Conversation Can't Open Certain .exe

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
I will try that, but i have to say that the problem was before all those you listed as should be removed.They were my pathethic try to fix this issue.
the problem is present maybe 2 years. theses files like a month. (relatively)
except for utorrent but that on the other hand was present many years before that issue.
p.s. i am used from other forum to quote otherwise nobody is notified. :- )
 
Is there some runtime diagnostics so that i could press " record " and then replicate the bug and then investigate?
 
So i did what you said , uninstalled those thing, then all of sudden everything was working, i was very happy . so i restarted just to be sure and it's doing the same and worse...
 
Did you just uninstall the programs ? You should run the programs and the fix with Frst
 
Malnutrition said:
Did you just uninstall the programs ? You should run the programs and the fix with Frst
Click to expand...
i ran your fixlist along with frst,i t restarted afterwards and still did the bug...i then downloaded the geek because i liked the forced delete, and then i also downloaded some debugdiag which i dont know how to use, so i as they say " created a rule " and i naively thought "its recording " and went to reproduce the bug, but it actually worked. but after restart it falled apart again...
 
You could reinstall windows, but that is a bit drastic, there may be other steps we could take. I would like you to post the logs from Rogue killer and malwarebytes, also the log from FRST.

Then....

Note: You can expect this process to take a long time, up to several hours or more.

  • Download ESET Online Scanner and save it to your Desktop
  • Right click on esetonlinescanner_enu.exe and select Run as administrator
  • Click Computer scan
  • Click Full scan
  • Click Start scan, leaving the default setting
  • If threats were found click Save scan log and save it to your Desktop as ESETScan.txt
  • Click Continue 3 times
  • Click Close
  • Copy and paste the ESETScan.txt file contents in your reply
  • Review the list and let me know if you think any of the items are legitimate and should be restored
  • If no threats were found, click Continue 3 times
  • Place a check mark in Delete application data on closing then click Close
 
I am headed to work, you can follow the steps or reformat... your choice.
 
Malnutrition said:
I am headed to work, you can follow the steps or reformat... your choice.
Click to expand...
one last quick question, can i reinstall windows without usb or dvd? these been bought genuine 7 years ago,. i remember having trouble the very first day and reinstaling or something, there was a windows 7 install code on the bottom of pc.... could this works ?
 
So, in your next reply; I need the following.

1. Malwarebytes Antirootkit Log.
2. Rogue Killer Log.
3. Fixlog from FRST.
4. Eset Scan log.
5. Re-Run FRST and give me a fresh set of FRST and Addition.txt logs.
 
Also, Download PCHunter.
Unzip it to your desktop.
Right Click PChunter 64
Run as Admin.
Click on Other tab.
Right Click on the .exe
Then Click Repair ALL.
Reboot your machine.

I am going to give you a fair warning!! Do not play around with PCHunter. This program assumes that you know what you are doing and will delete anything you tell it to delete. Do not play around with things you do not understand. Only do as I have instructed you to do with the tool.
 
Last edited:
Fixlog.txt - the very first fix.txt you sent me.
--------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Reed (30-07-2019 13:49:30) Run:2
Running from C:\Users\Reed\Desktop
Loaded Profiles: Reed (Available Profiles: Reed)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Closeprocesses:
CreateRestorePoint:
Emptytemp:
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\ChromeHTML: -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => -> No File
AlternateDataStreams: C:\ProgramData\.rdata:X [128]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2 [124]
AlternateDataStreams: C:\ProgramData\Temp:5216CD26 [268]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:77846FFE [140]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119]
AlternateDataStreams: C:\ProgramData\Temp:8AD1F2E0 [116]
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63 [125]
AlternateDataStreams: C:\ProgramData\Temp:FB6A21E3 [214]
C:\Windows\system32\drivers\etc\hosts.ics
Hosts:
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
C:\Program Files (x86)\WinThruster
C:\Program Files\AVAST Software
C:\Program Files (x86)\ErrorFix KIT
C:\Users\Reed\AppData\Local\svchostc\svchostc.exe
c:\Intell\POOL\russian.vbs
C:\Program Files (x86)\Common Files\ParetoLogic
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
Toolbar: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Tcpip\Parameters: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
Tcpip\..\Interfaces\{0CDD5A9A-8A8D-40C5-8C52-2C1FE8191A4F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B564E423-6D2B-470C-9089-9C206ED0C0BC}: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
Task: {F4290D53-3161-4A59-B5A9-0E7AFE5F12BA} - System32\Tasks\{0EBA5FBC-998F-4F21-B049-EAE68BBC38E7} => "c:\users\reed\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: {6fa280f7-c824-11e1-aa61-0008ca68e6d5} - I:\setup.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\MountPoints2: {ade6eec8-c514-11e1-92b7-0008ca68e6d5} - G:\setup.exe
BootExecute: autocheck autochk /r \??\D:autocheck autochk /r \??\C:autocheck autochk *
Task: {00AAFF2A-C18E-4830-BF34-E5F80BF9F851} - System32\Tasks\TechUtilities Weekly Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
Task: {018614D6-FDB8-4A11-847F-42873342EF80} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-07-05] (Easeware Technology Limited -> Easeware)
Task: {040B2295-8BC8-4A39-95B6-D14431738800} - System32\Tasks\{8378311F-C01D-4741-B464-0BB7412CACF0} => C:\Windows\system32\pcalua.exe -a G:\Setup.EXE -d G:\
Task: {07DB6454-2CBF-49C2-B87F-8E5C4DB496AC} - System32\Tasks\{EE6D64D5-9F6A-423D-AA07-2552E169678D} => "c:\users\reed\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
Task: {0A6371F8-26C6-467E-9B28-B3E36FC947DA} - System32\Tasks\SafeZone scheduled Autoupdate 1460808721 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {0AC85B98-F69E-4A95-9CF7-F1B9EA3B98D4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {11546610-33F7-4DE4-A440-D3F28F9162F9} - System32\Tasks\TechUtilities Logon Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
Task: {386F26B1-5963-47F2-AE83-94C0EEB1DD5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {3F361834-395E-46B9-9424-FCE1909280A3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. -> )
Task: {4121375D-B497-4533-B219-A1D7FA9841B0} - System32\Tasks\AdobeAAMUpdater-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4E712919-BB95-4413-930A-8AEB6E430837} - System32\Tasks\ErrorFixKIT => C:\Program Files (x86)\ErrorFix KIT\ErrorFixKIT.exe
Task: {6DEDA583-1407-4B66-814A-04927145AE3E} - \AVAST Software\Avast settings backup -> No File <==== ATTENTION
Task: {81B95154-F41B-4AF5-AA0B-B08A8D55F322} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {83FB79A4-F763-4532-B148-5BAA868644F8} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [5531304 2019-02-21] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {9209BC06-83FB-4CAE-8B1B-52FBBF616CF6} - System32\Tasks\{E2703E98-714F-465D-ADCA-EF856F288C00} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {9555A13C-5E9F-40C6-AF61-CA25C16A453A} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION
Task: {9A1CD433-A19C-4B22-9D60-5957666C49D1} - \Avast Software\Overseer -> No File <==== ATTENTION
Task: {A731E237-FBD6-46D5-BECF-8947CDFA7319} - System32\Tasks\{973B6F8D-197B-468A-8A6A-E5FB6FEAF5CA} => G:\AUTORUN.EXE
Task: {C6B74E04-9109-42F4-90BC-670FD1E0AA0E} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
Task: {D2CE401C-2AC3-422A-927F-76E6FFAAAFBC} - System32\Tasks\{0B246176-29A1-4AEE-9C95-55D0784432FA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {D47CEC61-D331-411B-B6AF-01A24CA49E95} - System32\Tasks\svchostc => C:\Users\Reed\AppData\Local\svchostc\svchostc.exe <==== ATTENTION
Task: {FDDBC896-65C0-42F2-9725-3C61EECA04F3} - System32\Tasks\Win Update => c:\Intell\POOL\russian.vbs
Task: {FF2DD59C-CF85-428A-8B88-2A0C1A12E0D5} - System32\Tasks\{606C25E6-DE8A-4815-9B04-880CBDF4CF3D} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"D:\Program Files (x86)\GMXMED~1\Wonder\Uninst.isu"
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HomePage: Default -> teoma.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112555&tt=3412_1&babsrc=HP_ss&mntrId=30ad1a4e0000000000005404a6aa4adf"
C:\Program Files (x86)\ProxyGate
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED -> Gold Click Ltd) <==== ATTENTION
Ltd. -> WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-22] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-22] (Zemana Ltd. -> Zemana Ltd.)
C:\Windows\System32\drivers\zam64.sys
C:\Windows\System32\drivers\zamguard64.sys
U3 ahmtnt0w; C:\Windows\System32\Drivers\ahmtnt0w.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
C:\Windows\System32\Drivers\ahmtnt0w.sys
C:\Windows\Tasks\Driver Easy Scheduled Scan.job
C:\Windows\System32\Tasks\Driver Easy Scheduled Scan
C:\Windows\ZAM.krnl.trace
C:\Windows\ZAM_Guard.krnl.trace
VirusTotal: C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7
VirusTotal: C:\users\reed\documents\inv 2\j3.debug2.exe
VirusTotal: C:\users\reed\desktop\j3.debug try fix.exe
Folder: c:\Intell
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
end
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\ChromeHTML => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => not found
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\NvCplDesktopContext => not found
HKLM\Software\Classes\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => not found
"C:\ProgramData\.rdata" => ":X" ADS not found.
"C:\ProgramData\Reprise" => ":wupeogjxldtlfudivq`qsp`26hfm" ADS not found.
"C:\ProgramData\Temp" => ":373C6DC2" ADS not found.
"C:\ProgramData\Temp" => ":5216CD26" ADS not found.
"C:\ProgramData\Temp" => ":5D458568" ADS not found.
"C:\ProgramData\Temp" => ":77846FFE" ADS not found.
"C:\ProgramData\Temp" => ":798A3728" ADS not found.
"C:\ProgramData\Temp" => ":8AD1F2E0" ADS not found.
"C:\ProgramData\Temp" => ":D20FFA63" ADS not found.
"C:\ProgramData\Temp" => ":FB6A21E3" ADS not found.
C:\Windows\system32\drivers\etc\hosts.ics => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0 => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10 => not found
"C:\Program Files (x86)\WinThruster" => not found
"C:\Program Files\AVAST Software" => not found
"C:\Program Files (x86)\ErrorFix KIT" => not found
"C:\Users\Reed\AppData\Local\svchostc\svchostc.exe" => not found
"c:\Intell\POOL\russian.vbs" => not found
"C:\Program Files (x86)\Common Files\ParetoLogic" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
"HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17}" => not found
HKLM\Software\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => not found
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => not found
HKLM\Software\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} => not found
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0CDD5A9A-8A8D-40C5-8C52-2C1FE8191A4F}\\DhcpNameServer" => not found
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B564E423-6D2B-470C-9089-9C206ED0C0BC}\\DhcpNameServer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4290D53-3161-4A59-B5A9-0E7AFE5F12BA}" => not found
"C:\Windows\System32\Tasks\{0EBA5FBC-998F-4F21-B049-EAE68BBC38E7}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EBA5FBC-998F-4F21-B049-EAE68BBC38E7}" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => not found
"HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6fa280f7-c824-11e1-aa61-0008ca68e6d5} => not found
HKLM\Software\Classes\CLSID\{6fa280f7-c824-11e1-aa61-0008ca68e6d5} => not found
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ade6eec8-c514-11e1-92b7-0008ca68e6d5} => removed successfully
HKLM\Software\Classes\CLSID\{ade6eec8-c514-11e1-92b7-0008ca68e6d5} => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00AAFF2A-C18E-4830-BF34-E5F80BF9F851}" => not found
"C:\Windows\System32\Tasks\TechUtilities Weekly Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechUtilities Weekly Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{018614D6-FDB8-4A11-847F-42873342EF80}" => not found
"C:\Windows\System32\Tasks\Driver Easy Scheduled Scan" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Easy Scheduled Scan" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{040B2295-8BC8-4A39-95B6-D14431738800}" => not found
"C:\Windows\System32\Tasks\{8378311F-C01D-4741-B464-0BB7412CACF0}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8378311F-C01D-4741-B464-0BB7412CACF0}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07DB6454-2CBF-49C2-B87F-8E5C4DB496AC}" => not found
"C:\Windows\System32\Tasks\{EE6D64D5-9F6A-423D-AA07-2552E169678D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE6D64D5-9F6A-423D-AA07-2552E169678D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A6371F8-26C6-467E-9B28-B3E36FC947DA}" => not found
"C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460808721" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SafeZone scheduled Autoupdate 1460808721" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AC85B98-F69E-4A95-9CF7-F1B9EA3B98D4}" => not found
"C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11546610-33F7-4DE4-A440-D3F28F9162F9}" => not found
"C:\Windows\System32\Tasks\TechUtilities Logon Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechUtilities Logon Task" => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZAM => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{386F26B1-5963-47F2-AE83-94C0EEB1DD5D}" => not found
"C:\Windows\System32\Tasks\Avast Emergency Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F361834-395E-46B9-9424-FCE1909280A3}" => not found
"C:\Windows\System32\Tasks\ASUS Live Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4121375D-B497-4533-B219-A1D7FA9841B0}" => not found
"C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Reed-PC-Reed" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Reed-PC-Reed" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E712919-BB95-4413-930A-8AEB6E430837}" => not found
"C:\Windows\System32\Tasks\ErrorFixKIT" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ErrorFixKIT" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DEDA583-1407-4B66-814A-04927145AE3E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81B95154-F41B-4AF5-AA0B-B08A8D55F322}" => not found
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83FB79A4-F763-4532-B148-5BAA868644F8}" => not found
"C:\Windows\System32\Tasks\WiseCleaner\WRCSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WRCSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9209BC06-83FB-4CAE-8B1B-52FBBF616CF6}" => not found
"C:\Windows\System32\Tasks\{E2703E98-714F-465D-ADCA-EF856F288C00}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E2703E98-714F-465D-ADCA-EF856F288C00}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9555A13C-5E9F-40C6-AF61-CA25C16A453A}" => not found
"C:\Windows\System32\Tasks\ParetoLogic Update Version3" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version3" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A1CD433-A19C-4B22-9D60-5957666C49D1}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A731E237-FBD6-46D5-BECF-8947CDFA7319}" => not found
"C:\Windows\System32\Tasks\{973B6F8D-197B-468A-8A6A-E5FB6FEAF5CA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{973B6F8D-197B-468A-8A6A-E5FB6FEAF5CA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6B74E04-9109-42F4-90BC-670FD1E0AA0E}" => not found
"C:\Windows\System32\Tasks\DeviceDetector" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DeviceDetector" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2CE401C-2AC3-422A-927F-76E6FFAAAFBC}" => not found
"C:\Windows\System32\Tasks\{0B246176-29A1-4AEE-9C95-55D0784432FA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0B246176-29A1-4AEE-9C95-55D0784432FA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D47CEC61-D331-411B-B6AF-01A24CA49E95}" => not found
"C:\Windows\System32\Tasks\svchostc" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\svchostc" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDDBC896-65C0-42F2-9725-3C61EECA04F3}" => not found
"C:\Windows\System32\Tasks\Win Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Win Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF2DD59C-CF85-428A-8B88-2A0C1A12E0D5}" => not found
"C:\Windows\System32\Tasks\{606C25E6-DE8A-4815-9B04-880CBDF4CF3D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{606C25E6-DE8A-4815-9B04-880CBDF4CF3D}" => not found
"C:\Windows\Tasks\Driver Easy Scheduled Scan.job" => not found
"C:\Windows\Tasks\ParetoLogic Update Version3.job" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"C:\Program Files (x86)\ProxyGate" => not found
pgt_svc => service not found.
Ltd. -> WinISO.com) => Error: No automatic fix found for this entry.
ZAM => service not found.
ZAM_Guard => service not found.
"C:\Windows\System32\drivers\zam64.sys" => not found
"C:\Windows\System32\drivers\zamguard64.sys" => not found
ahmtnt0w => service not found.
MBAMFarflt => service not found.
"C:\Windows\System32\Drivers\ahmtnt0w.sys" => not found
"C:\Windows\Tasks\Driver Easy Scheduled Scan.job" => not found
"C:\Windows\System32\Tasks\Driver Easy Scheduled Scan" => not found
"C:\Windows\ZAM.krnl.trace" => not found
"C:\Windows\ZAM_Guard.krnl.trace" => not found
VirusTotal: C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7 => D41D8CD98F00B204E9800998ECF8427E (0-byte MD5)
VirusTotal: C:\users\reed\documents\inv 2\j3.debug2.exe => https://www.virustotal.com/file/e91...2631359afc369d2e9885f688/analysis/1508010780/
VirusTotal: C:\users\reed\desktop\j3.debug try fix.exe => https://www.virustotal.com/file/e91...2631359afc369d2e9885f688/analysis/1508010780/

========================= Folder: c:\Intell ========================

not found.

====== End of Folder: ======


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3705052320-4263949473-626607969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3705052320-4263949473-626607969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========


Pýi kontaktov nˇ slu§by Windows Firewall doçlo k chybŘ. OvŘýte, zda je slu§ba spuçtŘn , a opakujte § dost.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Pýi kontaktov nˇ slu§by Windows Firewall doçlo k chybŘ. OvŘýte, zda je slu§ba spuçtŘn , a opakujte § dost.


========= End of CMD: =========


========= ipconfig /flushdns =========


Konfigurace protokolu IP syst‚mu Windows

MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11137022 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 209275425 B
Edge => 0 B
Chrome => 143418953 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 4000 B
Reed => 10849228 B

RecycleBin => 0 B
EmptyTemp: => 365.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:50:56 ====
 
Anti Rootkit Malvarebytes (ran in safe boot)
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
main: v2019.07.30.05
rootkit: v2019.07.30.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 11.0.9600.18617
Reed :: REED-PC [administrator]

30.7.2019 21:03:27
mbar-log-2019-07-30 (21-03-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 255098
Time elapsed: 48 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 
FRST.txt (ran in safe boot)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2019
Ran by Reed (administrator) on REED-PC (ASUSTeK Computer Inc. N55SF) (30-07-2019 21:52:59)
Running from C:\Users\Reed\Desktop
Loaded Profiles: Reed (Available Profiles: Reed)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () [File not signed]
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2019-04-18] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Run: [Google Update] => C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [28544 2013-01-16] (Xfire Inc -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2007-06-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32-x32: [VIDC.IV41] => IR41_32.AX
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\7k.exe: [{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb] -> GOG.com Seven Kingdoms
HKLM\Software\...\AppCompatFlags\Custom\SensibleSoccer2006.exe: [{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb] -> GOG.com Sensible Soccer 2006
HKLM\Software\...\AppCompatFlags\InstalledSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb [2012-12-31]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{981c8cc5-743b-4169-b0a2-51a102c187db}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb [2013-11-15]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] ->
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12367E90-19DC-44E5-9931-B550F84E42E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {26186FCE-ACB5-48DE-8035-613CF4886DFF} - System32\Tasks\{D2CA71E1-74B5-4D20-BB1C-2F4511B6A0ED} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {2D8637C3-7E65-47E7-BE97-6E8FB4906E59} - System32\Tasks\{0FC3624D-27C1-45FE-9D4A-5EE9D3756149} => D:\Program Files (x86)\NHL 09\EHANHL2014.exe
Task: {34CFE560-8D17-4373-AA89-E625ADC0BE20} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [503728 2011-06-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {36EB03C2-D39F-4C37-9A76-06F6C4898C4B} - System32\Tasks\{1B928C4B-9A85-40C8-A135-A738545AF442} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {6242BEEE-EBF2-4CCE-BEF9-B0E69D5E7E95} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [691328 2010-08-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {6BA63AB1-3F8E-4FB0-9E01-5BC9EC019D3E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. -> ASUS)
Task: {6E37A88D-212D-4ABE-8674-977C7C8EEF64} - System32\Tasks\{F1EE4110-EAAD-4709-918F-E881C418D19B} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {7B33CA1D-FD45-4036-8029-6A85A1580B4A} - System32\Tasks\{25BDA508-C959-4F7B-B5B7-0E350F90AABB} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {88E1D846-538E-4E6C-A889-64F98C1018F7} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [977024 2010-12-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {8E5D5943-3F56-46CE-9FD3-CC7E028160C8} - System32\Tasks\AdobeGCInvoker-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {90AAA977-9D8D-4C1F-ACF4-191859AA1078} - System32\Tasks\{E864E3BE-1267-4DA1-9D98-3824B577AF0E} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {95518706-2234-4ED0-90F5-8B4697C813DC} - System32\Tasks\{3328CD71-DA36-4E21-ABB0-3C1BE7034F32} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {97F8E206-3990-4A26-9FDC-A5410636C24B} - System32\Tasks\{E9B7CF52-E49B-4DD2-B62B-3D4FF9FD78AB} => C:\Windows\system32\pcalua.exe -a C:\Windows\ipuninst.exe -c -fD:\Program Files\Interplay\Fallout\uninst.log
Task: {A779AC48-9521-4C85-950E-FF3D17FBCF44} - System32\Tasks\{5498CDF1-4690-40F7-812E-D2741F6EA359} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {B067D43D-CE14-489E-822C-FC1398A122F8} - System32\Tasks\{8AA6F8DE-D0EA-4F49-B9DD-23C2931843C0} => C:\Windows\system32\pcalua.exe -a "D:\Users\C&C Generals and Zero Hour\setup.exe" -d "D:\Users\C&C Generals and Zero Hour"
Task: {B69A3DC4-DC0D-4343-86B1-223A9707EBCD} - System32\Tasks\{AB55C5BA-FD00-4F97-A8E5-F29C5592D651} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {BBF25F6A-7E8E-4813-B938-C9866CCB89FE} - System32\Tasks\{8AFACAB6-F618-4008-BCC8-5F19F0E5521A} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {C220F64E-67D4-4960-BE00-BC4F25F68DE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001Core => C:\Users\Reed\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C4E105A3-08B9-40F3-8C94-8B366317E040} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {DCF735B8-FBD7-4532-AA99-EC0EDFFD4303} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E7486484-F01D-4939-BCB5-B7D25FBA0552} - System32\Tasks\{E61AFD08-DD1E-4562-9A73-5FDF300B75AC} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {E77CAD3F-212B-40D1-A4A3-079B90B9751A} - System32\Tasks\{6D87A92F-7E48-4720-83A9-D8FD2BBEEAD0} => C:\Users\Reed\Desktop\DUKE3D\DUKE3D.EXE
Task: {EDB4EC8B-6204-47D0-A93D-D7AC9E7237F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {F53EBA85-9AE3-4FCD-8A2B-BFF1F6F7F7EB} - System32\Tasks\{E6A93B03-2FB5-4457-9F92-4E79625CB4D6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GOG.com\Heroes of Might and Magic 3 Complete\Install.exe" -d "C:\Program Files (x86)\GOG.com\Heroes of Might and Magic 3 Complete"
Task: {FBBBCF66-4D08-45EE-9327-E302B3F018CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FD7AB35E-6C52-4D76-B8B8-498FD9F18577} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001UA => C:\Users\Reed\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
Tcpip\..\Interfaces\{B564E423-6D2B-470C-9089-9C206ED0C0BC}: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation -> Microsoft Corporation.)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.ask.com/?l=dis&o=15383cr
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112555&tt=3412_1&babsrc=HP_ss&mntrId=30ad1a4e0000000000005404a6aa4adf","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default [2019-07-30]
CHR Extension: (Prezentace) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
StartMenuInternet: Google Chrome - C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros Communications Inc. -> Atheros) [File not signed]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1839616 2011-01-15] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
S2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-10-14] (Even Balance, Inc. -> )
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [202040 2019-07-25] (Even Balance, Inc. -> )
S2 rpcnetp; C:\Windows\System32\rpcnetp.exe [17920 2019-07-30] () [File not signed]
S2 rpcnetp; C:\Windows\SysWOW64\rpcnetp.exe [17920 2019-07-30] () [File not signed]
S2 Splashtop MDES; C:\ASUS.SYS\SIONExportService.exe [338208 2011-05-11] (DeviceVM Inc. -> Splashtop Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 DbgSvc; "I:\DebugDiag\DbgSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-30] (Malwarebytes Corporation -> Malwarebytes)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [307768 2016-12-03] (NVIDIA Corporation -> NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2019-05-30] () [File not signed]
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54872 2017-09-05] (Synaptics Incorporated -> Synaptics Incorporated)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-07-03] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft -> SIA Syncrosoft)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] (Intel(R) Turbo Boost Technology Monitor -> )
S2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-10-20] (ZJMedia Digital Technology Ltd. -> WinISO.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-30 21:52 - 2019-07-30 21:52 - 000002160 _____ C:\Users\Reed\Desktop\mbar-log-2019-07-30 (21-03-27).txt
2019-07-30 21:00 - 2019-07-30 21:00 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-30 20:08 - 2019-07-30 21:52 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2019-07-30 19:19 - 2019-07-30 21:03 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\247226CE.sys
2019-07-30 19:17 - 2019-07-30 21:52 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-07-30 19:16 - 2019-07-30 19:16 - 000000000 ____D C:\Users\Reed\Desktop\ROOTKIT
2019-07-30 19:15 - 2019-07-30 19:16 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Reed\Downloads\mbar-1.10.3.1001.exe
2019-07-30 18:53 - 2019-07-30 18:53 - 000000000 ____D C:\Program Files (x86)\GnuWin32
2019-07-30 18:51 - 2019-07-30 18:51 - 002038876 _____ (GnuWin <gnuwin32.sourceforge.net> ) C:\Users\Reed\Downloads\sed-4.2.1-setup.exe
2019-07-30 15:41 - 2019-07-30 17:38 - 000000000 ____D C:\Program Files\RogueKiller
2019-07-30 15:41 - 2019-07-30 15:42 - 000000000 ____D C:\ProgramData\RogueKiller
2019-07-30 15:41 - 2019-07-30 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-07-30 15:37 - 2019-07-30 15:40 - 030667800 _____ (Adlice Software ) C:\Users\Reed\Downloads\RogueKiller_setup.exe
2019-07-30 15:23 - 2019-07-30 15:23 - 000000000 ____D C:\Users\Reed\AppData\Roaming\PowerISO
2019-07-30 15:19 - 2019-07-30 15:19 - 000000774 _____ C:\Users\Public\Desktop\PowerISO.lnk
2019-07-30 15:19 - 2019-07-30 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2019-07-30 15:19 - 2019-07-30 15:19 - 000000000 ____D C:\Program Files\PowerISO
2019-07-30 15:19 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2019-07-30 15:17 - 2019-07-30 15:17 - 005143520 _____ (Power Software Ltd) C:\Users\Reed\Downloads\PowerISO7-x64.exe
2019-07-30 14:44 - 2019-07-30 14:44 - 000000000 ____D C:\Users\Reed\AppData\Local\mbamtray
2019-07-30 14:44 - 2019-07-30 14:44 - 000000000 ____D C:\Users\Reed\AppData\Local\mbam
2019-07-30 14:42 - 2019-07-30 14:42 - 000001829 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-30 14:42 - 2019-07-30 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-30 14:42 - 2019-07-30 14:42 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-30 14:42 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-30 14:40 - 2019-07-30 14:40 - 000074454 _____ C:\Users\Reed\Downloads\geek64.exe_1.4.6.140_6.1_x64_2019-7-30_12.40.35.dmp
2019-07-30 14:34 - 2019-07-30 14:41 - 064333800 _____ (Malwarebytes ) C:\Users\Reed\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.613-1.0.11270.exe
2019-07-30 14:15 - 2019-07-30 20:02 - 000000432 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-07-30 12:24 - 2019-07-30 14:26 - 000000000 ____D C:\ProgramData\Unity
2019-07-30 12:24 - 2019-07-30 12:24 - 000000000 ____D C:\Users\Reed\AppData\Local\Unity
2019-07-30 11:35 - 2019-07-30 11:35 - 000004073 _____ C:\Users\Reed\Downloads\fixlist.txt.crdownload
2019-07-30 11:06 - 2019-07-30 11:10 - 023138816 _____ C:\Users\Reed\Downloads\DebugDiagx64.msi
2019-07-30 10:24 - 2019-07-30 10:24 - 000078443 _____ C:\Users\Reed\Downloads\geek64.exe_1.4.6.140_6.1_x64_2019-7-30_8.24.19.dmp
2019-07-30 10:02 - 2019-07-30 10:12 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Geek Uninstaller
2019-07-30 10:02 - 2019-05-17 11:43 - 006304848 _____ (Geek Unіnstaller) C:\Users\Reed\Downloads\geek.exe
2019-07-30 09:46 - 2019-07-30 13:50 - 000026948 _____ C:\Users\Reed\Desktop\Fixlog.txt
2019-07-30 09:42 - 2019-07-30 09:42 - 002096128 _____ (Farbar) C:\Users\Reed\Desktop\FRST64.exe
2019-07-30 09:31 - 2019-07-30 09:32 - 002653400 _____ C:\Users\Reed\Downloads\geek.zip
2019-07-29 18:26 - 2019-07-29 18:26 - 000000187 _____ C:\QuickDiag.txt
2019-07-29 08:43 - 2019-07-29 08:45 - 000000000 ____D C:\Users\Reed\Desktop\Tmp Desktop
2019-07-29 07:52 - 2019-07-29 08:57 - 000000000 ____D C:\QuickDiag
2019-07-29 07:52 - 2019-07-29 07:47 - 005175192 _____ (SosVirus) C:\Users\Reed\Desktop\quickdiag_V5_27.02.19.1.bat
2019-07-29 07:48 - 2019-07-30 21:54 - 000025745 _____ C:\Users\Reed\Desktop\FRST.txt
2019-07-29 07:48 - 2019-07-30 13:14 - 000032860 _____ C:\Users\Reed\Desktop\Addition.txt
2019-07-29 06:41 - 2019-07-29 06:58 - 000099293 _____ C:\Users\Reed\Downloads\Addition.txt
2019-07-29 06:36 - 2019-07-29 06:58 - 000062875 _____ C:\Users\Reed\Downloads\FRST.txt
2019-07-29 06:35 - 2019-07-30 21:52 - 000000000 ____D C:\FRST
2019-07-28 18:23 - 2019-07-28 18:23 - 000001293 _____ C:\Users\Reed\Downloads\exe-fix-twc.zip
2019-07-28 18:23 - 2011-06-24 07:46 - 000003646 _____ C:\Users\Reed\Desktop\EXE_Fix_TWC.reg
2019-07-27 15:32 - 2019-07-28 11:14 - 000000000 ____D C:\Users\Reed\Documents\testturret
2019-07-21 14:37 - 2019-07-21 14:55 - 000000000 ____D C:\Users\Reed\Desktop\Downloaded
2019-07-17 09:26 - 2019-07-17 09:26 - 000000000 ____D C:\Windows\pss
2019-07-15 22:20 - 2019-07-15 22:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Steam
2019-07-15 09:31 - 2017-12-22 19:34 - 000009302 _____ C:\Users\Reed\Desktop\TurretRotation.cs
2019-07-15 09:28 - 2019-07-15 09:29 - 000529592 _____ C:\Users\Reed\Downloads\GunTurrets-master.zip
2019-07-14 12:55 - 2019-07-14 12:56 - 000000000 ____D C:\Users\Reed\AppData\Roaming\L4D2AOI
2019-07-14 12:55 - 2019-07-14 12:55 - 000000000 ____D C:\Users\Reed\AppData\Local\[SAO]_Peter
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Sublime Text 3
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Sublime Text 3
2019-07-13 23:56 - 2019-07-13 23:56 - 000000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2019-07-13 23:56 - 2019-07-13 23:56 - 000000000 ____D C:\Program Files\Sublime Text 3
2019-07-13 23:51 - 2019-07-01 17:35 - 000000000 ____D C:\Users\Reed\Desktop\p5
2019-07-13 23:01 - 2019-07-30 11:30 - 000000000 ____D C:\Users\Reed\Downloads\WPy64-3720
2019-07-13 22:32 - 2019-07-13 22:32 - 000000000 ____D C:\Program Files\VideoLAN
2019-07-13 22:29 - 2019-07-10 19:23 - 048807962 _____ C:\Users\Reed\Desktop\VID_20190710_192332.mp4
2019-07-13 21:58 - 2019-07-07 11:28 - 000000000 ____D C:\Users\Reed\Desktop\eric6-19.7
2019-07-13 21:56 - 2019-07-13 21:58 - 019806343 _____ C:\Users\Reed\Downloads\eric6-19.7.zip
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Wing Personal 7
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Local\Wing Personal 7
2019-07-13 21:44 - 2019-07-13 21:45 - 000000000 ____D C:\Users\Reed\Desktop\Wing Personal 7.0.4
2019-07-13 21:38 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Jedi
2019-07-13 21:37 - 2019-07-13 21:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Spyder
2019-07-13 21:36 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed\.spyder-py3
2019-07-13 21:36 - 2019-07-13 21:36 - 000000000 ____D C:\Users\Reed\.matplotlib
2019-07-13 21:35 - 2019-07-13 21:40 - 000000043 _____ C:\Users\Reed\.condarc
2019-07-13 21:35 - 2019-07-13 21:40 - 000000000 ____D C:\Users\Reed\.conda
2019-07-13 21:35 - 2019-07-13 21:35 - 000000000 ____D C:\Users\Reed\AppData\Local\conda
2019-07-13 21:34 - 2019-07-13 21:34 - 000000000 ____D C:\Users\Reed\.anaconda
2019-07-11 17:55 - 2019-07-27 10:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Processing
2019-07-11 17:55 - 2019-07-23 17:30 - 000000000 ____D C:\Users\Reed\Documents\Processing
2019-07-11 17:52 - 2019-02-03 17:37 - 000000000 ____D C:\Users\Reed\Desktop\processing-3.5.3
2019-07-10 14:13 - 2019-07-23 12:58 - 000000000 ____D C:\Users\Reed\Desktop\ALLNIGHTER 2
2019-07-10 09:39 - 2019-07-30 14:45 - 000000000 ____D C:\Users\Reed\Documents\All Nighter 2
2019-07-09 17:16 - 2019-07-09 17:20 - 000000000 ____D C:\Users\Reed\Documents\Nellie
2019-07-08 15:55 - 2019-07-08 17:11 - 000000000 ____D C:\Users\Reed\Documents\Sparky
2019-07-08 09:56 - 2019-07-08 14:34 - 000000000 ____D C:\Users\Reed\Documents\Carvival Springston
2019-07-07 13:51 - 2019-07-08 15:53 - 000000000 ____D C:\Users\Reed\Documents\Shader Old Unit
2019-07-07 11:48 - 2019-07-09 16:46 - 000000000 ____D C:\Users\Reed\Documents\Stencil
2019-07-07 11:38 - 2019-07-07 11:49 - 000000736 _____ C:\Users\Reed\Desktop\Controller1.cs
2019-07-07 11:37 - 2019-07-07 11:49 - 000000129 _____ C:\Users\Reed\Desktop\Shader.cs
2019-07-05 18:13 - 2019-07-09 17:00 - 000000000 ____D C:\Users\Reed\Documents\Mining Corporation
2019-07-05 16:22 - 2019-07-09 12:06 - 000000000 ____D C:\Users\Reed\Desktop\Grimster
2019-07-04 16:01 - 2019-07-04 16:01 - 000015004 _____ C:\Users\Reed\Documents\box.fbx
2019-07-04 15:58 - 2019-07-04 15:58 - 000013212 _____ C:\Users\Reed\Desktop\plocha.fbx
2019-07-03 15:49 - 2019-07-03 15:49 - 000001262 _____ C:\Users\Reed\Desktop\Continue Installation.lnk
2019-07-02 13:49 - 2019-07-02 13:50 - 000000000 ____D C:\Users\Reed\Desktop\SFPS
2019-07-02 12:29 - 2019-07-02 12:29 - 000000000 ____D C:\Users\Reed\Desktop\multiplayer-fps-assets
2019-07-01 09:17 - 2019-07-05 14:13 - 000000000 ____D C:\Users\Reed\Documents\Secret Fps Multiplayer

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-30 21:52 - 2018-09-05 19:41 - 001480980 _____ C:\Windows\ntbtlog.txt
2019-07-30 20:59 - 2017-04-01 22:13 - 000017920 _____ C:\Windows\system32\rpcnetp.exe
2019-07-30 20:59 - 2014-07-20 19:30 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.exe
2019-07-30 20:10 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-30 20:10 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-30 20:02 - 2015-10-18 18:15 - 000000012 ____H C:\dvmexp.idx
2019-07-30 20:02 - 2012-01-12 20:51 - 000045056 _____ C:\Windows\system32\acovcnt.exe
2019-07-30 20:02 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-30 19:19 - 2015-11-28 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-30 19:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-07-30 18:59 - 2012-01-12 20:38 - 000003050 _____ C:\Windows\system32\AutoRunFilter.ini
2019-07-30 18:58 - 2014-07-20 19:31 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.dll
2019-07-30 18:57 - 2019-01-12 13:17 - 000000000 ____D C:\Users\Reed\AppData\Local\Everything
2019-07-30 18:57 - 2019-01-10 13:45 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Everything
2019-07-30 15:32 - 2016-08-27 17:15 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CC2499C5-D81A-41E2-AF7B-45E2C05C6CD1}
2019-07-30 15:02 - 2019-03-05 13:01 - 000000000 ____D C:\rei
2019-07-30 14:56 - 2016-12-04 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2Near the Edge
2019-07-30 14:44 - 2012-07-07 13:08 - 000000000 ____D C:\Users\Reed\AppData\Local\ElevatedDiagnostics
2019-07-30 14:35 - 2018-02-22 13:57 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Opera Software
2019-07-30 14:35 - 2018-02-22 13:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Opera Software
2019-07-30 14:35 - 2018-02-22 13:54 - 000000000 ____D C:\Program Files\Opera
2019-07-30 13:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2019-07-30 12:38 - 2011-02-19 07:36 - 000680528 _____ C:\Windows\system32\perfh005.dat
2019-07-30 12:38 - 2011-02-19 07:36 - 000145496 _____ C:\Windows\system32\perfc005.dat
2019-07-30 12:38 - 2009-07-14 07:13 - 001615506 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-30 12:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-30 11:35 - 2012-01-12 20:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-07-30 11:12 - 2013-02-20 19:52 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2019-07-30 11:02 - 2012-12-21 12:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2019-07-30 10:55 - 2019-01-29 12:56 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2019-07-30 10:40 - 2018-12-30 19:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-07-30 10:38 - 2015-11-30 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2019-07-30 10:35 - 2016-08-27 17:15 - 000000000 ____D C:\Program Files (x86)\NeoSmart Technologies
2019-07-30 09:48 - 2016-05-17 15:59 - 000000000 ____D C:\Users\Reed\AppData\LocalLow\Temp
2019-07-30 09:47 - 2019-01-29 12:39 - 000000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2019-07-30 09:47 - 2014-08-05 14:48 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2019-07-30 09:29 - 2013-03-14 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Adobe
2019-07-29 19:21 - 2018-10-28 15:52 - 000000000 ____D C:\Users\Reed\AppData\Roaming\vlc
2019-07-29 08:26 - 2012-07-03 17:07 - 000000000 ____D C:\Users\Reed\AppData\Local\CrashDumps
2019-07-28 15:01 - 2018-09-11 15:15 - 000000000 ____D C:\Program Files\EditPlus
2019-07-27 15:32 - 2016-09-16 18:30 - 000000000 ____D C:\Users\Reed\AppData\LocalLow\DefaultCompany
2019-07-26 14:55 - 2015-11-22 23:09 - 000000132 _____ C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-07-25 19:08 - 2014-08-14 23:38 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-07-25 19:07 - 2012-07-03 15:22 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-07-25 18:55 - 2016-10-14 18:09 - 000000000 ____D C:\Users\Reed\AppData\Local\CallofDuty4MW
2019-07-25 12:36 - 2016-01-16 15:43 - 000000816 _____ C:\WifiInfo.ini.enc
2019-07-21 23:16 - 2019-04-01 17:44 - 000000000 ____D C:\Users\Reed\Desktop\picturrs
2019-07-18 09:51 - 2019-02-20 21:33 - 000000000 ____D C:\Users\Reed\Desktop\AllNighter
2019-07-17 10:00 - 2019-03-19 17:24 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Discord
2019-07-16 10:18 - 2012-07-06 19:18 - 000002415 _____ C:\Users\Reed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-15 22:31 - 2009-07-14 07:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-14 11:19 - 2014-05-02 15:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-14 11:19 - 2012-01-12 20:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-07-14 11:19 - 2012-01-12 20:18 - 000000000 ____D C:\Program Files (x86)\Intel
2019-07-14 11:17 - 2012-01-12 20:25 - 000000000 ____D C:\ProgramData\Intel
2019-07-13 21:36 - 2012-07-03 14:02 - 000000000 ____D C:\Users\Reed
2019-07-12 12:20 - 2019-02-20 15:31 - 000000000 ____D C:\Users\Reed\Documents\All Nighter
2019-07-09 22:24 - 2016-08-30 11:15 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-09 22:24 - 2016-08-30 11:15 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-09 22:24 - 2016-08-30 11:15 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-09 22:24 - 2011-10-20 00:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-09 22:05 - 2012-07-20 14:57 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-05 18:12 - 2019-06-28 17:33 - 000000000 ____D C:\Users\Reed\Documents\Grim of The Ages

==================== Files in the root of some directories ================

2016-06-12 15:16 - 2016-06-12 15:16 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2017-10-01 16:48 - 2017-10-01 16:48 - 000000878 _____ () C:\Users\Reed\exe.reg
2012-07-03 17:14 - 2011-07-11 22:48 - 000083456 _____ () C:\Users\Winamp\burnlib.dll
2012-07-03 17:14 - 2011-07-11 22:48 - 000028288 _____ (Nullsoft, Inc.) C:\Users\Winamp\Elevator.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000046080 _____ (Nullsoft, Inc.) C:\Users\Winamp\elevatorps.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000136192 _____ () C:\Users\Winamp\libFLAC.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000180224 _____ () C:\Users\Winamp\libmp4v2.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000253440 _____ () C:\Users\Winamp\libsndfile.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000078848 _____ () C:\Users\Winamp\nde.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000410624 _____ () C:\Users\Winamp\nsutil.dll
2012-07-03 17:14 - 2011-03-16 16:01 - 000199152 _____ (Sonic Solutions) C:\Users\Winamp\pxsdkpls.DLL
2012-07-03 17:14 - 2011-09-26 16:01 - 000083968 _____ () C:\Users\Winamp\tataki.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000370129 _____ (Nullsoft, Inc.) C:\Users\Winamp\UninstWA.exe
2012-07-03 17:14 - 2011-07-11 22:48 - 001595520 _____ (Nullsoft, Inc.) C:\Users\Winamp\winamp.exe
2012-07-03 17:14 - 2011-07-11 22:47 - 000074752 _____ (Nullsoft, Inc.) C:\Users\Winamp\winampa.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000047616 _____ () C:\Users\Winamp\zlib.dll
2018-10-26 19:12 - 2018-10-26 19:12 - 000001414 _____ () C:\Users\Reed\AppData\Roaming\.minecraft – zástupce.lnk
2015-09-05 11:35 - 2018-01-16 13:14 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-11-22 23:09 - 2019-07-26 14:55 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-04-20 11:01 - 2018-04-20 11:01 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FC29FA0894FE.ini
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileIn.cns
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileOut.cns
2017-09-26 23:02 - 2017-09-26 23:06 - 000000115 _____ () C:\Users\Reed\AppData\Roaming\LogFile.txt
2018-01-24 17:10 - 2019-05-23 23:32 - 000000961 _____ () C:\Users\Reed\AppData\Roaming\MPQEditor.ini
2015-05-14 22:47 - 2015-05-14 22:47 - 001249792 _____ (http://www.ruby-lang.org/) C:\Users\Reed\AppData\Roaming\msvcr90-ruby191.dll
2019-01-03 21:49 - 2019-01-03 21:49 - 000001456 _____ () C:\Users\Reed\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-07-03 19:52 - 2018-09-13 16:08 - 000034816 _____ () C:\Users\Reed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-06 12:52 - 2017-11-06 12:52 - 000000058 _____ () C:\Users\Reed\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2019-02-08 12:29 - 2019-02-08 12:29 - 000000000 _____ () C:\Users\Reed\AppData\Local\oobelibMkey.log
2014-01-24 17:27 - 2014-11-25 23:33 - 000028175 _____ () C:\Users\Reed\AppData\Local\Perfmon.PerfmonCfg
2019-03-13 00:43 - 2019-03-13 00:43 - 000000218 _____ () C:\Users\Reed\AppData\Local\recently-used.xbel
2012-07-26 21:45 - 2015-04-05 11:44 - 000007597 _____ () C:\Users\Reed\AppData\Local\Resmon.ResmonCfg
2016-02-11 20:57 - 2016-02-11 20:57 - 000000000 _____ () C:\Users\Reed\AppData\Local\{5CD4D4E9-0A5E-4B5C-A285-0EB9021E4C19}

==================== FLock ================

2015-10-21 12:29 C:\ProgramData\CrazyBump

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-26 10:45
==================== End of FRST.txt ============================
 
Addition.txt (ran in safe boot)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Reed (30-07-2019 21:54:42)
Running from C:\Users\Reed\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-03 12:02:07)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

948C0E24B46E49D0BB35 (S-1-5-21-3705052320-4263949473-626607969-1020 - Limited - Enabled)
Administrator (S-1-5-21-3705052320-4263949473-626607969-500 - Administrator - Disabled)
Guest (S-1-5-21-3705052320-4263949473-626607969-501 - Limited - Disabled)
Reed (S-1-5-21-3705052320-4263949473-626607969-1001 - Administrator - Enabled) => C:\Users\Reed

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
3GP Player 1.1.5 (HKLM-x32\...\3GP Player_is1) (Version: - Bobabo)
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: - )
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Brackets (HKLM-x32\...\{9E1DE4E6-DA6C-46E9-9EF2-15189E534511}) (Version: 1.11 - brackets.io)
Budík (HKLM-x32\...\{762BC342-BEB1-42D4-BE99-C096189484FA}_is1) (Version: 1511250 - Ondřej Cenek)
C++ to C# Converter (HKLM-x32\...\C++ to C# Converter_is1) (Version: - Tangible Software Solutions)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Croc (HKLM-x32\...\Croc) (Version: - )
Croc 2 (HKLM-x32\...\Croc 2) (Version: - )
CVPiano-Modeled (HKLM-x32\...\CVPiano-Modeled) (Version: - )
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dopefish Screen Saver v1.00 (HKLM-x32\...\ST5UNST #1) (Version: - )
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EditPlus (64 bit) (HKLM\...\EditPlus) (Version: - ES-Computing)
EditPlus (HKLM-x32\...\EditPlus) (Version: - ES-Computing)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free 3GP Player (HKLM-x32\...\{5D6999FF-7382-45ED-8893-4EB33DC6701B}_is1) (Version: - free3gpplayer.com)
Free Audio Recorder 6.6.6.a (HKLM-x32\...\EE9C4A93-0E83-4C66-9802-5DC13C189C12_is1) (Version: - Accmeware Corporation)
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Freelang (HKLM-x32\...\{0F44DC3F-6E62-4AB1-A14B-56223C512F9B}_is1) (Version: 4.3.0.0 - Freelang.net)
Freelang (HKLM-x32\...\{A09E2D66-B931-415C-A9DE-FF030AB5AD77}_is1) (Version: - Freelang)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GnuWin32: sed-4.2.1 (HKLM-x32\...\sed-4.2.1_is1) (Version: 4.2.1 - GnuWin)
Google Chrome (HKU\S-1-5-21-3705052320-4263949473-626607969-1001\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GreenBrowser (HKLM-x32\...\GreenBrowser_is1) (Version: - MoreQuick.com)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{7F104712-BE1D-4359-B8EA-8003E9721001}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{99A768BB-C508-44E5-AE78-72ABE55728CF}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation)
iZotope RX Final Mix (HKLM-x32\...\iZotope RX Final Mix_is1) (Version: 1.01 - iZotope, Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MediaPlayerLite 0.5.4.0 (HKLM-x32\...\MediaPlayerLite) (Version: 0.5.4.0 - MediaPlayerLite)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mono for Windows (x86) (HKLM-x32\...\{E504EC8B-E776-470E-A3A4-B260D1586D93}) (Version: 4.6.0 - Xamarin, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.5.3 (HKLM-x32\...\OpenTTD) (Version: 1.5.3 - OpenTTD)
Ovládací panel NVIDIA 268.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 268.74 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
Primal Rage, CD-ROM (DOS, 1995) (HKLM-x32\...\{4977027D-598F-4BB0-8EF3-AFD7A36F83ED}_is1) (Version: 2.0 - DJ OldGames)
Programmer's Notepad (HKLM-x32\...\{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1) (Version: 2.4.2.1440 - Simon Steele)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32\...\{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Development Libraries (32-bit) (HKLM-x32\...\{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Documentation (32-bit) (HKLM-x32\...\{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Executables (32-bit) (HKLM-x32\...\{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32\...\{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Standard Library (32-bit) (HKLM-x32\...\{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Test Suite (32-bit) (HKLM-x32\...\{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32\...\{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Rex (HKLM-x32\...\Rex) (Version: - )
RogueKiller version 13.3.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.2.0 - Adlice Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SunsetScreen (HKLM\...\{155DF28A-39B0-4447-BA5F-4347AC6A3197}) (Version: - Skytopia)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Syncrosoft License Control (HKLM-x32\...\Syncrosoft License Control) (Version: - SIA Syncrosoft)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TexturePacker (HKLM\...\{2C3FE65C-210B-46BF-B18B-1734A0DAD96A}) (Version: 4.12.0 - code-and-web.de)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Voxengo OldSkoolVerb (HKLM\...\Voxengo OldSkoolVerb_is1) (Version: 2.4.1 - Voxengo)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.6137 - WinISO Computing Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\75.0.3770.142\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender2\BlendThumb64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3705052320-4263949473-626607969-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Reed\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB -> Axantum Software AB)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2016-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB -> Axantum Software AB)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Reed\Desktop\C++ to C# Converter.bat – zástupce.lnk -> C:\Program Files\Tangible Software Solutions\CPlusPlus to CSharp Converter\C++ to C# Converter.bat (Tangible Software Solutions, Inc.)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\chrome.bat – zástupce.lnk -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.bat (Google Inc.)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\SunsetScreen.bat – zástupce.lnk -> C:\Program Files (x86)\SunsetScreen\SunsetScreen.bat (Daniel White)
Shortcut: C:\Users\Reed\Desktop\programs\plocha 18 12 17\SystemExplorer.bat – zástupce.lnk -> C:\Program Files (x86)\System Explorer\SystemExplorer.bat (No File)

ShortcutWithArgument: C:\Users\Reed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl

==================== Loaded Modules (Whitelisted) ==============

2010-04-01 04:55 - 2010-04-01 04:55 - 000221184 _____ ( ) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2011-03-13 20:58 - 2011-03-13 20:58 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-03-13 20:58 - 2011-03-13 20:58 - 000315552 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2011-05-25 09:09 - 2011-05-25 09:09 - 000227840 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-07-28 10:48 - 2011-07-28 10:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 11:37 - 2011-07-29 11:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2015-12-12 00:07 - 2015-12-12 00:07 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2009-10-29 03:41 - 2009-10-29 03:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-07-30 09:47 - 2019-07-30 13:49 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2019-07-30 14:15 - 2019-07-30 20:02 - 000000432 _____ C:\Windows\system32\drivers\etc\hosts.ics

10.5.49.232 Reed-PC.mshome.net # 2024 7 0 28 18 2 39 341

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\backburner\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Autodesk Licensing Service => 2
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Discord => C:\Users\Reed\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13D109FD-9785-4CDB-9999-C718FD0C6128}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FA6CD2B-E5B3-40B9-904B-498FDFB5B0DD}] => (Allow) LPort=2869
FirewallRules: [{BE4F4636-8314-4F0B-8748-702AF44E6B57}] => (Allow) LPort=1900
FirewallRules: [{BA728B4A-BE4B-4C89-9928-6E17DAE5D7CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55A90296-D690-46AF-9E66-1C2971C93581}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{838871E8-9EA2-47AD-A256-AA7D64415396}C:\users\winamp\winamp.exe] => (Allow) C:\users\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{F4BACF3A-AF54-4332-845C-5065F65E15BD}C:\users\winamp\winamp.exe] => (Allow) C:\users\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{4D34563F-838D-43E6-921F-F18009762554}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1EDFD3E7-B059-4830-81BE-C95A0983D015}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8C84B41F-6506-4495-A481-905340D44C7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D30DBE4D-EACE-407D-BAFD-5F067FB7002A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{EF66DCBE-E49E-49A0-A08B-B04C6B838132}C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe] => (Block) C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe (Force Project X) [File not signed]
FirewallRules: [UDP Query User{A451BE03-114A-413F-BA41-F4E6058C6D77}C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe] => (Block) C:\users\reed\appdata\local\apps\2.0\ptp8tnzk.1zd\02rryl7t.8m7\kong..tion_0000000000000000_0000.0001_ad4afaad19afb7da\konghacktrainer.exe (Force Project X) [File not signed]
FirewallRules: [{28C38595-8C92-4B52-9C1C-AF29F2B8477C}] => (Allow) C:\Users\Reed\AppData\Roaming\uTorrent\utorrent.exe No File
FirewallRules: [{B3A1B571-60B9-4A69-9BAB-4DD4B7D377CC}] => (Allow) C:\Users\Reed\AppData\Roaming\uTorrent\utorrent.exe No File
FirewallRules: [TCP Query User{D6ABD98B-C5AD-42A4-9901-C3FD692A0E09}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [UDP Query User{A3F72D15-A548-4367-8455-1B465AD4DC68}D:\program files\unity\editor\unity.exe] => (Block) D:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [TCP Query User{2C568322-BD32-4C36-9A9A-78A5B2D6B149}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{275D58BA-7C21-4F42-AF82-F48AA405E987}D:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) D:\program files\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [{C870E144-BFC1-4CAF-AFE4-CEF1A2ACB467}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5F609C9E-A1DF-43E5-A0EE-0660A5B4D3BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{14D6D3D9-19B0-4486-958E-6D834DD54146}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9B037AC9-6A4D-4CC4-B690-A93C37744C3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{3C406968-DA62-4BF1-ADD0-0A41EDD8F528}D:\project reality\project reality bf2\prbf2.exe] => (Allow) D:\project reality\project reality bf2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [UDP Query User{A96B68A8-F4A4-404C-8DAD-168E0601EC4B}D:\project reality\project reality bf2\prbf2.exe] => (Allow) D:\project reality\project reality bf2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [TCP Query User{24B633D4-8FF5-40C3-B2CE-E851AA7B9344}C:\users\reed\appdata\local\google\chrome\application\chrome.bat] => (Block) C:\users\reed\appdata\local\google\chrome\application\chrome.bat (Google Inc -> Google Inc.)
FirewallRules: [UDP Query User{2A8C5E1A-C2E9-4AD9-8438-C293BCC8124F}C:\users\reed\appdata\local\google\chrome\application\chrome.bat] => (Block) C:\users\reed\appdata\local\google\chrome\application\chrome.bat (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{73516546-34AF-406D-8ADC-0FEEDF89A6BA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4D010F15-B9C2-4F5E-9CE5-7D8A96E8EF07}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{2F1583AA-C21D-4968-A5E6-DF4DE4731020}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{E934CC45-E9A6-40A7-BFB9-66A5F614D82B}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{5905740E-8240-4027-93C6-92A4031E71D5}C:\users\reed\documents\summer fires\summerdebug.exe] => (Allow) C:\users\reed\documents\summer fires\summerdebug.exe () [File not signed]
FirewallRules: [UDP Query User{4541C0CE-2F65-40C9-BBCD-5058F96728B1}C:\users\reed\documents\summer fires\summerdebug.exe] => (Allow) C:\users\reed\documents\summer fires\summerdebug.exe () [File not signed]
FirewallRules: [TCP Query User{792311DA-DF83-4FEF-9F9B-DFA2CC2BB3C1}F:\flatout\flatout2.exe] => (Allow) F:\flatout\flatout2.exe No File
FirewallRules: [UDP Query User{115F2D85-55F0-4A48-9771-E0687D5C0A31}F:\flatout\flatout2.exe] => (Allow) F:\flatout\flatout2.exe No File
FirewallRules: [TCP Query User{DB0B4F5B-7B52-456E-835A-CAB2038D55EC}C:\users\reed\documents\suma sumarum\suamrumd.exe] => (Allow) C:\users\reed\documents\suma sumarum\suamrumd.exe () [File not signed]
FirewallRules: [UDP Query User{83D3C9B1-C04E-47DF-9450-210D1478C001}C:\users\reed\documents\suma sumarum\suamrumd.exe] => (Allow) C:\users\reed\documents\suma sumarum\suamrumd.exe () [File not signed]
FirewallRules: [TCP Query User{C0620B27-74AB-43B2-958E-174B8D2139F8}C:\programdata\oracle\java\javapath_target_948033\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_948033\javaw.exe
FirewallRules: [UDP Query User{38D31849-585F-4144-950D-5178CA6C0100}C:\programdata\oracle\java\javapath_target_948033\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_948033\javaw.exe
FirewallRules: [{5142E19D-8E58-4348-8046-482C20F7AB0E}] => (Allow) F:\SiSoftware\SiSoftware Sandra Lite Titanium.SP2\WNt600x64\RpcSandraSrv.exe No File
FirewallRules: [TCP Query User{A9347348-8DC9-469C-BBBF-0B19E31F05A6}C:\users\reed\documents\inventory\inventory try.exe] => (Allow) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [UDP Query User{719364A1-C500-41D0-BE3F-B5EFD570103C}C:\users\reed\documents\inventory\inventory try.exe] => (Allow) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{61FAD62B-4769-4D6D-ABFB-164499FCC763}] => (Block) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{881B41BC-4D61-4FB9-A960-3ACC51F562C4}] => (Block) C:\users\reed\documents\inventory\inventory try.exe () [File not signed]
FirewallRules: [{363E1A15-7E18-40F5-99A7-509AE5955A66}] => (Allow) D:\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [{76B2996A-9F14-4526-9E26-03B3D5ABDC90}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{2CA39F43-7A29-43E3-9B03-3FF63B07D142}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{CDF056CC-87F1-45E5-BF3F-5BF9D431233A}] => (Allow) D:\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [TCP Query User{A8AB9964-C177-4466-B8A1-2A4831FD7D39}C:\users\reed\documents\dum dum\power the rush ultra phantom.exe] => (Allow) C:\users\reed\documents\dum dum\power the rush ultra phantom.exe () [File not signed]
FirewallRules: [UDP Query User{30DF4C03-C7B1-4240-A0D2-FE1C6F5A3C77}C:\users\reed\documents\dum dum\power the rush ultra phantom.exe] => (Allow) C:\users\reed\documents\dum dum\power the rush ultra phantom.exe () [File not signed]
FirewallRules: [TCP Query User{56362B29-67D8-437B-8B21-732ED5C8407F}C:\users\reed\documents\inv 2\j3.debug2.exe] => (Allow) C:\users\reed\documents\inv 2\j3.debug2.exe () [File not signed]
FirewallRules: [UDP Query User{2F4FFEE9-AECE-4462-8D58-A2478D44898B}C:\users\reed\documents\inv 2\j3.debug2.exe] => (Allow) C:\users\reed\documents\inv 2\j3.debug2.exe () [File not signed]
FirewallRules: [TCP Query User{2CBA7713-1C83-4D6C-8249-7AC1184E90AE}C:\users\reed\desktop\j3.debug try fix.exe] => (Allow) C:\users\reed\desktop\j3.debug try fix.exe () [File not signed]
FirewallRules: [UDP Query User{5F5ACCCF-A7C7-4BF2-A073-52FBB14E21D9}C:\users\reed\desktop\j3.debug try fix.exe] => (Allow) C:\users\reed\desktop\j3.debug try fix.exe () [File not signed]
FirewallRules: [TCP Query User{D6C43DCF-C233-4D7A-A968-A001AEF9A921}C:\users\reed\desktop\j3.debug try fix newest.exe] => (Block) C:\users\reed\desktop\j3.debug try fix newest.exe () [File not signed]
FirewallRules: [UDP Query User{885C0423-3C29-43DB-A6B8-AC9963AB867E}C:\users\reed\desktop\j3.debug try fix newest.exe] => (Block) C:\users\reed\desktop\j3.debug try fix newest.exe () [File not signed]
FirewallRules: [TCP Query User{08C12139-0F21-40E1-A50D-AF875D256EE6}C:\users\reed\desktop\hry\ttd\openttd.exe] => (Allow) C:\users\reed\desktop\hry\ttd\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [UDP Query User{893D12BE-374C-43A6-9566-79D8EA753887}C:\users\reed\desktop\hry\ttd\openttd.exe] => (Allow) C:\users\reed\desktop\hry\ttd\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [TCP Query User{85BE4F5A-D67D-4816-ACFE-DD2D81CA14FD}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS) [File not signed]
FirewallRules: [UDP Query User{81B0848D-FE6C-4E6E-9222-2F0DC75860F9}D:\unity\editor\unity.exe] => (Block) D:\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{65957DB8-0DD5-498B-9EA6-76722E302BB9}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{CF986076-AC79-4FAE-AADC-2AD8528A4120}D:\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [TCP Query User{4701F919-D2D2-45DF-8931-7F2D05E33D41}C:\users\reed\documents\secret fps multiplayer\cross develop.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop.exe () [File not signed]
FirewallRules: [UDP Query User{F5CA34E8-5B6A-4207-ADD4-90B62F62220F}C:\users\reed\documents\secret fps multiplayer\cross develop.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop.exe () [File not signed]
FirewallRules: [TCP Query User{197A6FD7-F657-433A-A95B-81B557BEFEEC}C:\users\reed\documents\secret fps multiplayer\cross develop2.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop2.exe () [File not signed]
FirewallRules: [UDP Query User{0B766C98-D3A7-496A-924F-A2803AAFB9E9}C:\users\reed\documents\secret fps multiplayer\cross develop2.exe] => (Allow) C:\users\reed\documents\secret fps multiplayer\cross develop2.exe () [File not signed]
FirewallRules: [TCP Query User{18CAACE7-DAFA-48B2-8C79-025D880BDE1A}C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe
FirewallRules: [UDP Query User{FBAA63F3-A383-473D-A4AC-BA968A2370E3}C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe] => (Allow) C:\users\reed\desktop\processing-3.5.3\java\bin\java.exe
FirewallRules: [{E82F537F-E8B9-46A5-964F-D25E2910689C}] => (Allow) C:\Users\Reed\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{90041252-FE22-4D91-A427-F86F36FFBD35}C:\users\reed\documents\all nighter 2\all nighter 2 brain dead d.exe] => (Block) C:\users\reed\documents\all nighter 2\all nighter 2 brain dead d.exe () [File not signed]
FirewallRules: [UDP Query User{70A2A271-8ABA-4E0A-A2B7-490936BA9199}C:\users\reed\documents\all nighter 2\all nighter 2 brain dead d.exe] => (Block) C:\users\reed\documents\all nighter 2\all nighter 2 brain dead d.exe () [File not signed]
FirewallRules: [TCP Query User{2F66ED98-8E0D-44C7-8199-01540C6FD80A}F:\jindra\unity\editor\unity.exe] => (Allow) F:\jindra\unity\editor\unity.exe No File
FirewallRules: [UDP Query User{B9364A70-A77C-4342-B17B-C17A252183C0}F:\jindra\unity\editor\unity.exe] => (Allow) F:\jindra\unity\editor\unity.exe No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:196.29 GB) (Free:50.68 GB) (26%)

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2019 01:54:50 PM) (Source: MsiInstaller) (EventID: 11719) (User: Reed-PC)
Description: Product: Debug Diagnostics 2 Update 2 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (07/30/2019 12:25:22 PM) (Source: MsiInstaller) (EventID: 11719) (User: Reed-PC)
Description: Product: Debug Diagnostics 2 Update 2 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (07/30/2019 12:23:01 PM) (Source: MsiInstaller) (EventID: 11719) (User: Reed-PC)
Description: Product: Debug Diagnostics 2 Update 2 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (07/30/2019 11:38:26 AM) (Source: MsiInstaller) (EventID: 11721) (User: Reed-PC)
Description: Product: Backburner -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: StopBBManagerService, location: C:\Program Files (x86)\Autodesk\backburner\managersvc.exe, command: -r

Error: (07/30/2019 10:39:18 AM) (Source: MsiInstaller) (EventID: 10005) (User: Reed-PC)
Description: Product: Python 3.7.3 pip Bootstrap (32-bit) -- No Python 3.7 installation was detected.

Error: (07/30/2019 10:24:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/30/2019 10:24:20 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=3800} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/30/2019 10:11:19 AM) (Source: MsiInstaller) (EventID: 11719) (User: Reed-PC)
Description: Product: Autodesk 3ds Max 8 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.


System errors:
=============
Error: (07/30/2019 09:52:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (07/30/2019 09:30:30 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:30:29 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:30:28 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:30:11 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:30:10 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:29:51 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (07/30/2019 09:29:50 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.


Windows Defender:
===================================
Date: 2019-03-25 09:55:25.319
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:Misleading:Win32/Lodi
ID:240849
Závažnost:Vysoké
Kategorie:Potenciálně nežádoucí software
Nalezeno v cestě:file:C:\Program Files (x86)\WinThruster\WinThruster.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster\WinThruster.lnk;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster\WinThruster.lnk
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2018-01-04 10:58:05.797
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{4F46CF60-0B18-435E-8C0A-FAB6BA1A8982}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2017-09-23 14:31:07.426
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FD6612E7-90F6-451F-8B2B-D9877E2AB365}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:Reed-PC\Reed

Date: 2017-09-23 14:31:07.426
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:SoftwareBundler:Win32/ICLoader
ID:222548
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:containerfile:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack (1).zip;containerfile:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack.zip;file:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack (1).zip->Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.exe;file:C:\Users\Reed\Downloads\Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.zip->Torchlight_2_mod_launcher_crack.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Uživatel
Stav:Neznámý
Uživatel:Reed-PC\Reed
Název procesu:C:\Program Files\Windows Defender\MSASCui.exe

Date: 2017-09-23 14:31:07.424
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
Název:Spyware:Win32/WebHancer.A
ID:127924
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:containerfile:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->wbhshare.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->Webhdll.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->WhAgent.exe;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whAgent.inf;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whiehlpr.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whieshm.dll;file:C:\Program Files (x86)\GSC Game World\Outbreak Demo\gamespy\GameSpy.exe->(wise0349)->(WinZipSfx)->whInstaller.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Uživatel
Stav:Neznámý
Uživatel:Reed-PC\Reed
Název procesu:C:\Program Files\Windows Defender\MSASCui.exe

CodeIntegrity:
===================================

Date: 2016-08-05 11:00:48.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 09:09:32.453
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 01:40:20.807
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 20:26:56.966
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 17:05:32.813
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 10:40:15.215
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-02 20:42:16.931
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-02 10:39:41.466
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. N55SF.207 08/29/2011
Motherboard: ASUSTeK Computer Inc. N55SF
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 64%
Total physical RAM: 4000.05 MB
Available physical RAM: 1435.32 MB
Total Virtual: 7998.29 MB
Available Virtual: 5641.62 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:196.29 GB) (Free:50.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: ( ) (Fixed) (Total:244.47 GB) (Free:81.95 GB) NTFS
Drive i: (USB ADATA) (Removable) (Total:7.21 GB) (Free:7.21 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BE4A3F9)
Partition 1: (Active) - (Size=196.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0B)

==================== End of Addition.txt ============================
 
the very first rogueKill log.
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190729_141301, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2019/07/30 17:37:24 (Duration : 00:48:20)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.ErrorFixKit (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\ErrorFixKIT -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Babylon -- -> Deleted
[PUP.ModGoog|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\GlobalUpdate -- -> Deleted
[PUP.InnovativeSolutions (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Innovative Solutions -- -> Deleted
[PUP.RegCurePro|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\ParetoLogic -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\PIP -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\YourFileDownloader -- -> Deleted
[PUP.InnovativeSolutions (Potentially Malicious)] HKEY_USERS\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Innovative Solutions -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3705052320-4263949473-626607969-1001\Software\OCS -- -> Deleted
[PUP.RegCurePro|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3705052320-4263949473-626607969-1001\Software\ParetoLogic -- -> Deleted
[Adw.Seznam (Malicious)] HKEY_USERS\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Seznam.cz -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Softonic -- -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9FB9BE88-9676-4A79-8E58-7593F76D4CA8}D:\program files\unreal tournament 2004\system\ut2004.bat -- [D:\program files\unreal tournament 2004\System\UT2004.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FB56A396-545E-4003-AF3A-8B47F7C233CE}D:\program files\unreal tournament 2004\system\ut2004.bat -- [D:\program files\unreal tournament 2004\System\UT2004.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{37B91751-32DF-4937-9073-E3EE0914490F}D:\users\diablo 2 with lord of destruction bote\diablo ii\d2se.bat -- [D:\Users\diablo 2 with lord of destruction bote\diablo ii\D2SE.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4289A6F2-7E63-458B-A74E-6FB6EBF99822}D:\users\diablo 2 with lord of destruction bote\diablo ii\d2se.bat -- [D:\Users\diablo 2 with lord of destruction bote\diablo ii\D2SE.bat] -> Deleted
[PUP.Easeware (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8E32FF7C-3D3F-4ADE-AB5E-75B70439BDE8} -- [%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9FB9BE88-9676-4A79-8E58-7593F76D4CA8}D:\program files\unreal tournament 2004\system\ut2004.bat -- [D:\program files\unreal tournament 2004\System\UT2004.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FB56A396-545E-4003-AF3A-8B47F7C233CE}D:\program files\unreal tournament 2004\system\ut2004.bat -- [D:\program files\unreal tournament 2004\System\UT2004.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{37B91751-32DF-4937-9073-E3EE0914490F}D:\users\diablo 2 with lord of destruction bote\diablo ii\d2se.bat -- [D:\Users\diablo 2 with lord of destruction bote\diablo ii\D2SE.bat] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4289A6F2-7E63-458B-A74E-6FB6EBF99822}D:\users\diablo 2 with lord of destruction bote\diablo ii\d2se.bat -- [D:\Users\diablo 2 with lord of destruction bote\diablo ii\D2SE.bat] -> Deleted
[PUP.Easeware (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8E32FF7C-3D3F-4ADE-AB5E-75B70439BDE8} -- [%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe] -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[PUP.Gen1 (Potentially Malicious)] DriverCure -- %_Reed_appdata%\DriverCure -> Deleted
[PUP.Easeware (Potentially Malicious)] Easeware -- %_Reed_appdata%\Easeware -> Deleted
[PUP.Gen1 (Potentially Malicious)] ParetoLogic -- %_Reed_appdata%\Microsoft\Windows\Start Menu\Programs\ParetoLogic -> Deleted
[PUP.RegCurePro|PUP.Gen1 (Potentially Malicious)] ParetoLogic -- %_Reed_appdata%\ParetoLogic -> Deleted
[PUP.Gen1 (Potentially Malicious)] APN -- %localappdata%\APN -> Deleted
[PUP.InnovativeSolutions (Potentially Malicious)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Deleted
[PUP.Gen1 (Potentially Malicious)] Ask -- %programdata%\Ask -> Deleted
[PUP.InstallPack (Potentially Malicious)] InstallMate -- %programdata%\InstallMate -> Deleted
[PUP.HackTool (Potentially Malicious)] KMSAuto -- %programdata%\KMSAuto -> Deleted
[PUP.RegCurePro|PUP.Gen1 (Potentially Malicious)] ParetoLogic -- %programdata%\ParetoLogic -> Deleted
[Miner.Gen (Malicious)] WindowsTask -- %programdata%\WindowsTask -> Deleted
[PUP.Easeware (Potentially Malicious)] Easeware -- %ProgramFiles%\Easeware -> Deleted
[PUP.Gen1 (Potentially Malicious)] DAEMON Tools Toolbar -- %programfiles(x86)%\DAEMON Tools Toolbar -> Deleted
[PUP.InstallCore (Potentially Malicious)] DsNET Corp -- %programfiles(x86)%\DsNET Corp -> Deleted
[PUP.RegCurePro|PUP.Gen1 (Potentially Malicious)] ParetoLogic -- %programfiles(x86)%\ParetoLogic -> Deleted
[PUP.Gen1 (Potentially Malicious)] homepage -- http://www.ask.com/?l=dis&o=15383cr -> Deleted
 
Status
Not open for further replies.
Top Bottom