Can't Open Certain .exe

Oh and FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Reed (administrator) on REED-PC (ASUSTeK Computer Inc. N55SF) (29-07-2019 06:36:19)
Running from C:\Users\Reed\Downloads
Loaded Profiles: Reed (Available Profiles: Reed)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() [File not signed] C:\Windows\System32\rpcnetp.exe
() [File not signed] D:\Program files\Unity\Editor\UnityHelper.exe
(Acresso Software Inc. → Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Inc. → Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. → Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated → Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated → Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Alcor Micro Corp.) [File not signed] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. → ) C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc. → ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. → ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. → ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. → ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK) [File not signed] C:\Windows\SysWOW64\ACEngSvr.exe
(Atheros Communications Inc. → Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. → Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Daniel White → Daniel White) C:\Program Files (x86)\SunsetScreen\SunsetScreen.bat
(DeviceVM Inc. → Splashtop Inc.) C:\ASUS.SYS\SIONExportService.exe
(Even Balance, Inc. → ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. → ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Google LLC → Google LLC) C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
(Intel Corporation - pGFX → Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX → Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX → Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) Turbo Boost Technology Monitor → Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation → Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation → Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation → Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Miroslav Topolar → Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Miroslav Topolar → Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Native Instruments GmbH) [File not signed] C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Realtek Semiconductor Corp → Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp → Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonic Focus, Inc. → Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(Synaptics Incorporated → Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated → Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Unity Technologies SF → Unity Technologies ApS) D:\Program files\Unity\Editor\Data\Tools64\UnityShaderCompile r.exe
(Unity Technologies SF → Unity Technologies ApS) D:\Program files\Unity\Editor\Unity.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated → Synaptics Incorporated)
HKLM...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated → Synaptics Incorporated)
HKLM...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-17] (Realtek Semiconductor Corp → Realtek Semiconductor)
HKLM...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo “C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs”
HKLM...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) [File not signed]
HKLM...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. → Adobe Systems, Incorporated)
HKLM-x32...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () [File not signed]
HKLM-x32...\Run: [SystemExplorerAutoStart] => “C:\Program Files (x86)\System Explorer\SystemExplorer.exe” /TRAY
HKLM-x32...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate → Adobe Systems Incorporated) [File not signed]
HKLM-x32...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Sonic Focus, Inc. → Virage Logic Corporation / Sonic Focus)
HKLM-x32...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc. → Nuance Communications, Inc.)
HKLM-x32...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. → ASUS)
HKLM-x32...\Run: [CLMLServer] => “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
HKLM-x32...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. → ASUS)
HKLM-x32...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUSTeK Computer Inc. → ASUS)
HKLM-x32...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. → ecareme)
HKLM-x32...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-20] (ASUSTeK Computer Inc. → ASUSTek Computer Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Software Inc. → Acresso Corporation)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\Run: [Google Update] => C:\Users\Reed\AppData\Local\Google\Update\1.3.34.1 1\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc → Google LLC)
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\MountPoints2: {6fa280f7-c824-11e1-aa61-0008ca68e6d5} - I:\setup.exe
HKU\S-1-5-21-3705052320-4263949473-626607969-1001...\MountPoints2: {ade6eec8-c514-11e1-92b7-0008ca68e6d5} - G:\setup.exe
HKLM...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [28544 2013-01-16] (Xfire Inc → )
HKLM...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows → Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2007-06-28] () [File not signed]
HKLM...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows → Intel Corporation)
HKLM...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows → Intel Corporation)
HKLM...\Drivers32-x32: [VIDC.IV41] => IR41_32.AX
HKLM...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\Software...\AppCompatFlags\Custom\7k.exe: [{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb] → GOG.com Seven Kingdoms
HKLM\Software...\AppCompatFlags\Custom\SensibleSoc cer2006.exe: [{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb] → GOG.com Sensible Soccer 2006
HKLM\Software...\AppCompatFlags\InstalledSDB{50ccf 586-6cea-4070-8a01-2dd031f6098e}: [DatabasePath] → C:\Windows\AppPatch\Custom{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb [2012-12-31]
HKLM\Software...\AppCompatFlags\InstalledSDB{981c8 cc5-743b-4169-b0a2-51a102c187db}: [DatabasePath] → C:\Windows\AppPatch\Custom{981c8cc5-743b-4169-b0a2-51a102c187db}.sdb [2013-11-15]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] → C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] → C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] →
HKLM\Software...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation → Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170872 2016-12-03] (NVIDIA Corporation PE Sign v2016 → NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148200 2016-12-03] (NVIDIA Corporation PE Sign v2016 → NVIDIA Corporation)
BootExecute: autocheck autochk /r ??\D:autocheck autochk /r ??\C:autocheck autochk *

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00AAFF2A-C18E-4830-BF34-E5F80BF9F851} - System32\Tasks\TechUtilities Weekly Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
Task: {018614D6-FDB8-4A11-847F-42873342EF80} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-07-05] (Easeware Technology Limited → Easeware)
Task: {040B2295-8BC8-4A39-95B6-D14431738800} - System32\Tasks{8378311F-C01D-4741-B464-0BB7412CACF0} => C:\Windows\system32\pcalua.exe -a G:\Setup.EXE -d G:
Task: {07DB6454-2CBF-49C2-B87F-8E5C4DB496AC} - System32\Tasks{EE6D64D5-9F6A-423D-AA07-2552E169678D} => “c:\users\reed\appdata\local\google\chrome\applica tion\chrome.exe” hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
Task: {0A6371F8-26C6-467E-9B28-B3E36FC947DA} - System32\Tasks\SafeZone scheduled Autoupdate 1460808721 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {0AC85B98-F69E-4A95-9CF7-F1B9EA3B98D4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {11546610-33F7-4DE4-A440-D3F28F9162F9} - System32\Tasks\TechUtilities Logon Task => C:\Program Files (x86)\TechUtilities\TechUtilities.exe
Task: {12367E90-19DC-44E5-9931-B550F84E42E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. → ASUS)
Task: {34CFE560-8D17-4373-AA89-E625ADC0BE20} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [503728 2011-06-30] (ASUSTeK Computer Inc. → ASUSTek Computer Inc.)
Task: {386F26B1-5963-47F2-AE83-94C0EEB1DD5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {3F361834-395E-46B9-9424-FCE1909280A3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. → )
Task: {4121375D-B497-4533-B219-A1D7FA9841B0} - System32\Tasks\AdobeAAMUpdater-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [508128 2016-07-01] (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {4E712919-BB95-4413-930A-8AEB6E430837} - System32\Tasks\ErrorFixKIT => C:\Program Files (x86)\ErrorFix KIT\ErrorFixKIT.exe
Task: {6242BEEE-EBF2-4CCE-BEF9-B0E69D5E7E95} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [691328 2010-08-02] (ASUSTeK Computer Inc. → ASUS)
Task: {6472DA4F-E2BF-44BD-858E-D1CE6063FB6B} - System32\Tasks\Opera scheduled Autoupdate 1519300596 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS → Opera Software)
Task: {6BA63AB1-3F8E-4FB0-9E01-5BC9EC019D3E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUSTeK Computer Inc. → ASUS)
Task: {6DEDA583-1407-4B66-814A-04927145AE3E} - \AVAST Software\Avast settings backup → No File <==== ATTENTION
Task: {81B95154-F41B-4AF5-AA0B-B08A8D55F322} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-07-09] (Adobe Inc. → Adobe)
Task: {83FB79A4-F763-4532-B148-5BAA868644F8} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [5531304 2019-02-21] (Lespeed Technology Ltd. → WiseCleaner.com)
Task: {88E1D846-538E-4E6C-A889-64F98C1018F7} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [977024 2010-12-02] (ASUSTeK Computer Inc. → ASUS)
Task: {8E5D5943-3F56-46CE-9FD3-CC7E028160C8} - System32\Tasks\AdobeGCInvoker-1.0-Reed-PC-Reed => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. → Adobe Systems, Incorporated)
Task: {9209BC06-83FB-4CAE-8B1B-52FBBF616CF6} - System32\Tasks{E2703E98-714F-465D-ADCA-EF856F288C00} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:
Task: {9555A13C-5E9F-40C6-AF61-CA25C16A453A} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION
Task: {9A1CD433-A19C-4B22-9D60-5957666C49D1} - \Avast Software\Overseer → No File <==== ATTENTION
Task: {A731E237-FBD6-46D5-BECF-8947CDFA7319} - System32\Tasks{973B6F8D-197B-468A-8A6A-E5FB6FEAF5CA} => G:\AUTORUN.EXE
Task: {C220F64E-67D4-4960-BE00-BC4F25F68DE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001Core => C:\Users\Reed\AppData\Local\Google\Update\GoogleUp date.exe [144200 2015-08-30] (Google Inc → Google Inc.)
Task: {C4E105A3-08B9-40F3-8C94-8B366317E040} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows → Microsoft Corporation)
Task: {C6B74E04-9109-42F4-90BC-670FD1E0AA0E} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\Devic eDetector.exe
Task: {D2CE401C-2AC3-422A-927F-76E6FFAAAFBC} - System32\Tasks{0B246176-29A1-4AEE-9C95-55D0784432FA} => C:\Windows\system32\pcalua.exe -a “C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe”
Task: {D47CEC61-D331-411B-B6AF-01A24CA49E95} - System32\Tasks\svchostc => C:\Users\Reed\AppData\Local\svchostc\svchostc.exe <==== ATTENTION
Task: {DCF735B8-FBD7-4532-AA99-EC0EDFFD4303} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EDB4EC8B-6204-47D0-A93D-D7AC9E7237F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc → Google Inc.)
Task: {F4290D53-3161-4A59-B5A9-0E7AFE5F12BA} - System32\Tasks{0EBA5FBC-998F-4F21-B049-EAE68BBC38E7} => “c:\users\reed\appdata\local\google\chrome\applica tion\chrome.exe” hxxp://ui.skype.com/ui/0/6.3.0.105/en/go/help.faq.installer?LastError=1603
Task: {FBBBCF66-4D08-45EE-9327-E302B3F018CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc → Google Inc.)
Task: {FD7AB35E-6C52-4D76-B8B8-498FD9F18577} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3705052320-4263949473-626607969-1001UA => C:\Users\Reed\AppData\Local\Google\Update\GoogleUp date.exe [144200 2015-08-30] (Google Inc → Google Inc.)
Task: {FDDBC896-65C0-42F2-9725-3C61EECA04F3} - System32\Tasks\Win Update => c:\Intell\POOL\russian.vbs
Task: {FF2DD59C-CF85-428A-8B88-2A0C1A12E0D5} - System32\Tasks{606C25E6-DE8A-4815-9B04-880CBDF4CF3D} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"D:\Program Files (x86)\GMXMED~1\Wonder\Uninst.isu"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
Tcpip..\Interfaces{0CDD5A9A-8A8D-40C5-8C52-2C1FE8191A4F}: [DhcpNameServer] 192.168.42.129
Tcpip..\Interfaces{B564E423-6D2B-470C-9089-9C206ED0C0BC}: [DhcpNameServer] 10.5.50.1 77.104.250.129 81.92.158.230 8.8.8.8
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3705052320-4263949473-626607969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM → DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 → DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 → {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 → DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 → {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Windows Live ID Sign-in Helper → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation → Microsoft Corp.)
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → No File
BHO: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → No File
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-13] (Oracle America, Inc. → Oracle Corporation)
BHO-x32: CIESpeechBHO Class → {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} → C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Communications Inc. → Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation → Microsoft Corp.)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation → Microsoft Corporation)
BHO-x32: Bing Bar Helper → {d2ce3e00-f94a-4740-988e-03dc2f38c34f} → C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation → Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-13] (Oracle America, Inc. → Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation → Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3705052320-4263949473-626607969-1001 → No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
[HEADING=1]FireFox:[/HEADING]
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 → C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1 .dll [2017-09-13] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 → C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-13] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc → Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc → Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 → C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation → Zeon Corporation)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=3 → C:\Users\Reed\AppData\Local\Google\Update\1.3.34.1 1\npGoogleUpdate3.dll [2019-05-15] (Google Inc → Google LLC)
FF Plugin HKU\S-1-5-21-3705052320-4263949473-626607969-1001: @tools.google.com/Google Update;version=9 → C:\Users\Reed\AppData\Local\Google\Update\1.3.34.1 1\npGoogleUpdate3.dll [2019-05-15] (Google Inc → Google LLC)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → teoma.com/?gct=hp
CHR StartupUrls: Default → “hxxp://search.babylon.com/?affID=112555&tt=3412_1&babsrc=HP_ss&mntrId=30ad1a 4e0000000000005404a6aa4adf”
CHR Session Restore: Default → is enabled.
CHR Profile: C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default [2019-07-29]
CHR Extension: (Prezentace) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-27]
CHR Extension: (Tabulky) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2019-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Reed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-06-06]
StartMenuInternet: Google Chrome - C:\Users\Reed\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
[HEADING=1]Opera:[/HEADING]
OPR Extension: (Zoom for Opera) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\agocngbnphnfdhpacecdpcpfphhdmoff [2019-04-04]
OPR Extension: (V7 quickieZoom) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\bekmnilenpmnmmiaokgoclkegllkgbok [2018-12-08]
OPR Extension: (Tor™ Browser Button) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\lilflogangngbfkpiijccmfokhjcbhcl [2018-07-31]
OPR Extension: (Zoomba) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\lopalaapnmkccjdoipmmmolpninnmcik [2018-02-23]
OPR Extension: (Enhancer for YouTube) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofhehnfmgbgnkjaojifkmebjjgffjaeh [2018-12-08]
OPR Extension: (Zoom Popup) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofpknbbbohcgomapfgcgadleckdagikj [2018-02-23]
OPR Extension: (Adblock Plus) - C:\Users\Reed\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-12-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated → Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. → Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. → Adobe Systems, Incorporated)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros Communications Inc. → Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Communications Inc. → Atheros Commnucations) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1839616 2011-01-15] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED → Gold Click Ltd) <==== ATTENTION
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-10-14] (Even Balance, Inc. → )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [202040 2019-07-25] (Even Balance, Inc. → )
R2 Splashtop MDES; C:\ASUS.SYS\SIONExportService.exe [338208 2011-05-11] (DeviceVM Inc. → Splashtop Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate → Adobe Systems Incorporated) [File not signed]
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar → Mister Group)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Ser vice\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation → Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows → Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software → ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software → ASMedia Technology Inc)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. → )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [307768 2016-12-03] (NVIDIA Corporation → NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2019-05-30] () [File not signed]
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows → Silicon Integrated Systems Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54872 2017-09-05] (Synaptics Incorporated → Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-07-03] () [File not signed]
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft → SIA Syncrosoft)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. → The OpenVPN Project)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] (Intel(R) Turbo Boost Technology Monitor → )
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-10-20] (ZJMedia Digital Technology Ltd. → WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-22] (Zemana Ltd. → Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-22] (Zemana Ltd. → Zemana Ltd.)
U3 ahmtnt0w; C:\Windows\System32\Drivers\ahmtnt0w.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 06:36 - 2019-07-29 06:39 - 000040685 _____ C:\Users\Reed\Downloads\FRST.txt
2019-07-29 06:35 - 2019-07-29 06:36 - 000000000 ____D C:\FRST
2019-07-29 06:34 - 2019-07-29 06:34 - 002095104 _____ (Farbar) C:\Users\Reed\Downloads\FRST64.exe
2019-07-28 18:45 - 2019-07-28 18:45 - 003072896 _____ (Nicolas Coolman) C:\Users\Reed\Downloads\ZHPCleaner.exe
2019-07-28 18:39 - 2019-07-28 18:47 - 000002124 _____ C:\Users\Reed\Desktop\Rkill.txt
2019-07-28 18:38 - 2019-07-28 18:38 - 000832417 _____ C:\Users\Reed\Downloads\rkill-unsigned.zip
2019-07-28 18:23 - 2019-07-28 18:23 - 000001293 _____ C:\Users\Reed\Downloads\exe-fix-twc.zip
2019-07-28 18:23 - 2011-06-24 07:46 - 000003646 _____ C:\Users\Reed\Desktop\EXE_Fix_TWC.reg
2019-07-27 15:32 - 2019-07-28 11:14 - 000000000 ____D C:\Users\Reed\Documents\testturret
2019-07-25 18:03 - 2019-07-25 18:03 - 000016812 _____ C:\Users\Reed\Documents\small ramp.fbx
2019-07-24 16:00 - 2019-07-24 16:00 - 000020663 _____ C:\Users\Reed\Downloads$SpeedoPrefab.zip
2019-07-21 14:37 - 2019-07-21 14:55 - 000000000 ____D C:\Users\Reed\Desktop\Downloaded
2019-07-19 17:49 - 2019-07-19 23:15 - 000000000 ____D C:\Users\Reed\Desktop\EasySuspension
2019-07-19 17:48 - 2019-07-19 17:48 - 000588780 _____ C:\Users\Reed\Downloads\EasySuspension.zip
2019-07-17 18:43 - 2019-07-17 18:43 - 000001154 _____ C:\Users\Reed\Desktop\Nový textový dokument.txt
2019-07-17 10:14 - 2019-07-19 09:15 - 000000404 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2019-07-17 10:14 - 2019-07-17 10:14 - 000003808 _____ C:\Windows\System32\Tasks\Driver Easy Scheduled Scan
2019-07-17 10:14 - 2019-07-17 10:14 - 000000929 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Easeware
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-07-17 10:14 - 2019-07-17 10:14 - 000000000 ____D C:\Program Files\Easeware
2019-07-17 10:11 - 2019-07-17 10:13 - 005074168 _____ (Easeware ) C:\Users\Reed\Downloads\DriverEasy_Setup (1).exe
2019-07-17 09:26 - 2019-07-17 09:26 - 000000000 ____D C:\Windows\pss
2019-07-15 22:20 - 2019-07-15 22:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Steam
2019-07-15 21:54 - 2019-07-15 21:55 - 001573568 _____ C:\Users\Reed\Downloads\SteamSetup.exe
2019-07-14 12:55 - 2019-07-14 12:55 - 000000000 ____D C:\Users\Reed\AppData\Local[SAO]_Peter
2019-07-14 11:13 - 2019-07-14 11:16 - 014505976 _____ (Intel) C:\Users\Reed\Downloads\Intel-Driver-and-Support-Assistant-Installer.bat
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Sublime Text 3
2019-07-13 23:57 - 2019-07-13 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Sublime Text 3
2019-07-13 23:56 - 2019-07-13 23:56 - 000000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2019-07-13 23:56 - 2019-07-13 23:56 - 000000000 ____D C:\Program Files\Sublime Text 3
2019-07-13 23:54 - 2019-07-13 23:56 - 010913768 _____ (Sublime HQ Pty Ltd ) C:\Users\Reed\Downloads\Sublime Text Build 3207 x64 Setup.exe
2019-07-13 23:51 - 2019-07-01 17:35 - 000000000 ____D C:\Users\Reed\Desktop\p5
2019-07-13 23:50 - 2019-07-13 23:51 - 001582849 _____ C:\Users\Reed\Downloads\p5.zip
2019-07-13 23:01 - 2019-07-28 13:35 - 000000000 ____D C:\Users\Reed\Downloads\WPy64-3720
2019-07-13 22:37 - 2019-07-13 22:52 - 580357926 _____ (WinPython team ) C:\Users\Reed\Downloads\Winpython64-3.7.2.0.exe
2019-07-13 22:32 - 2019-07-13 22:32 - 000000000 ____D C:\Program Files\VideoLAN
2019-07-13 22:30 - 2019-07-13 22:32 - 042034704 _____ C:\Users\Reed\Downloads\vlc-3.0.7.1-win64.exe
2019-07-13 22:29 - 2019-07-10 19:23 - 048807962 _____ C:\Users\Reed\Desktop\VID_20190710_192332.mp4
2019-07-13 21:58 - 2019-07-07 11:28 - 000000000 ____D C:\Users\Reed\Desktop\eric6-19.7
2019-07-13 21:56 - 2019-07-13 21:58 - 019806343 _____ C:\Users\Reed\Downloads\eric6-19.7.zip
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Wing Personal 7
2019-07-13 21:47 - 2019-07-28 13:41 - 000000000 ____D C:\Users\Reed\AppData\Local\Wing Personal 7
2019-07-13 21:44 - 2019-07-13 21:45 - 000000000 ____D C:\Users\Reed\Desktop\Wing Personal 7.0.4
2019-07-13 21:41 - 2019-07-13 21:44 - 052793070 _____ C:\Users\Reed\Downloads\wing-personal-7.0.4.0-win.zip
2019-07-13 21:38 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Jedi
2019-07-13 21:37 - 2019-07-13 21:37 - 000000000 ____D C:\Users\Reed\AppData\Local\Spyder
2019-07-13 21:36 - 2019-07-13 21:38 - 000000000 ____D C:\Users\Reed.spyder-py3
2019-07-13 21:36 - 2019-07-13 21:36 - 000000000 ____D C:\Users\Reed.matplotlib
2019-07-13 21:35 - 2019-07-13 21:40 - 000000043 _____ C:\Users\Reed.condarc
2019-07-13 21:35 - 2019-07-13 21:40 - 000000000 ____D C:\Users\Reed.conda
2019-07-13 21:35 - 2019-07-13 21:35 - 000000000 ____D C:\Users\Reed\AppData\Local\conda
2019-07-13 21:34 - 2019-07-13 21:34 - 000000000 ____D C:\Users\Reed.anaconda
2019-07-13 20:31 - 2019-07-13 21:08 - 693800272 _____ (Anaconda, Inc.) C:\Users\Reed\Downloads\Anaconda3-2019.03-Windows-x86_64.exe
2019-07-13 20:28 - 2019-07-13 20:31 - 012590373 _____ (Anaconda, Inc.) C:\Users\Reed\Downloads\Nepotvrzeno 915624.crdownload
2019-07-11 17:55 - 2019-07-27 10:38 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Processing
2019-07-11 17:55 - 2019-07-23 17:30 - 000000000 ____D C:\Users\Reed\Documents\Processing
2019-07-11 17:52 - 2019-02-03 17:37 - 000000000 ____D C:\Users\Reed\Desktop\processing-3.5.3
2019-07-10 22:27 - 2019-07-10 22:35 - 132834090 _____ C:\Users\Reed\Downloads\processing-3.5.3-windows64.zip
2019-07-10 16:26 - 2019-07-10 16:26 - 002338989 _____ C:\Users\Reed\Downloads\qpvvqetcvt-EBR.zip
2019-07-10 14:13 - 2019-07-23 12:58 - 000000000 ____D C:\Users\Reed\Desktop\ALLNIGHTER 2
2019-07-10 14:13 - 2019-07-10 14:24 - 036469309 _____ C:\Users\Reed\Downloads\processing-3.5.3-windows64.zip.crdownload
2019-07-10 11:23 - 2019-07-10 11:23 - 000001000 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-10 09:39 - 2019-07-28 22:59 - 000000000 ____D C:\Users\Reed\Documents\All Nighter 2
2019-07-09 17:16 - 2019-07-09 17:20 - 000000000 ____D C:\Users\Reed\Documents\Nellie
2019-07-08 15:55 - 2019-07-08 17:11 - 000000000 ____D C:\Users\Reed\Documents\Sparky
2019-07-08 09:56 - 2019-07-08 14:34 - 000000000 ____D C:\Users\Reed\Documents\Carvival Springston
2019-07-07 13:51 - 2019-07-08 15:53 - 000000000 ____D C:\Users\Reed\Documents\Shader Old Unit
2019-07-07 11:48 - 2019-07-09 16:46 - 000000000 ____D C:\Users\Reed\Documents\Stencil
2019-07-07 11:38 - 2019-07-07 11:49 - 000000736 _____ C:\Users\Reed\Desktop\Controller1.cs
2019-07-07 11:37 - 2019-07-07 11:49 - 000000129 _____ C:\Users\Reed\Desktop\Shader.cs
2019-07-05 18:13 - 2019-07-09 17:00 - 000000000 ____D C:\Users\Reed\Documents\Mining Corporation
2019-07-05 16:22 - 2019-07-09 12:06 - 000000000 ____D C:\Users\Reed\Desktop\Grimster
2019-07-03 15:49 - 2019-07-03 15:49 - 000001262 _____ C:\Users\Reed\Desktop\Continue Installation.lnk
2019-07-02 12:29 - 2019-07-02 12:29 - 000000000 ____D C:\Users\Reed\Desktop\multiplayer-fps-assets
2019-07-02 12:25 - 2019-07-02 12:28 - 040856754 _____ C:\Users\Reed\Downloads\multiplayer-fps-assets.zip
2019-07-02 12:23 - 2019-07-02 12:24 - 010978361 _____ C:\Users\Reed\Downloads\multiplayer-fps-assets.zip.crdownload
2019-07-01 09:17 - 2019-07-05 14:13 - 000000000 ____D C:\Users\Reed\Documents\Secret Fps Multiplayer
2019-06-29 11:34 - 2019-07-03 15:33 - 000000000 ____D C:\ProgramData\NFS Underground

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 06:39 - 2017-12-21 11:37 - 000103698 _____ C:\Windows\ZAM.krnl.trace
2019-07-29 06:39 - 2017-09-22 22:56 - 000069409 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-07-29 06:35 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-29 06:35 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-29 06:31 - 2011-02-19 07:36 - 000680528 _____ C:\Windows\system32\perfh005.dat
2019-07-29 06:31 - 2011-02-19 07:36 - 000145496 _____ C:\Windows\system32\perfc005.dat
2019-07-29 06:31 - 2009-07-14 07:13 - 001615506 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-29 06:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-29 06:30 - 2013-03-14 23:57 - 000000000 ____D C:\Users\Reed\AppData\Local\Adobe
2019-07-29 06:28 - 2019-06-14 17:49 - 000000432 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-07-28 23:32 - 2015-08-17 10:48 - 000000000 ____D C:\Users\Reed\AppData\Roaming\uTorrent
2019-07-28 22:59 - 2016-09-16 18:20 - 000000000 ____D C:\ProgramData\Unity
2019-07-28 20:45 - 2015-10-18 18:15 - 000000012 ____H C:\dvmexp.idx
2019-07-28 20:45 - 2014-07-20 19:31 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.dll
2019-07-28 20:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-28 20:44 - 2017-04-01 22:13 - 000017920 _____ C:\Windows\system32\rpcnetp.exe
2019-07-28 20:44 - 2014-07-20 19:30 - 000017920 _____ C:\Windows\SysWOW64\rpcnetp.exe
2019-07-28 20:41 - 2018-09-05 19:41 - 000952594 _____ C:\Windows\ntbtlog.txt
2019-07-28 20:04 - 2018-10-28 15:52 - 000000000 ____D C:\Users\Reed\AppData\Roaming\vlc
2019-07-28 18:26 - 2019-01-12 13:17 - 000000000 ____D C:\Users\Reed\AppData\Local\Everything
2019-07-28 18:26 - 2019-01-10 13:45 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Everything
2019-07-28 17:11 - 2012-07-03 17:07 - 000000000 ____D C:\Users\Reed\AppData\Local\CrashDumps
2019-07-28 15:01 - 2018-09-11 15:15 - 000000000 ____D C:\Program Files\EditPlus
2019-07-28 10:29 - 2016-08-27 17:15 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronizatio n-{CC2499C5-D81A-41E2-AF7B-45E2C05C6CD1}
2019-07-27 15:32 - 2016-09-16 18:30 - 000000000 ____D C:\Users\Reed\AppData\LocalLow\DefaultCompany
2019-07-26 14:55 - 2015-11-22 23:09 - 000000132 _____ C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-07-26 10:52 - 2012-07-07 13:08 - 000000000 ____D C:\Users\Reed\AppData\Local\ElevatedDiagnostics
2019-07-26 10:01 - 2018-02-22 13:54 - 000000000 ____D C:\Program Files\Opera
2019-07-25 19:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-07-25 19:08 - 2014-08-14 23:38 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-07-25 19:07 - 2012-07-03 15:22 - 000202040 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-07-25 12:36 - 2016-01-16 15:43 - 000000816 _____ C:\WifiInfo.ini.enc
2019-07-21 23:16 - 2019-04-01 17:44 - 000000000 ____D C:\Users\Reed\Desktop\picturrs
2019-07-18 09:51 - 2019-02-20 21:33 - 000000000 ____D C:\Users\Reed\Desktop\AllNighter
2019-07-17 10:00 - 2019-03-19 17:24 - 000000000 ____D C:\Users\Reed\AppData\Roaming\Discord
2019-07-16 20:22 - 2015-11-30 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
2019-07-16 11:25 - 2018-02-22 13:56 - 000003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1519300596
2019-07-16 10:18 - 2012-07-06 19:18 - 000002415 _____ C:\Users\Reed\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Google Chrome.lnk
2019-07-15 22:31 - 2009-07-14 07:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-14 11:19 - 2014-05-02 15:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-14 11:19 - 2012-01-12 20:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-07-14 11:19 - 2012-01-12 20:18 - 000000000 ____D C:\Program Files (x86)\Intel
2019-07-14 11:17 - 2012-01-12 20:25 - 000000000 ____D C:\ProgramData\Intel
2019-07-13 21:36 - 2012-07-03 14:02 - 000000000 ____D C:\Users\Reed
2019-07-12 12:20 - 2019-02-20 15:31 - 000000000 ____D C:\Users\Reed\Documents\All Nighter
2019-07-09 22:24 - 2016-08-30 11:15 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-09 22:24 - 2016-08-30 11:15 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-09 22:24 - 2016-08-30 11:15 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-09 22:24 - 2016-08-30 11:15 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-09 22:24 - 2011-10-20 00:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-05 18:12 - 2019-06-28 17:33 - 000000000 ____D C:\Users\Reed\Documents\Grim of The Ages

==================== Files in the root of some directories ================

2016-06-12 15:16 - 2016-06-12 15:16 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2017-10-01 16:48 - 2017-10-01 16:48 - 000000878 _____ () C:\Users\Reed\exe.reg
2012-07-03 17:14 - 2011-07-11 22:48 - 000083456 _____ () C:\Users\Winamp\burnlib.dll
2012-07-03 17:14 - 2011-07-11 22:48 - 000028288 _____ (Nullsoft, Inc.) C:\Users\Winamp\Elevator.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000046080 _____ (Nullsoft, Inc.) C:\Users\Winamp\elevatorps.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000136192 _____ () C:\Users\Winamp\libFLAC.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000180224 _____ () C:\Users\Winamp\libmp4v2.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000253440 _____ () C:\Users\Winamp\libsndfile.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000078848 _____ () C:\Users\Winamp\nde.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000410624 _____ () C:\Users\Winamp\nsutil.dll
2012-07-03 17:14 - 2011-03-16 16:01 - 000199152 _____ (Sonic Solutions) C:\Users\Winamp\pxsdkpls.DLL
2012-07-03 17:14 - 2011-09-26 16:01 - 000083968 _____ () C:\Users\Winamp\tataki.dll
2012-07-03 17:14 - 2011-09-26 16:01 - 000370129 _____ (Nullsoft, Inc.) C:\Users\Winamp\UninstWA.exe
2012-07-03 17:14 - 2011-07-11 22:48 - 001595520 _____ (Nullsoft, Inc.) C:\Users\Winamp\winamp.exe
2012-07-03 17:14 - 2011-07-11 22:47 - 000074752 _____ (Nullsoft, Inc.) C:\Users\Winamp\winampa.exe
2012-07-03 17:14 - 2011-09-26 16:01 - 000047616 _____ () C:\Users\Winamp\zlib.dll
2018-10-26 19:12 - 2018-10-26 19:12 - 000001414 _____ () C:\Users\Reed\AppData\Roaming.minecraft – zástupce.lnk
2015-09-05 11:35 - 2018-01-16 13:14 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-11-22 23:09 - 2019-07-26 14:55 - 000000132 _____ () C:\Users\Reed\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-04-20 11:01 - 2018-04-20 11:01 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FC29FA0894FE.ini
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileIn.cns
2016-08-29 14:05 - 2016-08-29 21:30 - 000000000 _____ () C:\Users\Reed\AppData\Roaming\FileOut.cns
2017-09-26 23:02 - 2017-09-26 23:06 - 000000115 _____ () C:\Users\Reed\AppData\Roaming\LogFile.txt
2018-01-24 17:10 - 2019-05-23 23:32 - 000000961 _____ () C:\Users\Reed\AppData\Roaming\MPQEditor.ini
2015-05-14 22:47 - 2015-05-14 22:47 - 001249792 _____ ( http://www.ruby-lang.org/ ) C:\Users\Reed\AppData\Roaming\msvcr90-ruby191.dll
2019-01-03 21:49 - 2019-01-03 21:49 - 000001456 _____ () C:\Users\Reed\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-07-03 19:52 - 2018-09-13 16:08 - 000034816 _____ () C:\Users\Reed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-06 12:52 - 2017-11-06 12:52 - 000000058 _____ () C:\Users\Reed\AppData\Local\DonationCoder_Screensh otCaptor_InstallInfo.dat
2019-02-08 12:29 - 2019-02-08 12:29 - 000000000 _____ () C:\Users\Reed\AppData\Local\oobelibMkey.log
2014-01-24 17:27 - 2014-11-25 23:33 - 000028175 _____ () C:\Users\Reed\AppData\Local\Perfmon.PerfmonCfg
2019-03-13 00:43 - 2019-03-13 00:43 - 000000218 _____ () C:\Users\Reed\AppData\Local\recently-used.xbel
2012-07-26 21:45 - 2015-04-05 11:44 - 000007597 _____ () C:\Users\Reed\AppData\Local\Resmon.ResmonCfg
2016-02-11 20:57 - 2016-02-11 20:57 - 000000000 _____ () C:\Users\Reed\AppData\Local{5CD4D4E9-0A5E-4B5C-A285-0EB9021E4C19}

==================== FLock ================

2015-10-21 12:29 C:\ProgramData\CrazyBump

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-07-26 10:45
==================== End of FRST.txt ============================

sorry i forgot to hit reply directly, you might have not even been notified i wrote here. up there are those logs.

I see some malware here that needs to be removed, that may be the issue. Also, there is no need to quote my reply, I was at work all day.

Malwarebytes AntiRootkit.

Please download Malwarebytes Anti-Rootkit from here
[HEADING=1][ul]
[li]Unzip the contents to a folder in a convenient location.[/li][li]Open the folder where the contents were unzipped and run mbar.exe[/li][li]Follow the instructions in the wizard to update and allow the program to scan your computer for threats.[/li][li][IMG alt=“upload_2017-2-22_19-18-52.png”]https://pchelpforum.net/data/attachments/1/1641-e80c07dc150b81c13a0d00aa6bc8c34e.jpg[/li]
[li]Click on the Cleanup button to remove any threats and reboot if prompted to do so.[/li][li]Wait while the system shuts down and the cleanup process is performed.[/li][li]Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.[/li][li]When done, please post the two logs produced they will be in the MBAR folder… mbar-log.txt and system-log.txt[/li][/ul][/HEADING]
Rogue Killer Scan.

Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:

Link 1
Link 2

[ul]
[li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li][IMG alt=“upload_2017-2-23_10-55-54.png”]https://pchelpforum.net/attachments/upload_2017-2-23_10-55-54-png.1658/[/li][li]After All items are checked then press Remove Selected.[/li][li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li][li]Copy the content of the report and paste it here in your next reply.[/li][/ul][/IMG][/HEADING]

================================================== ================================================== ===

Remove the programs listed below with Geek Uninstaller. ( Use force mode if needed, if something is not listed skip it.)

µTorrent (HKLM-x32...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Driver Easy 5.6.12 (HKLM...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
Registry Repair 5.0.1.102 (HKLM-x32...\Registry Repair) (Version: 5.0.1.102 - Glarysoft Ltd)
WinThruster (HKLM-x32...\WinThruster_is1) (Version: 1.3.5.138 - Solvusoft)
Wise Registry Cleaner 10.1.4 (HKLM-x32...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)

================================================== ================================================== ===

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

@Imr102030 please do not quote every previous post, it is not necessary. Do not use the Reply button, write your response in the vacant box under the last post and click “Post Reply”

I will try that, but i have to say that the problem was before all those you listed as should be removed.They were my pathethic try to fix this issue.
the problem is present maybe 2 years. theses files like a month. (relatively)
except for utorrent but that on the other hand was present many years before that issue.
p.s. i am used from other forum to quote otherwise nobody is notified. :- )

Is there some runtime diagnostics so that i could press " record " and then replicate the bug and then investigate?

So i did what you said , uninstalled those thing, then all of sudden everything was working, i was very happy . so i restarted just to be sure and it’s doing the same and worse…

i am gonn reinstall windows. hopefuly ( of course it wont work…

Did you just uninstall the programs ? You should run the programs and the fix with Frst

i ran your fixlist along with frst,i t restarted afterwards and still did the bug…i then downloaded the geek because i liked the forced delete, and then i also downloaded some debugdiag which i dont know how to use, so i as they say " created a rule " and i naively thought "its recording " and went to reproduce the bug, but it actually worked. but after restart it falled apart again…

You could reinstall windows, but that is a bit drastic, there may be other steps we could take. I would like you to post the logs from Rogue killer and malwarebytes, also the log from FRST.

Then…

Note: You can expect this process to take a long time, up to several hours or more.

[ul]
[li]Download ESET Online Scanner and save it to your Desktop[/li][li]Right click on esetonlinescanner_enu.exe and select Run as administrator[/li][li]Click Computer scan[/li][li]Click Full scan[/li][li]Click Start scan, leaving the default setting[/li][li]If threats were found click Save scan log and save it to your Desktop as ESETScan.txt[/li][li]Click Continue 3 times[/li][li]Click Close[/li][li]Copy and paste the ESETScan.txt file contents in your reply[/li][li]Review the list and let me know if you think any of the items are legitimate and should be restored[/li][li]If no threats were found, click Continue 3 times[/li][li]Place a check mark in Delete application data on closing then click Close[/li][/ul]

I am headed to work, you can follow the steps or reformat… your choice.

one last quick question, can i reinstall windows without usb or dvd? these been bought genuine 7 years ago,. i remember having trouble the very first day and reinstaling or something, there was a windows 7 install code on the bottom of pc… could this works ?

So long as you have your product key… Magic Jelly bean key finder.