-210B-46BF-B18B-1734A0DAD96A}) (Version: 4.12.0 - code-and-web.de)
Visual Studio Community 2017 (HKLM-x32\...\1713fff5) (Version: 15.9.28307.222 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Voxengo OldSkoolVerb (HKLM\...\Voxengo OldSkoolVerb_is1) (Version: 2.4.1 - Voxengo)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.6137 - WinISO Computing Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.3.5.138 - Solvusoft) <==== ATTENTION // I COULD NOT FIND THIS FILE IN PC, WHAT I COULD FIND I DELETED. * I USE "EVERYTHING" *- PROGRAM FOR FINDING STUFF IN PC
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
Xamarin Studio 5.10.1 (HKLM-x32\...\{17969BFA-DC59-4F0F-8381-9D5FD8E29DDD}) (Version: 5.10.1.6 - Xamarin)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\ChromeHTML: -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\75.0.3770.142\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender2\BlendThumb64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB -> Axantum Software AB)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2016-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => -> No File
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB -> Axantum Software AB)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Reed\Desktop\C++ to C# Converter.bat – zástupce.lnk -> C:\Program Files\Tangible Software Solutions\CPlusPlus to CSharp Converter\C++ to C# Converter.bat (Tangible Software Solutions, Inc.)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\chrome.bat – zástupce.lnk -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.bat (Google Inc.)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\SunsetScreen.bat – zástupce.lnk -> C:\Program Files (x86)\SunsetScreen\SunsetScreen.bat (Daniel White)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\SystemExplorer.bat – zástupce.lnk -> C:\Program Files (x86)\System Explorer\SystemExplorer.bat (No File)

ShortcutWithArgument: C:\Users\Reed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl

==================== Loaded Modules (Whitelisted) ==============

2010-04-01 04:55 - 2010-04-01 04:55 - 000221184 _____ ( ) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2010-04-03 05:21 - 2008-10-01 09:08 - 000011264 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-09-24 02:53 - 2010-09-24 02:53 - 001601536 _____ () [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2017-04-01 22:13 - 2019-07-28 20:44 - 000017920 _____ () [File not signed] C:\Windows\System32\rpcnetp.exe
2016-09-01 11:41 - 2016-09-01 11:41 - 051501568 _____ () [File not signed] D:\Program files\Unity\Editor\libcef.dll
2016-09-01 11:41 - 2016-09-01 11:41 - 000167936 _____ () [File not signed] D:\Program files\Unity\Editor\libegl.dll
2016-09-01 11:41 - 2016-09-01 11:41 - 001753600 _____ () [File not signed] D:\Program files\Unity\Editor\libglesv2.dll
2016-09-01 11:13 - 2016-09-01 11:13 - 001922560 _____ () [File not signed] D:\Program files\Unity\Editor\LIBPQ.dll
2016-09-01 11:14 - 2016-09-01 11:14 - 000921088 _____ () [File not signed] D:\Program files\Unity\Editor\TextureConverter.dll
2016-09-01 11:14 - 2016-09-01 11:14 - 001488384 _____ () [File not signed] D:\Program files\Unity\Editor\umbraoptimizer64.dll
2016-09-01 11:41 - 2016-09-01 11:41 - 000285696 _____ () [File not signed] D:\Program files\Unity\Editor\UnityHelper.exe
2004-05-28 04:13 - 2004-05-28 04:13 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2011-03-21 10:07 - 2011-03-21 10:07 - 000361984 _____ (Alcor Micro Corp.) [File not signed] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
2012-01-12 20:21 - 2010-10-06 06:43 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2005-04-08 07:38 - 2006-10-10 05:15 - 000011264 _____ (ASUSTeK) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
2005-06-03 11:39 - 2006-09-12 02:46 - 000035840 _____ (ASUSTek) [File not signed] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
2012-01-12 20:38 - 2006-10-10 05:07 - 000183296 _____ (ASUSTeK) [File not signed] C:\Windows\SysWOW64\ACEngSvr.exe
2011-03-13 20:58 - 2011-03-13 20:58 - 000074912 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
2011-03-13 20:58 - 2011-03-13 20:58 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-03-13 20:58 - 2011-03-13 20:58 - 000315552 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2011-03-13 20:59 - 2011-03-13 20:59 - 000138400 _____ (Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2005-09-22 03:30 - 2005-09-22 03:30 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2011-05-25 09:09 - 2011-05-25 09:09 - 000227840 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-07-28 10:48 - 2011-07-28 10:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 11:37 - 2011-07-29 11:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2016-09-01 11:15 - 2016-09-01 11:15 - 002790400 _____ (FreeImage) [File not signed] D:\Program files\Unity\Editor\FreeImage.dll
2012-01-12 20:21 - 2010-10-06 06:38 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-01-15 01:41 - 2011-01-15 01:41 - 001839616 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
2015-12-12 00:07 - 2015-12-12 00:07 - 001062400 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCP80.dll
2015-12-12 00:07 - 2015-12-12 00:07 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2012-07-06 19:42 - 2012-07-06 19:42 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2015-12-12 00:06 - 2015-12-12 00:06 - 000548864 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCP80.dll
2015-12-12 00:06 - 2015-12-12 00:06 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2012-07-06 19:43 - 2012-07-06 19:43 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-05-18 01:23 - 2012-05-18 01:23 - 002938880 _____ (PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
2005-01-13 10:36 - 2005-01-13 10:36 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2009-10-29 03:41 - 2009-10-29 03:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2016-09-01 11:40 - 2016-09-01 11:40 - 002606592 _____ (Unity Technologies) [File not signed] D:\Program files\Unity\Editor\Data\Mono\EmbedRuntime\mono.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\.rdata:X [128]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2 [124]
AlternateDataStreams: C:\ProgramData\Temp:5216CD26 [268]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:77846FFE [140]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119]
AlternateDataStreams: C:\ProgramData\Temp:8AD1F2E0 [116]
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63 [125]
AlternateDataStreams: C:\ProgramData\Temp:FB6A21E3 [214]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


2019-06-14 17:49 - 2019-07-29 06:28 - 000000432 _____ C:\Windows\system32\drivers\etc\hosts.ics

10.5.49.232 Reed-PC.mshome.net # 2024 7 6 27 4 28 43 339

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\backburner\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.5.50.1 - 77.104.250.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Autodesk Licensing Service => 2
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Discord => C:\Users\Reed\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13D109FD-9785-4CDB-9999-C718FD0C6128}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FA6CD2B-E5B3-40B9-904B-498FDFB5B0DD}] => (Allow) LPort=2869
FirewallRules: [{BE4F4636-8314-4F0B-8748-702AF44E6B57}] => (Allow) LPort=1900
FirewallRules: [{BA728B4A-BE4B-4C89-9928-6E17DAE5D7CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55A90296-D690-46AF-9E66-1C2971C93581}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{838871E8-9EA2-47AD-A256-AA7D64415396}C:\users\winamp\winamp.exe] => (Allow) C:\users\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{F4BACF3A-AF54-4332-845C-5065F65E15BD}C:\users\winamp\winamp.exe] => (Allow) C:\users\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{46721C3B-D9EC-408A-A7CF-089EF48A98B7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{67171BA8-0C61-46CC-8FD5-833CB32128D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{4D34563F-838D-43E6-921F-F18009762554}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1EDFD3E7-B059-4830-81BE-C95A0983D015}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8C84B41F-6506-4495-A481-905340D44C7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D30DBE4D-EACE-407D-BAFD-5F067FB7002A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{EF66DCBE-E49E-49A0-A08B-B04C6B838132}C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe] => (Block) C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe (Force Project X) [File not signed]
FirewallRules: [UDP Query User{A451BE03-114A-413F-BA41-F4E6058C6D77}C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe] => (Block) C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe (Force Project X) [File not signed]
FirewallRules: [{28C38595-8C92-4B52-9C1C-AF29F2B8477C}] => (Allow) C:\Users\Reed\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{B3A1B571-60B9-4A69-9BAB-4DD4B7D377CC}] => (Allow) C:\Users\Reed\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{D6ABD98B-C5AD-42A4-9901-C3FD692A0E09}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [UDP Query User{A3F72D15-A548-4367-8455-1B465AD4DC68}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [TCP Query User{2C568322-BD32-4C36-9A9A-78A5B2D6B149}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{275D58BA-7C21-4F42-AF82-F48AA405E987}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [{C870E144-BFC1-4CAF-AFE4-CEF1A2ACB467}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5F609C9E-A1DF-43E5-A0EE-0660A5B4D3BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{14D6D3D9-19B0-4486-958E-6D834DD54146}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9B037AC9-6A4D-4CC4-B690-A93C37744C3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{3C406968-DA62-4BF1-ADD0-0A41EDD8F528}D:\project reality\project reality bf2\prbf2.exe] => (Allow) D:\project reality\project reality bf2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [UDP Query User{A96B68A8-F4A4-404C-8DAD-168E0601EC4B}D:\project reality\project reality bf2\prbf2.exe] => (Allow) D:\project reality\project reality bf2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [TCP Query User{24B633D4-8FF5-40C3-B2CE-E851AA7B9344}C:\users\reed\appdata\local\google\chrome\application\chrome.bat] => (Block) C:\users\reed\appdata\local\google\chrome\application\chrome.bat (Google Inc -> Google Inc.)
FirewallRules: [UDP Query User{2A8C5E1A-C2E9-4AD9-8438-C293BCC8124F}C:\users\reed\appdata\local\google\chrome\application\chrome.bat] => (Block) C:\users\reed\appdata\local\google\chrome\application\chrome.bat (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{73516546-34AF-406D-8ADC-0FEEDF89A6BA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4D010F15-B9C2-4F5E-9CE5-7D8A96E8EF07}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{2F1583AA-C21D-4968-A5E6-DF4DE4731020}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{E934CC45-E9A6-40A7-BFB9-66A5F614D82B}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{5905740E-8240-4027-93C6-92A4031E71D5}C:\users\reed\documents\summer fires\summerdebug.exe] => (Allow) C:\users\reed\documents\summer fires\summerdebug.exe () [File not signed]
FirewallRules: [UDP Query User{4541C0CE-2F65-40C9-BBCD-5058F96728B1}C:\users\reed\documents\summer fires\summerdebug.exe] => (Allow) C:\users\reed\documents\summer fires\summerdebug.exe () [File not signed]
FirewallRules: [TCP Query User{DB0B4F5B-7B52-456E-835A-CAB2038D55EC}C:\users\reed\documents\suma sumarum\suamrumd.exe] => (Allow) C:\users\reed\documents\suma sumarum\suamrumd.exe () [File not signed]
FirewallRules: [UDP Query User{83D3C9B1-C04E-47DF-9450-210D1478C001}C:\users\reed\documents\suma sumarum\suamrumd.exe] => (Allow) C:\users\reed\documents\suma sumarum\suamrumd.exe () [File not signed]
FirewallRules: [TCP Query User{C0620B27-74AB-43B2-958E-174B8D2139F8}C:\programdata\oracle\java\javapath_target_948033\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_948033\javaw.exe
FirewallRules: [UDP Query User{38D31849-585F-4144-950D-5178CA6C0100}C:\programdata\oracle\java\javapath_target_948033\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_948033\javaw.exe
FirewallRules: [{5142E19D-8E58-4348-8046-482C20F7AB0E}] => (Allow) F:\SiSoftware\SiSoftware Sandra Lite Titanium.SP2\WNt600x64\RpcSandraSrv.exe No File
FirewallRules: [TCP Query User{A9347348-8DC9-469C-BBBF-0B19E31F05A6}C:\users\reed\documents\inventory\inventory try.exe] => (Allow) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [UDP Query User{719364A1-C500-41D0-BE3F-B5EFD570103C}C:\users\reed\documents\inventory\inventory try.exe] => (Allow) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{61FAD62B-4769-4D6D-ABFB-164499FCC763}] => (Block) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{881B41BC-4D61-4FB9-A960-3ACC51F562C4}] => (Block) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{363E1A15-7E18-40F5-99A7-509AE5955A66}] => (Allow) D:\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [{76B2996A-9F14-4526-9E26-03B3D5ABDC90}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{2CA39F43-7A29-43E3-9B03-3FF63B07D142}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{CDF056CC-87F1-45E5-BF3F-5BF9D431233A}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [TCP Query User{A8AB9964-C177-4466-B8A1-2A4831FD7D39}C:\users\reed\documents\dum dum\power the rush ultra phantom.exe] => (Allow) C:\users\reed\documents\dum dum\power the rush ultra phantom.exe () [File not signed]
FirewallRules: [UDP Query User{30DF4C03-C7B1-4240-A0D2-FE1C6F5A3C77}C:\users\reed\documents\dum dum\power the rush ultra phantom.exe] => (Allow) C:\users\reed\documents\dum dum\power the rush ultra phantom.exe () [File not signed]
FirewallRules: [TCP Query User{56362B29-67D8-437B-8B21-732ED5C8407F}C:\users\reed\documents\inv 2\j3.debug2.exe] => (Allow) C:\users\reed\documents\inv 2\j3.debug2.exe () [File not signed]
FirewallRules: [UDP Query User{2F4FFEE9-AECE-4462-8D58-A2478D44898B}C:\users\reed\documents\inv 2\j3.debug2.exe] => (Allow) C:\users\reed\documents\inv 2\j3.debug2.exe () [File not signed]
FirewallRules: [TCP Query User{2CBA7713-1C83-4D6C-8249-7AC1184E90AE}C:\users\reed\desktop\j3.debug try fix.exe] => (Allow) C:\users\reed\desktop\j3.debug try fix.exe () [File not signed]
FirewallRules: [UDP Query User{5F5ACCCF-A7C7-4BF2-A073-52FBB14E21D9}C:\users\reed\desktop\j3.debug try fix.exe] => (Allow) C:\users\reed\desktop\j3.debug try fix.exe () [File not signed]
FirewallRules: [TCP Query User{D6C43DCF-C233-4D7A-A968-A001AEF9A921}C:\users\reed\desktop\j3.debug try fix newest.exe] => (Block) C:\users\reed\desktop\j3.debug try fix newest.exe () [File not signed]
FirewallRules: [UDP Query User{885C0423-3C29-43DB-A6B8-AC9963AB867E}C:\users\reed\desktop\j3.debug try fix newest.exe] => (Block) C:\users\reed\desktop\j3.debug try fix newest.exe () [File not signed]
FirewallRules: [TCP Query User{08C12139-0F21-40E1-A50D-AF875D256EE6}C:\users\reed\desktop\hry\ttd\openttd.exe] => (Allow) C:\users\reed\desktop\hry\ttd\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [UDP Query User{893D12BE-374C-43A6-9566-79D8EA753887}C:\users\reed\desktop\hry\ttd\openttd.exe] => (Allow) C:\users\reed\desktop\hry\ttd\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [TCP Query User{85BE4F5A-D67D-4816-ACFE-DD2D81CA14FD}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS) [File not signed]
FirewallRules: [UDP Query User{81B0848D-FE6C-4E6E-9222-2F0DC75860F9}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{65957DB8-0DD5-498B-9EA6-76722E302BB9}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{CF986076-AC79-4FAE-AADC-2AD8528A4120}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [TCP Query User{4701F919-D2D2-45DF-8931-7F2D05E33D41}C:\users\reed\documents\secret fps multiplayer\cross develop.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop.exe () [File not signed]
FirewallRules: [UDP Query User{F5CA34E8-5B6A-4207-ADD4-90B62F62220F}C:\users\reed\documents\secret fps multiplayer\cross develop.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop.exe () [File not signed]
FirewallRules: [TCP Query User{197A6FD7-F657-433A-A95B-81B557BEFEEC}C:\users\reed\documents\secret fps multiplayer\cross develop2.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop2.exe () [File not signed]
FirewallRules: [UDP Query User{0B766C98-D3A7-496A-924F-A2803AAFB9E9}C:\users\reed\documents\secret fps multiplayer\cross develop2.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop2.exe () [File not signed]
FirewallRules: [{19CDB09B-2E91-4C3D-B288-AB4DC8281CF4}] => (Allow) C:\Program Files\Opera\62.0.3331.43\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{18CAACE7-DAFA-48B2-8C79-025D880BDE1A}C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe
FirewallRules: [UDP Query User{FBAA63F3-A383-473D-A4AC-BA968A2370E3}C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe
FirewallRules: [{E82F537F-E8B9-46A5-964F-D25E2910689C}] => (Allow) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B60DE95-6721-487E-8045-F26AE442AD71}] => (Allow) C:\Program Files\Opera\62.0.3331.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8E32FF7C-3D3F-4ADE-AB5E-75B70439BDE8}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:196.29 GB) (Free:26.82 GB) (14%)

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB Protection Device
Description: USB Protection Device
Class Guid: {5c69eefe-3c1e-44ef-8501-f475f902fca7}
Manufacturer: SIA Syncrosoft
Service: SynasUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/28/2019 06:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 1.0.0.3, časové razítko: 0x4e156054
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x6e4
Čas spuštění chybující aplikace: 0x01d54387891f0ba8
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 945e4324-b154-11e9-ae3f-0008ca68e6d5 //message ID

Error: (07/28/2019 05:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hl2.exe.bat, verze: 0.0.0.0, časové razítko: 0x4c525184
Název chybujícího modulu: steam.dll, verze: 2.0.0.0, časové razítko: 0x4c09fc0d
Kód výjimky: 0xc0000417
Posun chyby: 0x0002b859
ID chybujícího procesu: 0x2644
Čas spuštění chybující aplikace: 0x01d54556962130eb
Cesta k chybující aplikaci: C:\Portal\hl2.exe.bat
Cesta k chybujícímu modulu: C:\Portal\bin\steam.dll
ID zprávy: d449b238-b149-11e9-ae3f-0008ca68e6d5

Error: (07/28/2019 01:14:16 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Získání lístku pravosti se u šablony s ID 66c92734-d682-4d71-983e-d6ec3f16059f nezdařilo (hr=0x80072F8F)

Error: (07/28/2019 01:14:16 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Podrobnosti chyby získávání licence
hr=0x80072F8F

Error: (07/22/2019 09:49:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MonoDevelop.exe, verze: 2.6.0.0, časové razítko: 0x56e81089
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23677, časové razítko: 0x589c9620
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x1750
Čas spuštění chybující aplikace: 0x01d53fddfb2671e7
Cesta k chybující aplikaci: D:\Program files\Unity\MonoDevelop\bin\MonoDevelop.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 357f6e45-ac55-11e9-a44a-0008ca68e6d5

Error: (07/22/2019 09:49:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MonoDevelop.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
na System.IO.__Error.FileNotOpen()
na System.IO.FileStream.Write(Byte[], Int32, Int32)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(System.String)
na MonoDevelop.Core.ProgressMonitoring.LogTextWriter.Write(System.String)
na System.IO.TextWriter.Write(System.String, System.Object, System.Object)
na System.IO.TextWriter+SyncTextWriter.Write(System.String, System.Object, System.Object)
na System.Console.Write(System.String, System.Object, System.Object)
na MonoDevelop.Core.Logging.ConsoleLogger.Log(MonoDevelop.Core.Logging.LogLevel, System.String)
na MonoDevelop.Core.LoggingService.Log(MonoDevelop.Core.Logging.LogLevel, System.String)
na MonoDevelop.Core.LoggingService.LogError(System.String)
na MonoDevelop.Ide.Gui.GLibLogging.LoggerMethod(System.String, LogLevelFlags, System.String)
na MonoDevelop.Ide.Gui.GLibLogging+Log.<.cctor>b__0(System.String, LogLevelFlags, System.String, LogFunc)
na GLib.Source.g_source_remove(UInt32)
na GLib.Source.Remove(UInt32)
na GLib.Timeout+TimeoutProxy.Dispose(Boolean)
na GLib.Timeout+TimeoutProxy.Finalize()

Error: (07/19/2019 09:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.bat se nezdařilo.
Závislé sestavení 61.0.3163.100,language="&#x2a;",type="win32",version="61.0.3163.100" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/15/2019 09:57:45 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe


System errors:
=============
Error: (07/29/2019 06:58:50 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:53:43 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:48:42 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:44:06 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:39:22 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:33:48 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:28:45 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/29/2019 06:28:44 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.


Windows Defender:
=================================== // WITH SOME TRANSLATION FOR MALNUTRITION
Date: 2019-03-25 09:55:25.319
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:Misleading:Win32/Lodi
ID:240849
Závažnost:Vysoké // HIGH SEVERITY,IMPORTANCE
Kategorie:potenciálně nežádoucí software
Nalezeno v cestě:file:C:\Program Files (x86)\WinThruster\WinThruster.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster\WinThruster.lnk;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster\WinThruster.lnk
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý // STATE UNKNOWN
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2018-01-04 10:58:05.797
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{4F46CF60-0B18-435E-8C0A-FAB6BA1A8982}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2017-09-23 14:31:07.426
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FD6612E7-90F6-451F-8B2B-D9877E2AB365}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:Reed-PC\Reed

Date: 2017-09-23 14:31:07.426
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:SoftwareBundler:Win32/ICLoader
ID:222548
Závažnost:Vysoké // HIGH SEVERITY,IMPORTANCE
Kategorie:Software instalující další produkty
Nalezeno v cestě:containerfile:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack (1).zip;containerfile:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack.zip;file:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack (1).zip->Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.exe;file:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Uživatel
Stav:Neznámý // STATE UNKNOWN
Uživatel:Reed-PC\Reed
Název procesu:C:\Program Files\Windows Defender\MSASCui.exe

Date: 2017-09-23 14:31:07.424
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:Spyware:Win32/WebHancer.A
ID:127924
Závažnost:Vysoké // HIGH SEVERITY,IMPORTANCE
Kategorie:Spyware
Nalezeno v cestě:containerfile:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->wbhshare.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->Webhdll.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->WhAgent.exe;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whAgent.inf;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whiehlpr.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whieshm.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whInstaller.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Uživatel
Stav:Neznámý // STATE UNKNOWN
Uživatel:Reed-PC\Reed
Název procesu:C:\Program Files\Windows Defender\MSASCui.exe

CodeIntegrity:
===================================

Date: 2016-08-05 11:00:48.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 09:09:32.453
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 01:40:20.807
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 20:26:56.966
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 17:05:32.813
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 10:40:15.215
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-02 20:42:16.931
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-02 10:39:41.466
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. N55SF.207 08/29/2011
Motherboard: ASUSTeK Computer Inc. N55SF
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 90%
Total physical RAM: 4000.05 MB
Available physical RAM: 398.16 MB
Total Virtual: 7998.29 MB
Available Virtual: 2764.41 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:196.29 GB) (Free:26.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: ( ) (Fixed) (Total:244.47 GB) (Free:40.8 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BE4A3F9)
Partition 1: (Active) - (Size=196.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

I ran the last diag tool you sent me , but i don't think it made any logs.
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
yes, that is fine.........

This is a more in depth scanner


Download Quick Diag to your desktop.
Very Important!! -- Make sure program is on your desktop.
Disable your Antivirus/Antispyware prior to scanning.
Right Click Run as Administrator.
Select the Quick Scan.









Post the log that is generated in your next post.
ALSO
I ran the last diag tool you sent me , but i don't think it made any logs.
i can start the program, i click on the quick button, but during the test it does the same it does when .exe file cant be opened.
the mouse freezes for about a half a second in say, 7 second intervals several times and then it shows the 0xc000006 (NOTE IT DIDN'T SHOW ANYTHING WITH THE DIAG TOOL, IT JUST LAGGED THE SAME WAY)
IT ALSO HAPPENS IF I CAN FOR SOME REASON RUN SOME SETUP.EXE, IT CAN START LAGGING DURING AND THEN IT SAYS SOMETHING LIKE "Was not succesfuly installed".
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
Oh and FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Reed (administrator) on REED-PC (ASUSTeK Computer Inc. N55SF) (29-07-2019 06:36:19)
Running from C:\Users\Reed\Downloads
Loaded Profiles: Reed (Available Profiles: Reed)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() [File not signed] C:\Windows\System32\rpcnetp.exe
() [File not signed] D:\Program files\Unity\Editor\UnityHelper.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Alcor Micro Corp.) [File not signed] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK) [File not signed] C:\Windows\SysWOW64\ACEngSvr.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Daniel White -> Daniel White) C:\Program Files (x86)\SunsetScreen\SunsetScreen.bat
(DeviceVM Inc. -> Splashtop Inc.) C:\ASUS.SYS\SIONExportService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Native Instruments GmbH) [File not signed] C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Unity Technologies SF -> Unity Technologies ApS) D:\Program files\Unity\Editor\Data\Tools64\UnityShaderCompiler.exe
(Unity Technologies SF -> Unity Technologies ApS) D:\Program files\Unity\Editor\Unity.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () [File not signed]
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Run: [Google Update] => C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: {6fa280f7-c824-11e1-aa61-0008ca68e6d5} - I:\setup.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: {ade6eec8-c514-11e1-92b7-0008ca68e6d5} - G:\setup.exe
HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [28544 2013-01-16] (Xfire Inc -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2007-06-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32-x32: [VIDC.IV41] => IR41_32.AX
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\7k.exe: [{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb] -> GOG.com Seven Kingdoms
HKLM\Software\...\AppCompatFlags\Custom\SensibleSoccer2006.exe: [{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb] -> GOG.com Sensible Soccer 2006
HKLM\Software\...\AppCompatFlags\InstalledSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb [2012-12-31]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{981c8cc5-743b-4169-b0a2-51a102c187db}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb [2013-11-15]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] ->
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170872 2016-12-03] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148200 2016-12-03] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
BootExecute: autocheck autochk /r \??\D:autocheck autochk /r \??\C:autocheck autochk *

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00AAFF2A-C18E-4830-BF34-E5F80BF9F851} - System32\Tasks\TechUtilities Weekly Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
Task: {018614D6-FDB8-4A11-847F-42873342EF80} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-07-05] (Easeware Technology Limited -> Easeware)
Task: {040B2295-8BC8-4A39-95B6-D14431738800} - System32\Tasks\{8378311F-C01D-4741-B464-0BB7412CACF0} => C:\Windows\system32\pcalua.exe -a G:\Setup.EXE -d G:\
Task: {07DB6454-2CBF-49C2-B87F-8E5C4DB496AC} - System32\Tasks\{EE6D64D5-9F6A-423D-AA07-2552E169678D} => "c:\users\reed\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
Task: {0A6371F8-26C6-467E-9B28-B3E36FC947DA} - System32\Tasks\SafeZone scheduled Autoupdate 1460808721 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {0AC85B98-F69E-4A95-9CF7-F1B9EA3B98D4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {11546610-33F7-4DE4-A440-D3F28F9162F9} - System32\Tasks\TechUtilities Logon Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
Task: {12367E90-19DC-44E5-9931-B550F84E42E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {34CFE560-8D17-4373-AA89-E625ADC0BE20} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [503728 2011-06-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {386F26B1-5963-47F2-AE83-94C0EEB1DD5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {3F361834-395E-46B9-9424-FCE1909280A3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. -> )
Task: {4121375D-B497-4533-B219-A1D7FA9841B0} - System32\Tasks\AdobeAAMUpdater-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4E712919-BB95-4413-930A-8AEB6E430837} - System32\Tasks\ErrorFixKIT => C:\Program Files (x86)\ErrorFix KIT\ErrorFixKIT.exe
Task: {6242BEEE-EBF2-4CCE-BEF9-B0E69D5E7E95} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [691328 2010-08-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {6472DA4F-E2BF-44BD-858E-D1CE6063FB6B} - System32\Tasks\Opera scheduled Autoupdate 1519300596 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {6BA63AB1-3F8E-4FB0-9E01-5BC9EC019D3E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. -> ASUS)
Task: {6DEDA583-1407-4B66-814A-04927145AE3E} - \AVAST Software\Avast settings backup -> No File <==== ATTENTION
Task: {81B95154-F41B-4AF5-AA0B-B08A8D55F322} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {83FB79A4-F763-4532-B148-5BAA868644F8} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [5531304 2019-02-21] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {88E1D846-538E-4E6C-A889-64F98C1018F7} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [977024 2010-12-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {8E5D5943-3F56-46CE-9FD3-CC7E028160C8} - System32\Tasks\AdobeGCInvoker-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9209BC06-83FB-4CAE-8B1B-52FBBF616CF6} - System32\Tasks\{E2703E98-714F-465D-ADCA-EF856F288C00} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {9555A13C-5E9F-40C6-AF61-CA25C16A453A} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION
Task: {9A1CD433-A19C-4B22-9D60-5957666C49D1} - \Avast Software\Overseer -> No File <==== ATTENTION
Task: {A731E237-FBD6-46D5-BECF-8947CDFA7319} - System32\Tasks\{973B6F8D-197B-468A-8A6A-E5FB6FEAF5CA} => G:\AUTORUN.EXE
Task: {C220F64E-67D4-4960-BE00-BC4F25F68DE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001Core => C:\Users\Reed\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C4E105A3-08B9-40F3-8C94-8B366317E040} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {C6B74E04-9109-42F4-90BC-670FD1E0AA0E} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
Task: {D2CE401C-2AC3-422A-927F-76E6FFAAAFBC} - System32\Tasks\{0B246176-29A1-4AEE-9C95-55D0784432FA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {D47CEC61-D331-411B-B6AF-01A24CA49E95} - System32\Tasks\svchostc => C:\Users\Reed\AppData\Local\svchostc\svchostc.exe <==== ATTENTION
Task: {DCF735B8-FBD7-4532-AA99-EC0EDFFD4303} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EDB4EC8B-6204-47D0-A93D-D7AC9E7237F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {F4290D53-3161-4A59-B5A9-0E7AFE5F12BA} - System32\Tasks\{0EBA5FBC-998F-4F21-B049-EAE68BBC38E7} => "c:\users\reed\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
Task: {FBBBCF66-4D08-45EE-9327-E302B3F018CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FD7AB35E-6C52-4D76-B8B8-498FD9F18577} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001UA => C:\Users\Reed\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {FDDBC896-65C0-42F2-9725-3C61EECA04F3} - System32\Tasks\Win Update => c:\Intell\POOL\russian.vbs
Task: {FF2DD59C-CF85-428A-8B88-2A0C1A12E0D5} - System32\Tasks\{606C25E6-DE8A-4815-9B04-880CBDF4CF3D} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"D:\Program Files (x86)\GMXMED~1\Wonder\Uninst.isu"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
Tcpip\..\Interfaces\{0CDD5A9A-8A8D-40C5-8C52-2C1FE8191A4F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B564E423-6D2B-470C-9089-9C206ED0C0BC}: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> teoma.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112555&tt=3412_1&babsrc=HP_ss&mntrId=30ad1a4e0000000000005404a6aa4adf"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default [2019-07-29]
CHR Extension: (Prezentace) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
StartMenuInternet: Google Chrome - C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (Zoom for Opera) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\agocngbnphnfdhpacecdpcpfphhdmoff [2019-04-04]
OPR Extension: (V7 quickieZoom) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\bekmnilenpmnmmiaokgoclkegllkgbok [2018-12-08]
OPR Extension: (Tor™ Browser Button) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\lilflogangngbfkpiijccmfokhjcbhcl [2018-07-31]
OPR Extension: (Zoomba) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\lopalaapnmkccjdoipmmmolpninnmcik [2018-02-23]
OPR Extension: (Enhancer for YouTube) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofhehnfmgbgnkjaojifkmebjjgffjaeh [2018-12-08]
OPR Extension: (Zoom Popup) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofpknbbbohcgomapfgcgadleckdagikj [2018-02-23]
OPR Extension: (Adblock Plus) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-12-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1839616 2011-01-15] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED -> Gold Click Ltd) <==== ATTENTION
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-10-14] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [202040 2019-07-25] (Even Balance, Inc. -> )
R2 Splashtop MDES; C:\ASUS.SYS\SIONExportService.exe [338208 2011-05-11] (DeviceVM Inc. -> Splashtop Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [307768 2016-12-03] (NVIDIA Corporation -> NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2019-05-30] () [File not signed]
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54872 2017-09-05] (Synaptics Incorporated -> Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-07-03] () [File not signed]
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft -> SIA Syncrosoft)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] (Intel(R) Turbo Boost Technology Monitor -> )
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-10-20] (ZJMedia Digital Technology Ltd. -> WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-22] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-22] (Zemana Ltd. -> Zemana Ltd.)
U3 ahmtnt0w; C:\Windows\System32\Drivers\ahmtnt0w.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 06:36 - 2019-07-29 06:39 - 000040685 _____ C:\Users\Reed\Downloads\FRST.txt
2019-07-29 06:35 - 2019-07-29 06:36 - 000000000 ____D C:\FRST
2019-07-29 06:34 - 2019-07-29 06:34 - 002095104 _____ (Farbar) C:\Users\Reed\Downloads\FRST64.exe
2019-07-28 18:45 - 2019-07-28 18:45 - 003072896 _____ (Nicolas Coolman) C:\Users\Reed\Downloads\ZHPCleaner.exe
2019-07-28 18:39 - 2019-07-28 18:47 - 000002124 _____ C:\Users\Reed\Desktop\Rkill.txt
2019-07-28 18:38 - 2019-07-28 18:38 - 000832417 _____ C:\Users\Reed\Downloads\rkill-unsigned.zip
2019-07-28 18:23 - 2019-07-28 18:23 - 000001293 _____ C:\Users\Reed\Downloads\exe-fix-twc.zip
2019-07-28 18:23 - 2011-06-24 07:46 - 000003646 _____ C:\Users\Reed\Desktop\EXE_Fix_TWC.reg
2019-07-27 15:32 - 2019-07-28 11:14 - 000000000 ____D C:\Users\Reed\Documents\testturret
2019-07-25 18:03 - 2019-07-25 18:03 - 000016812 _____ C:\Users\Reed\Documents\small ramp.fbx
2019-07-24 16:00 - 2019-07-24 16:00 - 000020663 _____ C:\Users\Reed\Downloads\$SpeedoPrefab.zip
2019-07-21 14:37 - 2019-07-21 14:55 - 000000000 ____D C:\Users\Reed\Desktop\Downloaded
2019-07-19 17:49 - 2019-07-19 23:15 - 000000000 ____D C:\Users\Reed\Desktop\EasySuspension
2019-07-19 17:48 - 2019-07-19 17:48 - 000588780 _____ C:\Users\Reed\Downloads\EasySuspension.zip
2019-07-17 18:43 - 2019-07-17 18:43 - 000001154 _____ C:\Users\Reed\Desktop\Nový textový dokument.txt
2019-07-17 10:14 - 2019-07-19 09:15 - 000000404 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2019-07-17 10:14 - 2019-07-17 10:14 - 000003808 _____ C:\Windows\System32\Tasks\Driver Easy Scheduled Scan
2019-07-17 10:14 - 2019-07-17 10:14 - 000000929 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Easeware
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\Program Files\Easeware
2019-07-17 10:11 - 2019-07-17 10:13 - 005074168 _____ (Easeware ) C:\Users\Reed\Downloads\DriverEasy_Setup (1).exe
2019-07-17 09:26 - 2019-07-17 09:26 - 000000000 ____D C:\Windows\pss
2019-07-15 22:20 - 2019-07-15 22:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Steam
2019-07-15 21:54 - 2019-07-15 21:55 - 001573568 _____ C:\Users\Reed\Downloads\SteamSetup.exe
2019-07-14 12:55 - 2019-07-14 12:55 - 000000000 ____D C:\Users\Reed\AppData\Local\[SAO]_Peter
2019-07-14 11:13 - 2019-07-14 11:16 - 014505976 _____ (Intel) C:\Users\Reed\Downloads\Intel-Driver-and-Support-Assistant-Installer.bat
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Sublime Text 3
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Sublime Text 3
2019-07-13 23:56 - 2019-07-13 23:56 - 000000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2019-07-13 23:56 - 2019-07-13 23:56 - 000000000 ____D C:\Program Files\Sublime Text 3
2019-07-13 23:54 - 2019-07-13 23:56 - 010913768 _____ (Sublime HQ Pty Ltd ) C:\Users\Reed\Downloads\Sublime Text Build 3207 x64 Setup.exe
2019-07-13 23:51 - 2019-07-01 17:35 - 000000000 ____D C:\Users\Reed\Desktop\p5
2019-07-13 23:50 - 2019-07-13 23:51 - 001582849 _____ C:\Users\Reed\Downloads\p5.zip
2019-07-13 23:01 - 2019-07-28 13:35 - 000000000 ____D C:\Users\Reed\Downloads\WPy64-3720
2019-07-13 22:37 - 2019-07-13 22:52 - 580357926 _____ (WinPython team ) C:\Users\Reed\Downloads\Winpython64-3.7.2.0.exe
2019-07-13 22:32 - 2019-07-13 22:32 - 000000000 ____D C:\Program Files\VideoLAN
2019-07-13 22:30 - 2019-07-13 22:32 - 042034704 _____ C:\Users\Reed\Downloads\vlc-3.0.7.1-win64.exe
2019-07-13 22:29 - 2019-07-10 19:23 - 048807962 _____ C:\Users\Reed\Desktop\VID_20190710_192332.mp4
2019-07-13 21:58 - 2019-07-07 11:28 - 000000000 ____D C:\Users\Reed\Desktop\eric6-19.7
2019-07-13 21:56 - 2019-07-13 21:58 - 019806343 _____ C:\Users\Reed\Downloads\eric6-19.7.zip
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Wing Personal 7
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Local\Wing Personal 7
2019-07-13 21:44 - 2019-07-13 21:45 - 000000000 ____D C:\Users\Reed\Desktop\Wing Personal 7.0.4
2019-07-13 21:41 - 2019-07-13 21:44 - 052793070 _____ C:\Users\Reed\Downloads\wing-personal-7.0.4.0-win.zip
2019-07-13 21:38 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Jedi
2019-07-13 21:37 - 2019-07-13 21:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Spyder
2019-07-13 21:36 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed\.spyder-py3
2019-07-13 21:36 - 2019-07-13 21:36 - 000000000 ____D C:\Users\Reed\.matplotlib
2019-07-13 21:35 - 2019-07-13 21:40 - 000000043 _____ C:\Users\Reed\.condarc
2019-07-13 21:35 - 2019-07-13 21:40 - 000000000 ____D C:\Users\Reed\.conda
2019-07-13 21:35 - 2019-07-13 21:35 - 000000000 ____D C:\Users\Reed\AppData\Local\conda
2019-07-13 21:34 - 2019-07-13 21:34 - 000000000 ____D C:\Users\Reed\.anaconda
2019-07-13 20:31 - 2019-07-13 21:08 - 693800272 _____ (Anaconda, Inc.) C:\Users\Reed\Downloads\Anaconda3-2019.03-Windows-x86_64.exe
2019-07-13 20:28 - 2019-07-13 20:31 - 012590373 _____ (Anaconda, Inc.) C:\Users\Reed\Downloads\Nepotvrzeno 915624.crdownload
2019-07-11 17:55 - 2019-07-27 10:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Processing
2019-07-11 17:55 - 2019-07-23 17:30 - 000000000 ____D C:\Users\Reed\Documents\Processing
2019-07-11 17:52 - 2019-02-03 17:37 - 000000000 ____D C:\Users\Reed\Desktop\processing-3.5.3
2019-07-10 22:27 - 2019-07-10 22:35 - 132834090 _____ C:\Users\Reed\Downloads\processing-3.5.3-windows64.zip
2019-07-10 16:26 - 2019-07-10 16:26 - 002338989 _____ C:\Users\Reed\Downloads\qpvvqetcvt-EBR.zip
2019-07-10 14:13 - 2019-07-23 12:58 - 000000000 ____D C:\Users\Reed\Desktop\ALLNIGHTER 2
2019-07-10 14:13 - 2019-07-10 14:24 - 036469309 _____ C:\Users\Reed\Downloads\processing-3.5.3-windows64.zip.crdownload
2019-07-10 11:23 - 2019-07-10 11:23 - 000001000 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-10 09:39 - 2019-07-28 22:59 - 000000000 ____D C:\Users\Reed\Documents\All Nighter 2
2019-07-09 17:16 - 2019-07-09 17:20 - 000000000 ____D C:\Users\Reed\Documents\Nellie
2019-07-08 15:55 - 2019-07-08 17:11 - 000000000 ____D C:\Users\Reed\Documents\Sparky
2019-07-08 09:56 - 2019-07-08 14:34 - 000000000 ____D C:\Users\Reed\Documents\Carvival Springston
2019-07-07 13:51 - 2019-07-08 15:53 - 000000000 ____D C:\Users\Reed\Documents\Shader Old Unit
2019-07-07 11:48 - 2019-07-09 16:46 - 000000000 ____D C:\Users\Reed\Documents\Stencil
2019-07-07 11:38 - 2019-07-07 11:49 - 000000736 _____ C:\Users\Reed\Desktop\Controller1.cs
2019-07-07 11:37 - 2019-07-07 11:49 - 000000129 _____ C:\Users\Reed\Desktop\Shader.cs
2019-07-05 18:13 - 2019-07-09 17:00 - 000000000 ____D C:\Users\Reed\Documents\Mining Corporation
2019-07-05 16:22 - 2019-07-09 12:06 - 000000000 ____D C:\Users\Reed\Desktop\Grimster
2019-07-03 15:49 - 2019-07-03 15:49 - 000001262 _____ C:\Users\Reed\Desktop\Continue Installation.lnk
2019-07-02 12:29 - 2019-07-02 12:29 - 000000000 ____D C:\Users\Reed\Desktop\multiplayer-fps-assets
2019-07-02 12:25 - 2019-07-02 12:28 - 040856754 _____ C:\Users\Reed\Downloads\multiplayer-fps-assets.zip
2019-07-02 12:23 - 2019-07-02 12:24 - 010978361 _____ C:\Users\Reed\Downloads\multiplayer-fps-assets.zip.crdownload
2019-07-01 09:17 - 2019-07-05 14:13 - 000000000 ____D C:\Users\Reed\Documents\Secret Fps Multiplayer
2019-06-29 11:34 - 2019-07-03 15:33 - 000000000 ____D C:\ProgramData\NFS Underground

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 06:39 - 2017-12-21 11:37 - 000103698 _____ C:\Windows\ZAM.krnl.trace
2019-07-29 06:39 - 2017-09-22 22:56 - 000069409 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-07-29 06:35 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-29 06:35 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-29 06:31 - 2011-02-19 07:36 - 000680528 _____ C:\Windows\system32\perfh005.dat
2019-07-29 06:31 - 2011-02-19 07:36 - 000145496 _____ C:\Windows\system32\perfc005.dat
2019-07-29 06:31 - 2009-07-14 07:13 - 001615506 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-29 06:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-29 06:30 - 2013-03-14 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Adobe
2019-07-29 06:28 - 2019-06-14 17:49 - 000000432 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-07-28 23:32 - 2015-08-17 10:48 - 000000000 ____D C:\Users\Reed\AppData\Roaming\uTorrent
2019-07-28 22:59 - 2016-09-16 18:20 - 000000000 ____D C:\ProgramData\Unity
2019-07-28 20:45 - 2015-10-18 18:15 - 000000012 ____H C:\dvmexp.idx
2019-07-28 20:45 - 2014-07-20 19:31 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.dll
2019-07-28 20:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-28 20:44 - 2017-04-01 22:13 - 000017920 _____ C:\Windows\system32\rpcnetp.exe
2019-07-28 20:44 - 2014-07-20 19:30 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.exe
2019-07-28 20:41 - 2018-09-05 19:41 - 000952594 _____ C:\Windows\ntbtlog.txt
2019-07-28 20:04 - 2018-10-28 15:52 - 000000000 ____D C:\Users\Reed\AppData\Roaming\vlc
2019-07-28 18:26 - 2019-01-12 13:17 - 000000000 ____D C:\Users\Reed\AppData\Local\Everything
2019-07-28 18:26 - 2019-01-10 13:45 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Everything
2019-07-28 17:11 - 2012-07-03 17:07 - 000000000 ____D C:\Users\Reed\AppData\Local\CrashDumps
2019-07-28 15:01 - 2018-09-11 15:15 - 000000000 ____D C:\Program Files\EditPlus
2019-07-28 10:29 - 2016-08-27 17:15 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CC2499C5-D81A-41E2-AF7B-45E2C05C6CD1}
2019-07-27 15:32 - 2016-09-16 18:30 - 000000000 ____D C:\Users\Reed\AppData\LocalLow\DefaultCompany
2019-07-26 14:55 - 2015-11-22 23:09 - 000000132 _____ C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-07-26 10:52 - 2012-07-07 13:08 - 000000000 ____D C:\Users\Reed\AppData\Local\ElevatedDiagnostics
2019-07-26 10:01 - 2018-02-22 13:54 - 000000000 ____D C:\Program Files\Opera
2019-07-25 19:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-07-25 19:08 - 2014-08-14 23:38 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-07-25 19:07 - 2012-07-03 15:22 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-07-25 12:36 - 2016-01-16 15:43 - 000000816 _____ C:\WifiInfo.ini.enc
2019-07-21 23:16 - 2019-04-01 17:44 - 000000000 ____D C:\Users\Reed\Desktop\picturrs
2019-07-18 09:51 - 2019-02-20 21:33 - 000000000 ____D C:\Users\Reed\Desktop\AllNighter
2019-07-17 10:00 - 2019-03-19 17:24 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Discord
2019-07-16 20:22 - 2015-11-30 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2019-07-16 11:25 - 2018-02-22 13:56 - 000003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1519300596
2019-07-16 10:18 - 2012-07-06 19:18 - 000002415 _____ C:\Users\Reed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-15 22:31 - 2009-07-14 07:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-14 11:19 - 2014-05-02 15:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-14 11:19 - 2012-01-12 20:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-07-14 11:19 - 2012-01-12 20:18 - 000000000 ____D C:\Program Files (x86)\Intel
2019-07-14 11:17 - 2012-01-12 20:25 - 000000000 ____D C:\ProgramData\Intel
2019-07-13 21:36 - 2012-07-03 14:02 - 000000000 ____D C:\Users\Reed
2019-07-12 12:20 - 2019-02-20 15:31 - 000000000 ____D C:\Users\Reed\Documents\All Nighter
2019-07-09 22:24 - 2016-08-30 11:15 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-09 22:24 - 2016-08-30 11:15 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-09 22:24 - 2016-08-30 11:15 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-09 22:24 - 2016-08-30 11:15 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-09 22:24 - 2011-10-20 00:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-05 18:12 - 2019-06-28 17:33 - 000000000 ____D C:\Users\Reed\Documents\Grim of The Ages

==================== Files in the root of some directories ================

2016-06-12 15:16 - 2016-06-12 15:16 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2017-10-01 16:48 - 2017-10-01 16:48 - 000000878 _____ () C:\Users\Reed\exe.reg
2012-07-03 17:14 - 2011-07-11 22:48 - 000083456 _____ () C:\Users\Winamp\burnlib.dll
2012-07-03 17:14 - 2011-07-11 22:48 - 000028288 _____ (Nullsoft, Inc.) C:\Users\Winamp\Elevator.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000046080 _____ (Nullsoft, Inc.) C:\Users\Winamp\elevatorps.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000136192 _____ () C:\Users\Winamp\libFLAC.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000180224 _____ () C:\Users\Winamp\libmp4v2.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000253440 _____ () C:\Users\Winamp\libsndfile.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000078848 _____ () C:\Users\Winamp\nde.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000410624 _____ () C:\Users\Winamp\nsutil.dll
2012-07-03 17:14 - 2011-03-16 16:01 - 000199152 _____ (Sonic Solutions) C:\Users\Winamp\pxsdkpls.DLL
2012-07-03 17:14 - 2011-09-26 16:01 - 000083968 _____ () C:\Users\Winamp\tataki.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000370129 _____ (Nullsoft, Inc.) C:\Users\Winamp\UninstWA.exe
2012-07-03 17:14 - 2011-07-11 22:48 - 001595520 _____ (Nullsoft, Inc.) C:\Users\Winamp\winamp.exe
2012-07-03 17:14 - 2011-07-11 22:47 - 000074752 _____ (Nullsoft, Inc.) C:\Users\Winamp\winampa.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000047616 _____ () C:\Users\Winamp\zlib.dll
2018-10-26 19:12 - 2018-10-26 19:12 - 000001414 _____ () C:\Users\Reed\AppData\Roaming\.minecraft – zástupce.lnk
2015-09-05 11:35 - 2018-01-16 13:14 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-11-22 23:09 - 2019-07-26 14:55 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-04-20 11:01 - 2018-04-20 11:01 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FC29FA0894FE.ini
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileIn.cns
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileOut.cns
2017-09-26 23:02 - 2017-09-26 23:06 - 000000115 _____ () C:\Users\Reed\AppData\Roaming\LogFile.txt
2018-01-24 17:10 - 2019-05-23 23:32 - 000000961 _____ () C:\Users\Reed\AppData\Roaming\MPQEditor.ini
2015-05-14 22:47 - 2015-05-14 22:47 - 001249792 _____ (http://www.ruby-lang.org/) C:\Users\Reed\AppData\Roaming\msvcr90-ruby191.dll
2019-01-03 21:49 - 2019-01-03 21:49 - 000001456 _____ () C:\Users\Reed\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-07-03 19:52 - 2018-09-13 16:08 - 000034816 _____ () C:\Users\Reed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-06 12:52 - 2017-11-06 12:52 - 000000058 _____ () C:\Users\Reed\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2019-02-08 12:29 - 2019-02-08 12:29 - 000000000 _____ () C:\Users\Reed\AppData\Local\oobelibMkey.log
2014-01-24 17:27 - 2014-11-25 23:33 - 000028175 _____ () C:\Users\Reed\AppData\Local\Perfmon.PerfmonCfg
2019-03-13 00:43 - 2019-03-13 00:43 - 000000218 _____ () C:\Users\Reed\AppData\Local\recently-used.xbel
2012-07-26 21:45 - 2015-04-05 11:44 - 000007597 _____ () C:\Users\Reed\AppData\Local\Resmon.ResmonCfg
2016-02-11 20:57 - 2016-02-11 20:57 - 000000000 _____ () C:\Users\Reed\AppData\Local\{5CD4D4E9-0A5E-4B5C-A285-0EB9021E4C19}

==================== FLock ================

2015-10-21 12:29 C:\ProgramData\CrazyBump

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-26 10:45
==================== End of FRST.txt ============================
 

Imr102030

PCHF Member
PCHF Member
Jul 28, 2019
48
0
19
yes, that is fine.........

This is a more in depth scanner


Download Quick Diag to your desktop.
Very Important!! -- Make sure program is on your desktop.
Disable your Antivirus/Antispyware prior to scanning.
Right Click Run as Administrator.
Select the Quick Scan.









Post the log that is generated in your next post.
sorry i forgot to hit reply directly, you might have not even been notified i wrote here. up there are those logs.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
I see some malware here that needs to be removed, that may be the issue. Also, there is no need to quote my reply, I was at work all day.


Malwarebytes AntiRootkit.



Please download Malwarebytes Anti-Rootkit from here


  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • upload_2017-2-22_19-18-52.png
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
===============================================================================================

Rogue Killer Scan.

Download RogueKiller -- (Portable) -- from one of the following links and save it to your Desktop:

Link 1
Link 2


  • Close all other the running programs
  • Disable ALL Antivirus -- Antimalware -- Applications.
  • Right Click Rogue Killer and Run as Administrator.
  • Click the Start Scan button.
  • Allow the scan to run -- it can take ten minutes or more.
  • Once the scan is complete check All items for removal.
  • upload_2017-2-23_10-55-54.png
  • After All items are checked then press Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on open report -- then open txt
  • Copy the content of the report and paste it here in your next reply.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,394
551
=======================================================================================================

Remove the programs listed below with Geek Uninstaller. ( Use force mode if needed, if something is not listed skip it.)


µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Driver Easy 5.6.12 (HKLM\...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
Registry Repair 5.0.1.102 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.102 - Glarysoft Ltd)
WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.3.5.138 - Solvusoft)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)


=======================================================================================================



Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

Last edited:

gus

PCHF Administrator
Administrator
Security Team
PCHF Donator
Malware Teacher
Jul 19, 2016
3,839
1,764
Sydney, Australia
pchelpforum.net
@Imr102030 please do not quote every previous post, it is not necessary. Do not use the Reply button, write your response in the vacant box under the last post and click "Post Reply"
 
Status
Not open for further replies.