Malware v Google Chrome

[curepiddy]

Dobrý den,

prosím o pomoc s neustále vyskakujícími reklamami v prohlížeči Google Chrome (vypozoroval jsem, že to pravděpodobně bude něco s "PU.ReimagePlus"). Jiné prohlížeče (Mozilla) tento ani jiný problém nemají, rovněž PC jako takové běží bez problému. Zkusil jsem Chrome resetovat do továrního nastavení, nepomohlo, zkusil jsem jej odinstalovat a znovu nainstalovat, nepomohlo. PC jsem projel přes AdwCleaner a Malwarebytes a ani jeden nic nenašel. Níže přikládám logy z RSIT a FRST.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Tom at 2017-07-07 03:40:46
Microsoft Windows 10 Pro
System drive C: has 145 GB (63%) free of 228 GB
Total RAM: 16303 MB (68% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:40:47, on 07.07.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\trend micro\Tom_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE03DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OnScreen Control] C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe1] C:\Windows\system32\adobe.exe
O4 - HKCU\..\Run: [TinyTake by MangoApps] "C:\Users\Tom\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe" NOTOPENCONTEXTMENU
O4 - HKCU\..\Run: [HP DeskJet 4530 series (NET)] "C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6443D09D0661:NW" -scfn "HP DeskJet 4530 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
O23 - Service: GamingHotkey_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 12573 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\sihost.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Windows\notepad.exe"
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\explorer.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" chrome://settings/resetProfileSettings#cct
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Tom\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x1a8,0x1ac,0x1b0,0x1a4,0x1b4,0x7ffe752019d0,0x7ffe752019b8,0x7ffe752019e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8228 --on-initialized-event-handle=564 --parent-handle=568 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1396 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x1b81 --gpu-driver-vendor=NVIDIA --gpu-driver-version=22.21.13.8476 --gpu-driver-date=6-27-2017 --service-request-channel-token=DB48318F08654FCE9BB4A71FA54634B6 --mojo-platform-channel-handle=1404 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1396 --primordial-pipe-token=426515564EDDF695CA7B8E09A81FF35A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=426515564EDDF695CA7B8E09A81FF35A --renderer-client-id=8 --mojo-platform-channel-handle=3932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1396 --primordial-pipe-token=03F3D1BBCE2A0B92620E4067952E0B69 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=03F3D1BBCE2A0B92620E4067952E0B69 --renderer-client-id=12 --mojo-platform-channel-handle=6168 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1396 --primordial-pipe-token=A010DC342676934049CCD03395A155EF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A010DC342676934049CCD03395A155EF --renderer-client-id=13 --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1396 --primordial-pipe-token=A59F2B29458BE8B2F254394A8D05EFB1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A59F2B29458BE8B2F254394A8D05EFB1 --renderer-client-id=14 --mojo-platform-channel-handle=6004 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 652 660 8192 656
"C:\Users\Tom\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe -check pepperplugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\MSIOSDx64_Host - C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
C:\WINDOWS\system32\tasks\MSIOSDx86_Host - C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
C:\WINDOWS\system32\tasks\MSISW_Host - C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon - %windir%\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle - %windir%\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger OnIdle
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle - %windir%\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger OutOfIdle
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 - C:\Windows\system32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time - %windir%\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Time
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock - %windir%\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Unlock

=========Mozilla firefox=========

ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\i6xgg1y9.default-1499386914837

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\i6xgg1y9.default-1499386914837\addons.json

C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\i6xgg1y9.default-1499386914837\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Firefox Screenshots - extension - screenshots@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Adobe Acrobat - Create PDF - extension - web2pdfextension.15@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\i6xgg1y9.default-1499386914837\pluginreg.dat

=========Google Chrome=========

C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cmedhionkhpnakcndndgjdbohmhepckk 0 Adblock na Youtube™ 4.3.1
Extension cnpniohnfphhjihaiiggeabnkjhpaldj 0 Image Downloader 2.4.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat - Vytvořit PDF 11.0.0.379
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.3
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5917.424.0.6
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}]
"URL"=http://www.google.com/search?q={searchT ... utEncoding?}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17 162528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30 550360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17 162528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17 140512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30 505816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17 140512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17 162528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17 140512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-06-02 8822016]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2016-07-30 163800]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-06-21 1903224]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"MRT"=C:\WINDOWS\system32\MRT.exe [2017-06-14 133627792]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-04-28 631808]
"ZAM"=C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [2017-06-19 15546512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TinyTake by MangoApps"=C:\Users\Tom\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe [2015-10-13 362584]
"HP DeskJet 4530 series (NET)"=C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [2015-03-09 3651080]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-06-07 27742168]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2016-05-04 11336656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
"OnScreen Control"=C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [2015-12-14 1785328]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2016-08-04 596640]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27 2404952]
"Adobe1"=C:\Windows\system32\adobe.exe []

C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-07-07 03:40:46 ----D---- C:\rsit
2017-07-07 03:40:46 ----D---- C:\Program Files\trend micro
2017-07-07 02:36:17 ----A---- C:\WINDOWS\system32\drivers\zamguard64.sys
2017-07-07 02:36:17 ----A---- C:\WINDOWS\system32\drivers\zam64.sys
2017-07-07 02:36:14 ----D---- C:\Program Files (x86)\Zemana AntiMalware
2017-07-07 01:52:57 ----D---- C:\Program Files\HitmanPro
2017-07-07 01:51:51 ----D---- C:\ProgramData\HitmanPro
2017-07-07 01:37:07 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-07-07 01:37:06 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-07-07 01:37:03 ----D---- C:\ProgramData\Malwarebytes
2017-07-07 01:37:03 ----D---- C:\Program Files\Malwarebytes
2017-07-07 01:17:55 ----D---- C:\WINDOWS\LastGood
2017-07-07 01:13:26 ----D---- C:\AdwCleaner
2017-07-07 00:48:00 ----D---- C:\Users\Tom\AppData\Roaming\uah3mpgrjxb
2017-07-07 00:47:53 ----D---- C:\ProgramData\WindowsErrorReporting
2017-07-07 00:47:52 ----D---- C:\Program Files\O700DZZLI5
2017-07-07 00:47:51 ----D---- C:\Users\Tom\AppData\Roaming\neydpztd4o2
2017-07-07 00:47:49 ----D---- C:\Program Files (x86)\s45lzgq23tz
2017-07-07 00:47:45 ----D---- C:\Users\Tom\AppData\Roaming\Easeware
2017-07-07 00:47:44 ----D---- C:\Users\Tom\AppData\Roaming\l4222fulegb
2017-07-07 00:47:39 ----D---- C:\Program Files\IEM5E32YRE
2017-07-06 18:12:42 ----A---- C:\WINDOWS\SYSWOW64\adobe.exe
2017-06-29 18:03:28 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvdispgenco6438476.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvdispco6438476.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-06-29 18:02:03 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-06-29 17:48:48 ----D---- C:\WINDOWS\LastGood.Tmp
2017-06-29 17:48:46 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2017-06-29 17:48:46 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-27 10:54:47 ----D---- C:\ProgramData\VS Revo Group
2017-06-27 10:54:47 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2017-06-27 10:54:46 ----D---- C:\Program Files\VS Revo Group
2017-06-27 07:22:26 ----D---- C:\Users\Tom\AppData\Roaming\֑Adobe
2017-06-27 06:58:31 ----D---- C:\Users\Tom\AppData\Roaming\֒Adobe
2017-06-27 06:57:50 ----A---- C:\WINDOWS\unvise32.exe
2017-06-27 06:56:47 ----D---- C:\Program Files (x86)\REVisionEffects
2017-06-26 23:19:18 ----D---- C:\Users\Tom\AppData\Roaming\Apple Computer
2017-06-26 23:14:53 ----D---- C:\ProgramData\Apple Computer
2017-06-26 23:14:53 ----D---- C:\Program Files (x86)\QuickTime
2017-06-26 23:14:42 ----D---- C:\Program Files (x86)\Apple Software Update
2017-06-26 23:14:39 ----D---- C:\ProgramData\Apple
2017-06-23 17:47:01 ----D---- C:\ESD
2017-06-23 17:46:04 ----HD---- C:\$Windows.~WS
2017-06-23 17:46:04 ----D---- C:\$WINDOWS.~BT
2017-06-17 12:19:37 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-17 12:19:36 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-17 12:19:33 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-17 12:19:33 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-17 12:19:33 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-17 12:19:32 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-17 12:19:29 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-17 12:19:29 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-14 14:26:41 ----SD---- C:\WINDOWS\UpdateAssistantV2
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-06-14 12:17:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-06-14 12:17:51 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2017-06-14 12:17:50 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\tcpipcfg.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\netcorehc.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\hnetcfg.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\fdProxy.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\AuthBrokerUI.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-06-14 12:17:49 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2017-06-14 12:17:49 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-06-14 12:17:49 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-06-14 12:17:49 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-14 12:17:48 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-06-14 12:17:47 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-06-14 12:17:47 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 12:17:47 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 12:17:47 ----A---- C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 12:17:46 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 12:17:46 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-14 12:17:46 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-06-14 12:17:46 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-06-14 12:17:46 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-06-14 12:17:45 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-06-14 12:17:44 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-14 12:17:43 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 12:17:42 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 12:17:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-06-14 12:17:36 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-06-14 12:17:36 ----A---- C:\WINDOWS\system32\netcorehc.dll
2017-06-14 12:17:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-14 12:17:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-14 12:17:35 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-06-14 12:17:35 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-06-14 12:17:34 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-14 12:17:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-06-14 12:17:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-14 12:17:34 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-06-14 12:17:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-06-14 12:17:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-14 12:17:33 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-06-14 12:17:33 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-14 12:17:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-06-14 12:17:32 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 12:17:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-14 12:17:32 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-14 12:17:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-06-14 12:17:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-06-14 12:17:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-06-14 12:17:31 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 12:17:29 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 12:17:29 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 12:17:29 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 12:17:29 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\system32\efscore.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 12:17:28 ----A---- C:\WINDOWS\HelpPane.exe
2017-06-14 12:17:26 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-06-14 12:17:26 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 12:17:26 ----A---- C:\WINDOWS\system32\CPFilters.dll
2017-06-14 12:17:26 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-14 12:17:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-14 12:17:25 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-06-14 12:17:25 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-06-14 12:17:25 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-14 12:17:24 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 12:17:24 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 12:17:23 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:17:23 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-14 12:17:22 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-14 12:17:21 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-06-14 12:17:21 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-14 12:17:21 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-06-14 12:17:21 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-14 12:17:21 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 12:17:20 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\certutil.exe
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-14 12:17:20 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-14 12:17:19 ----A---- C:\WINDOWS\system32\tzres.dll
2017-06-14 12:17:19 ----A---- C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 12:17:19 ----A---- C:\WINDOWS\system32\fdProxy.dll
2017-06-14 12:17:19 ----A---- C:\WINDOWS\system32\edputil.dll
2017-06-14 12:17:19 ----A---- C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-10 11:06:35 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2017-06-10 11:06:35 ----A---- C:\WINDOWS\system32\nvdispgenco6438253.dll
2017-06-10 11:06:35 ----A---- C:\WINDOWS\system32\nvdispco6438253.dll

====== List of files/folders modified in the last 1 month ======

2017-07-07 03:40:46 ----RD---- C:\Program Files
2017-07-07 03:40:43 ----D---- C:\WINDOWS\Prefetch
2017-07-07 03:38:57 ----D---- C:\WINDOWS\system32\Tasks
2017-07-07 03:35:54 ----D---- C:\WINDOWS\Temp
2017-07-07 03:03:01 ----D---- C:\WINDOWS\system32\sru
2017-07-07 02:48:52 ----A---- C:\WINDOWS\SYSWOW64\subinacl.exe
2017-07-07 02:46:53 ----D---- C:\ProgramData\NVIDIA
2017-07-07 02:46:44 ----SHD---- C:\System Volume Information
2017-07-07 02:38:39 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-07 02:36:22 ----D---- C:\Windows
2017-07-07 02:36:17 ----D---- C:\WINDOWS\system32\drivers
2017-07-07 02:36:14 ----RD---- C:\Program Files (x86)
2017-07-07 02:32:31 ----D---- C:\Users\Tom\AppData\Roaming\MPC-HC
2017-07-07 02:32:30 ----D---- C:\WINDOWS\INF
2017-07-07 02:20:34 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-07-07 02:20:01 ----HD---- C:\ProgramData
2017-07-07 02:14:46 ----D---- C:\WINDOWS\system32\NDF
2017-07-07 02:09:23 ----D---- C:\WINDOWS\System32
2017-07-07 02:09:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-07 02:02:06 ----AD---- C:\WINDOWS\SysWOW64
2017-07-07 01:21:02 ----D---- C:\WINDOWS\system32\catroot2
2017-07-07 01:18:01 ----D---- C:\WINDOWS\system32\DriverStore
2017-07-07 01:17:18 ----SHD---- C:\Config.Msi
2017-07-07 01:16:51 ----D---- C:\WINDOWS\system32\CatRoot
2017-07-07 00:50:18 ----D---- C:\WINDOWS\Tasks
2017-07-07 00:48:02 ----SHD---- C:\WINDOWS\Installer
2017-07-07 00:47:58 ----D---- C:\ProgramData\Package Cache
2017-07-06 18:12:18 ----D---- C:\Users\Tom\AppData\Roaming\Adobe
2017-07-06 18:11:58 ----D---- C:\Program Files\Common Files\Adobe
2017-07-06 18:11:48 ----AD---- C:\Program Files\Adobe
2017-07-06 17:56:49 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2017-07-06 17:56:45 ----D---- C:\Program Files (x86)\Common Files
2017-07-06 12:25:27 ----D---- C:\WINDOWS\system32\SleepStudy
2017-07-06 09:18:12 ----HD---- C:\Program Files\WindowsApps
2017-07-06 09:18:12 ----D---- C:\WINDOWS\AppReadiness
2017-07-04 07:32:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-04 07:32:59 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-30 11:29:53 ----D---- C:\Users\Tom\AppData\Roaming\Skype
2017-06-30 11:29:22 ----D---- C:\ProgramData\Skype
2017-06-30 11:29:21 ----RD---- C:\Program Files (x86)\Skype
2017-06-29 18:03:46 ----D---- C:\ProgramData\NVIDIA Corporation
2017-06-29 18:03:25 ----D---- C:\Program Files (x86)\VulkanRT
2017-06-29 17:48:53 ----D---- C:\Program Files\NVIDIA Corporation
2017-06-29 17:48:53 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 11:21:56 ----D---- C:\WINDOWS\system32\UNP
2017-06-29 11:21:56 ----AD---- C:\Program Files\UNP
2017-06-28 17:15:37 ----RSD---- C:\WINDOWS\Fonts
2017-06-28 00:39:35 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-06-28 00:39:35 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-06-27 23:03:57 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2017-06-27 23:03:57 ----A---- C:\WINDOWS\system32\nvcpl.dll
2017-06-27 23:03:55 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2017-06-27 23:03:55 ----A---- C:\WINDOWS\system32\nvshext.dll
2017-06-27 23:03:55 ----A---- C:\WINDOWS\system32\nvmctray.dll
2017-06-27 23:03:55 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-27 23:03:55 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2017-06-27 22:52:34 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2017-06-27 11:02:34 ----D---- C:\WINDOWS\debug
2017-06-27 10:45:01 ----D---- C:\WINDOWS\system32\Macromed
2017-06-27 10:45:00 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-27 10:38:36 ----AD---- C:\Program Files (x86)\Adobe
2017-06-27 06:54:26 ----D---- C:\ProgramData\Adobe
2017-06-27 06:53:58 ----D---- C:\WINDOWS\WinSxS
2017-06-23 19:19:06 ----DC---- C:\WINDOWS\Panther
2017-06-23 17:46:04 ----D---- C:\WINDOWS\Logs
2017-06-21 09:07:20 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2017-06-21 09:07:20 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2017-06-21 09:07:19 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2017-06-21 09:07:19 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2017-06-21 09:07:19 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-06-20 22:58:22 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-17 17:38:46 ----D---- C:\WINDOWS\system32\config
2017-06-17 13:06:18 ----RD---- C:\WINDOWS\Microsoft.NET
2017-06-17 12:20:31 ----D---- C:\WINDOWS\CbsTemp
2017-06-14 14:26:42 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-06-14 14:26:41 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-06-14 14:26:41 ----D---- C:\WINDOWS\system32\wbem
2017-06-14 14:26:41 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-06-14 14:26:41 ----D---- C:\WINDOWS\system32\cs-CZ
2017-06-14 14:26:41 ----D---- C:\WINDOWS\system32\appraiser
2017-06-14 14:26:41 ----D---- C:\WINDOWS\ShellExperiences
2017-06-14 14:26:41 ----D---- C:\WINDOWS\AppPatch
2017-06-14 12:22:47 ----D---- C:\WINDOWS\system32\MRT
2017-06-14 12:21:03 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-08 03:45:45 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-29 1462720]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-07 253856]
R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2012-06-22 56336]
R1 ArcCtrl;ArcCtrl; C:\WINDOWS\system32\drivers\ArcCtrl.sys [2013-11-20 3315392]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 MpKsla8a66c9d;MpKsla8a66c9d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63F3CE03-7B6B-42F0-8CCF-E1B7CCDBA651}\MpKsla8a66c9d.sys [2017-07-07 44928]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-09-22 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2015-12-14 130880]
R3 asmthub3;@oem34.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2016-02-15 149760]
R3 asmtxhci;@oem36.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2016-02-15 451320]
R3 BazisVirtualCDBus;@oem53.inf,%dev.SVCDESC%;WinCDEmu Virtual Bus Driver; C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys [2015-09-28 172376]
R3 dg_ssudbus;@oem93.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
R3 netr28ux;@oem41.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2016-05-09 2244944]
R3 NTIOLib_ACTIVE_X;NTIOLib_ACTIVE_X; \??\C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [2016-04-12 13776]
R3 NVHDA;@oem90.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-06-08 218712]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys [2017-06-28 15625336]
R3 nvvad_WaveExtensible;@oem91.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-06-21 48248]
R3 nvvhci;@oem77.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-06-28 57792]
R3 rzendpt;@oem43.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2015-08-13 50392]
R3 rzudd;@oem1.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2015-08-13 202952]
R3 ssudmdm;@oem94.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2016-07-16 12800]
R3 TotRec8;Total Recorder WDM audio filter driver; \??\C:\WINDOWS\system32\drivers\TotRec8.sys [2015-10-20 123520]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-04-28 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-17 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-17 141152]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-17 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-06-21 30328]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 RZSURROUNDVADService;Razer Surround Audio Service; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [2016-02-15 40640]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-12 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-29 918448]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-02-02 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 CDPUserSvc_30cea;CDPUserSvc_30cea; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2016-05-19 39888]
R2 GamingHotkey_Service;GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2016-05-16 2019792]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2016-04-28 2248144]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-09-26 51112]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-06-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-06-21 450168]
R2 OneSyncSvc_30cea;Hostitel synchronizace_30cea; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-05 188072]
R3 PimIndexMaintenanceSvc_30cea;Data kontaktů_30cea; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2016-05-27 54200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-04-05 317400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_30cea;Služba zasílání zpráv_30cea; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21 495224]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[curepiddy]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2017
Ran by Tom (administrator) on TOM (07-07-2017 03:53:47)
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dwm.exe
Failed to access process -> WUDFHost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Failed to access process -> WmiPrvSE.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Failed to access process -> fontdrvhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [133627792 2017-06-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-05-04] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1785328 2015-12-14] (TODO: <Company name>)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-04] (Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe1] => C:\Windows\SysWOW64\adobe.exe [8647207 2016-11-22] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3857374830-2379457094-981324387-1001\...\Run: [TinyTake by MangoApps] => C:\Users\Tom\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe [362584 2015-10-13] (MangoApps)
HKU\S-1-5-21-3857374830-2379457094-981324387-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3857374830-2379457094-981324387-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3857374830-2379457094-981324387-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-10-27]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{68e8b664-c4d6-4601-bf8a-a3289069c835}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)

FireFox:
========
FF DefaultProfile: i6xgg1y9.default-1499386914837
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\i6xgg1y9.default-1499386914837 [2017-07-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-06-01]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2017-07-07]
CHR Extension: (Prezentace Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-01]
CHR Extension: (Dokumenty Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-01]
CHR Extension: (Disk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-01]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-01]
CHR Extension: (Adblock na Youtube™) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Image Downloader) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-05-04]
CHR Extension: (Tabulky Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] () [File not signed]
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [39888 2016-05-19] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [54200 2016-05-27] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2248144 2016-04-28] (Micro-Star INT'L CO., LTD.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-09-26] (Microsoft)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ArcCtrl; C:\WINDOWS\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-07-23] ()
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [559080 2016-04-19] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-07] (Malwarebytes)
R1 MpKsla8a66c9d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63F3CE03-7B6B-42F0-8CCF-E1B7CCDBA651}\MpKsla8a66c9d.sys [44928 2017-07-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2244944 2016-05-09] (MediaTek Inc.)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-28] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [123520 2015-10-20] (High Criteria inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-07-07] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-07-07] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 03:53 - 2017-07-07 03:53 - 02436608 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2017-07-07 03:53 - 2017-07-07 03:53 - 00020426 _____ C:\Users\Tom\Downloads\FRST.txt
2017-07-07 03:53 - 2017-07-07 03:53 - 00000000 ____D C:\FRST
2017-07-07 03:44 - 2017-07-07 03:44 - 04110280 _____ C:\Users\Tom\Downloads\adwcleaner_6.047.exe
2017-07-07 03:40 - 2017-07-07 03:40 - 01329152 _____ C:\Users\Tom\Downloads\RSITx64.exe
2017-07-07 03:40 - 2017-07-07 03:40 - 00000000 ____D C:\rsit
2017-07-07 03:40 - 2017-07-07 03:40 - 00000000 ____D C:\Program Files\trend micro
2017-07-07 02:41 - 2017-07-07 02:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Downloads\HijackThis.exe
2017-07-07 02:36 - 2017-07-07 03:53 - 03560153 _____ C:\WINDOWS\ZAM.krnl.trace
2017-07-07 02:36 - 2017-07-07 03:53 - 00513991 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-07-07 02:36 - 2017-07-07 02:36 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-07-07 02:36 - 2017-07-07 02:36 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-07-07 02:36 - 2017-07-07 02:36 - 00001217 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-07-07 02:36 - 2017-07-07 02:36 - 00000000 ____D C:\Users\Tom\AppData\Local\Zemana
2017-07-07 02:36 - 2017-07-07 02:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-07-07 02:36 - 2017-07-07 02:36 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-07-07 02:35 - 2017-07-07 02:35 - 06589840 _____ (Zemana Ltd. ) C:\Users\Tom\Downloads\Zemana.AntiMalware.Setup.exe
2017-07-07 02:21 - 2017-07-07 02:21 - 00000000 ____D C:\Users\Tom\Desktop\Původní data aplikace Firefox
2017-07-07 02:07 - 2017-07-07 02:07 - 00029738 _____ C:\Users\Tom\Desktop\záložky_07.07.17.html
2017-07-07 01:56 - 2017-07-07 02:02 - 00000340 _____ C:\WINDOWS\system32\.crusader
2017-07-07 01:52 - 2017-07-07 01:52 - 00001962 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-07-07 01:52 - 2017-07-07 01:52 - 00000000 ____D C:\Program Files\HitmanPro
2017-07-07 01:51 - 2017-07-07 01:57 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-07 01:37 - 2017-07-07 02:02 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-07 01:37 - 2017-07-07 01:37 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-07 01:37 - 2017-07-07 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-07 01:37 - 2017-07-07 01:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-07 01:37 - 2017-07-07 01:37 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-07 01:37 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-07 01:17 - 2017-07-07 01:18 - 00000000 ____D C:\WINDOWS\LastGood
2017-07-07 01:13 - 2017-07-07 03:45 - 00000000 ____D C:\AdwCleaner
2017-07-07 00:51 - 2017-07-07 02:47 - 00000544 _____ C:\Users\Tom\Desktop\JRT.txt
2017-07-07 00:48 - 2017-07-07 01:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uah3mpgrjxb
2017-07-07 00:47 - 2017-07-07 02:24 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Easeware
2017-07-07 00:47 - 2017-07-07 01:43 - 00000000 ____D C:\Program Files\O700DZZLI5
2017-07-07 00:47 - 2017-07-07 01:43 - 00000000 ____D C:\Program Files\IEM5E32YRE
2017-07-07 00:47 - 2017-07-07 01:43 - 00000000 ____D C:\Program Files (x86)\s45lzgq23tz
2017-07-07 00:47 - 2017-07-07 01:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\neydpztd4o2
2017-07-07 00:47 - 2017-07-07 01:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\l4222fulegb
2017-07-07 00:47 - 2017-07-07 01:27 - 00002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-07-07 00:47 - 2017-07-07 01:27 - 00002133 _____ C:\Users\Tom\Desktop\Gооglе Сhrоmе.lnk
2017-07-07 00:47 - 2017-07-07 01:27 - 00001942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-07-07 00:47 - 2017-07-07 01:27 - 00001930 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2017-07-07 00:47 - 2017-07-07 00:47 - 00000000 ____D C:\ProgramData\WindowsErrorReporting
2017-07-06 18:17 - 2017-07-06 18:17 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign01e30f149a611876
2017-07-06 18:16 - 2017-07-06 18:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignd07ad51c3da94221
2017-07-06 18:16 - 2017-07-06 18:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignbc09864682c43898
2017-07-06 18:16 - 2017-07-06 18:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign46b45be939c0757a
2017-07-06 18:15 - 2017-07-06 18:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignbdbbcb7c16f7d531
2017-07-06 18:15 - 2017-07-06 18:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign8d96fa1910d782db
2017-07-06 18:15 - 2017-07-06 18:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign7e54056b8205654d
2017-07-06 18:15 - 2017-07-06 18:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6cb329fd5b674cd9
2017-07-06 18:15 - 2017-07-06 18:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign3b5fed1b2aa1dc7e
2017-07-06 18:14 - 2017-07-06 18:14 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignf3c030efdd475dd3
2017-07-06 18:14 - 2017-07-06 18:14 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignd287edd29af86dd2
2017-07-06 18:12 - 2017-07-06 18:12 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-07-06 18:12 - 2016-11-22 00:53 - 08647207 _____ C:\WINDOWS\SysWOW64\adobe.exe
2017-07-05 23:49 - 2017-07-05 23:49 - 00000279 _____ C:\Users\Tom\Desktop\linky.txt
2017-07-05 17:04 - 2017-07-05 17:04 - 00000731 _____ C:\Users\Tom\Desktop\matrose.lnk
2017-07-04 17:50 - 2017-07-06 10:06 - 00001219 _____ C:\Users\Tom\Desktop\finalni.txt
2017-07-04 16:15 - 2017-07-04 18:48 - 00000845 _____ C:\Users\Tom\Desktop\napadky.txt
2017-07-03 15:35 - 2017-07-03 15:35 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignfac5ef2aae77fde9
2017-07-03 13:05 - 2017-07-03 13:05 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignb9330015121c6266
2017-07-02 16:33 - 2017-07-02 16:33 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignb1b2270ca61913b6
2017-07-01 13:54 - 2017-07-01 13:54 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign057d024943f77936
2017-07-01 12:15 - 2017-07-01 12:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign0f5aa0736cc57611
2017-07-01 11:13 - 2017-07-01 11:13 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign0ae47e90f5702ad4
2017-07-01 10:27 - 2017-07-01 10:27 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign794ada55a0588c41
2017-06-30 22:28 - 2017-06-30 22:28 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignc93dd33d0f8af51b
2017-06-30 20:25 - 2017-06-30 20:25 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign13f7d0e884aeb860
2017-06-30 20:23 - 2017-06-30 20:23 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignd07eba85fef3c00e
2017-06-30 20:21 - 2017-06-30 20:21 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign02a00df64cd85481
2017-06-30 20:11 - 2017-06-30 20:11 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign8f70d36ac260b334
2017-06-30 19:32 - 2017-06-30 19:32 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign0aea4acd5320c3ed
2017-06-30 19:31 - 2017-06-30 19:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign4bd84aa2313e8b68
2017-06-30 16:30 - 2017-06-30 16:30 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsigneb761cffeaf94ea4
2017-06-30 14:46 - 2017-06-30 14:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign0ead547f60f42a21
2017-06-29 20:55 - 2017-06-29 20:55 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign20731f10f58549f8
2017-06-29 20:54 - 2017-06-29 20:54 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign4b0fbcc56ecf65b4
2017-06-29 20:48 - 2017-06-29 20:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign4cf67b166f902f8d
2017-06-29 20:47 - 2017-06-29 20:47 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign1a4f070cad6bc11b
2017-06-29 20:22 - 2017-06-29 20:22 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsigndd20785931cea68f
2017-06-29 20:16 - 2017-06-29 20:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign1b59cbf5bf2fbd6b
2017-06-29 18:48 - 2017-06-29 18:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignffeb3e93e85aa342
2017-06-29 18:48 - 2017-06-29 18:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign928e90d54d2ffb4a
2017-06-29 18:03 - 2017-06-27 22:27 - 00135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-29 18:02 - 2017-06-28 00:39 - 40239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 35838912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 35314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 28953536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 13559376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 12337296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 12132272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 11501776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 10381664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 09982456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 04163008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 03595384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438476.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438476.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01067128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 01004664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00995224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00781728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-06-29 18:02 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-06-29 18:02 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-06-29 17:48 - 2017-06-29 18:03 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-06-29 17:48 - 2017-06-21 09:07 - 00179320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-29 17:48 - 2017-06-21 09:07 - 00146552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-29 17:37 - 2017-06-29 17:37 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsigna032e8556ef82821
2017-06-29 17:35 - 2017-06-29 17:35 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-06-29 16:55 - 2017-06-29 16:55 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsigna896c3edc989be7f
2017-06-28 19:12 - 2017-07-02 22:13 - 00001327 _____ C:\Users\Tom\Desktop\napady.txt
2017-06-27 12:48 - 2017-06-27 12:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign95c9e46fc9b9f89a
2017-06-27 11:03 - 2017-06-27 11:03 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign2e927c49e307fccb
2017-06-27 11:00 - 2017-06-27 11:00 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign285a7240f5787bd1
2017-06-27 10:59 - 2017-06-27 10:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign47626245958deb8f
2017-06-27 10:57 - 2017-06-27 10:57 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign31872fb71040bb55
2017-06-27 10:55 - 2017-06-27 10:55 - 00000000 ____D C:\Users\Tom\AppData\Local\VS Revo Group
2017-06-27 10:54 - 2017-06-27 10:54 - 00000000 ____D C:\ProgramData\VS Revo Group
2017-06-27 10:54 - 2017-06-27 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-06-27 10:54 - 2017-06-27 10:54 - 00000000 ____D C:\Program Files\VS Revo Group
2017-06-27 10:54 - 2016-12-21 14:52 - 00040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2017-06-27 10:45 - 2017-06-27 10:45 - 00004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-27 10:45 - 2017-06-27 10:45 - 00004496 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-06-27 10:42 - 2017-06-27 10:42 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignb8d95fe11cb2a294
2017-06-27 10:42 - 2017-06-27 10:42 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign33acdf3178071e90
2017-06-27 09:43 - 2017-06-27 09:43 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignf64b4af58a4e10b6
2017-06-27 09:26 - 2017-06-27 09:26 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign216f3c0e7decec99
2017-06-27 09:24 - 2017-06-27 09:24 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignb8bca7e3dbe7e07d
2017-06-27 09:20 - 2017-06-27 09:20 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignf858afe3b897d166
2017-06-27 08:08 - 2017-06-27 08:08 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign84ff56de76c94f39
2017-06-27 08:05 - 2017-06-27 08:05 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6dd81b44e5fd9615
2017-06-27 07:30 - 2017-06-27 07:30 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign89b07ec66eb566f0
2017-06-27 07:27 - 2017-06-27 07:27 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign48d88de1e05f906c
2017-06-27 07:25 - 2017-06-27 07:25 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6194d7a026fb518c
2017-06-27 07:22 - 2017-06-27 07:22 - 00000000 ____D C:\Users\Tom\AppData\Roaming\֑Adobe
2017-06-27 06:58 - 2017-06-27 06:58 - 00000000 ____D C:\Users\Tom\AppData\Roaming\֒Adobe
2017-06-27 06:57 - 2017-06-27 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twixtor 5, After Effects-compatible plugin set
2017-06-27 06:57 - 2008-01-30 18:36 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2017-06-27 06:56 - 2017-06-27 06:56 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2017-06-27 06:56 - 2017-06-27 06:56 - 00000000 ____D C:\Program Files (x86)\REVisionEffects
2017-06-27 06:54 - 2017-06-27 06:54 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2017-06-27 06:54 - 2017-06-27 06:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-06-27 06:54 - 2017-06-27 06:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-06-26 23:55 - 2017-06-26 23:55 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign858eed118decffe9
2017-06-26 23:51 - 2017-06-26 23:51 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign51b827dd96018905
2017-06-26 23:49 - 2017-06-26 23:49 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2017.lnk
2017-06-26 23:19 - 2017-06-27 06:33 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Apple Computer
2017-06-26 23:16 - 2017-06-26 23:16 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign9990a10e9e7c4c1a
2017-06-26 23:14 - 2017-06-26 23:14 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Apple Computer
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\Users\Tom\AppData\Local\Apple
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\ProgramData\Apple Computer
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\ProgramData\Apple
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-06-26 23:14 - 2017-06-26 23:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-06-26 23:00 - 2017-06-26 23:00 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6ea33c4159b9d512
2017-06-26 22:58 - 2017-06-26 22:58 - 00000000 ____D C:\Users\Tom\Creative Cloud Files
2017-06-26 22:50 - 2017-06-26 22:50 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignf2c7a699a6ea6e9b
2017-06-26 22:50 - 2017-06-26 22:50 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign65a0a163b2fb146b
2017-06-26 22:36 - 2017-06-26 22:36 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign3c0d441b9822aaa4
2017-06-26 21:03 - 2017-06-26 21:03 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignc9b14d140c6a4949
2017-06-26 21:01 - 2017-06-26 21:01 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignbd5cf89b0c9c4419
2017-06-26 20:55 - 2017-06-26 20:55 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign92479b9a0eca89fb
2017-06-26 20:40 - 2017-06-26 20:40 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignbc3b7c75450c976b
2017-06-25 15:35 - 2017-06-25 15:35 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign4b1255a78dac7463
2017-06-25 15:25 - 2017-06-25 15:25 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign549969a4ddb11200
2017-06-25 14:17 - 2017-06-25 14:17 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign8d5d4d12d3dd504b
2017-06-25 11:31 - 2017-06-25 11:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6c6b26983690e25d
2017-06-25 11:27 - 2017-06-25 11:27 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign6f4162b129f1e04f
2017-06-25 09:37 - 2017-06-25 09:37 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsigna85535269b02fdc3
2017-06-25 01:38 - 2017-06-25 01:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign0db6df8835c6d0a7
2017-06-25 01:37 - 2017-06-25 01:37 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign012038c3269f69e0
2017-06-25 01:05 - 2017-06-25 01:05 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign514977682d294658
2017-06-25 01:03 - 2017-06-25 01:03 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign29cd2fcfa54b34eb
2017-06-24 14:50 - 2017-06-24 14:50 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignba7aed4ff6633c57
2017-06-23 17:47 - 2017-06-23 19:19 - 00000000 ____D C:\ESD
2017-06-23 17:46 - 2017-06-23 17:46 - 00000000 ___HD C:\$Windows.~WS
2017-06-23 17:46 - 2017-06-23 17:46 - 00000000 ____D C:\$WINDOWS.~BT
2017-06-17 12:19 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-06-17 12:19 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-06-17 12:19 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-06-17 12:19 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-17 12:19 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-17 12:19 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-17 12:19 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-06-17 12:19 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-06-14 14:26 - 2017-06-14 14:26 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 12:17 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 12:17 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 12:17 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 12:17 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 12:17 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 12:17 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 12:17 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 12:17 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 12:17 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 12:17 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 12:17 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 12:17 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 12:17 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 12:17 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 12:17 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 12:17 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 12:17 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 12:17 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 12:17 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 12:17 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 12:17 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 12:17 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 12:17 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 12:17 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 12:17 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 12:17 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 12:17 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 12:17 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 12:17 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 12:17 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 12:17 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 12:17 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 12:17 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 12:17 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 12:17 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 12:17 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 12:17 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 12:17 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 12:17 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 12:17 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 12:17 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 12:17 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 12:17 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 12:17 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 12:17 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 12:17 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 12:17 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 12:17 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 12:17 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 12:17 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:17 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 12:17 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 12:17 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 12:17 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 12:17 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 12:17 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 12:17 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 12:17 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 12:17 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 12:17 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 12:17 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 12:17 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 12:17 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 12:17 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 12:17 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 12:17 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 12:17 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 12:17 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 12:17 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 12:17 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 12:17 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 12:17 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 12:17 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 12:17 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 12:17 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 12:17 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 12:17 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 12:17 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 12:17 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:17 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 12:17 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 12:17 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 12:17 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 12:17 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 12:17 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 12:17 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 12:17 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 12:17 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 12:17 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 12:17 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 12:17 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 12:17 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 12:17 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 12:17 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 12:17 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 12:17 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 12:17 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 12:17 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 12:17 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 12:17 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 12:17 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 12:17 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 12:17 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 12:17 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 12:17 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 12:17 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 12:17 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 12:17 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 12:17 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 12:17 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 12:17 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 12:17 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 12:17 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 12:17 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 12:17 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 12:17 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 12:17 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 12:17 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 12:17 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 12:17 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 12:17 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 12:17 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 12:17 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 12:17 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 12:17 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 12:17 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 12:17 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-14 12:17 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-12 09:46 - 2017-06-12 09:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignb54bf4b8b23e1f9d
2017-06-12 09:46 - 2017-06-12 09:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsignab72c428cc98f220
2017-06-12 09:46 - 2017-06-12 09:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign75cd40e1215c0a63
2017-06-12 09:45 - 2017-06-12 09:45 - 00000000 ____D C:\Users\Tom\AppData\Local\Tempzxpsign44ce62716409f037
2017-06-10 11:06 - 2017-06-08 03:45 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438253.dll
2017-06-10 11:06 - 2017-06-08 03:45 - 01606776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438253.dll
2017-06-10 11:06 - 2017-06-08 03:45 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 03:19 - 2017-01-08 12:32 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla
2017-07-07 03:09 - 2016-07-01 15:53 - 00000000 ____D C:\Users\Tom\AppData\Local\ClassicShell
2017-07-07 02:48 - 2016-12-25 16:32 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-07-07 02:46 - 2016-08-03 16:34 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-07 02:36 - 2016-08-03 16:35 - 00000000 ____D C:\Users\Tom
2017-07-07 02:32 - 2016-12-14 22:46 - 00000000 ____D C:\Users\Tom\AppData\Roaming\MPC-HC
2017-07-07 02:32 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-07 02:32 - 2016-07-01 16:58 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2017-07-07 02:20 - 2016-08-04 13:29 - 00000422 __RSH C:\ProgramData\ntuser.pol
2017-07-07 02:20 - 2016-07-01 16:13 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-07-07 02:15 - 2016-07-13 15:24 - 00000000 ____D C:\Users\Tom\AppData\Local\ElevatedDiagnostics
2017-07-07 02:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-07 02:09 - 2016-07-17 00:25 - 01278902 _____ C:\WINDOWS\system32\perfh005.dat
2017-07-07 02:09 - 2016-07-17 00:25 - 00340432 _____ C:\WINDOWS\system32\perfc005.dat
2017-07-07 02:09 - 2016-07-01 15:20 - 03087880 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-07 02:02 - 2016-08-03 16:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-07 02:02 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-07-07 00:47 - 2016-07-01 15:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-06 18:12 - 2017-01-23 19:09 - 00000000 ____D C:\Users\Tom\Documents\Adobe
2017-07-06 18:12 - 2016-07-01 15:18 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2017-07-06 18:11 - 2017-04-22 01:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-06 18:11 - 2017-04-21 23:00 - 00000000 ____D C:\Program Files\Adobe
2017-07-06 17:56 - 2016-07-01 17:48 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Adobe
2017-07-06 17:56 - 2016-07-01 17:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2017-07-06 17:56 - 2016-07-01 17:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-07-06 12:25 - 2016-08-03 16:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-06 09:18 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 09:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-04 10:04 - 2016-07-13 13:42 - 00002014 _____ C:\Users\Tom\Desktop\Razer Synapse.lnk
2017-07-04 10:04 - 2016-07-03 14:05 - 00001248 _____ C:\Users\Tom\Desktop\AIDA64 Extreme.lnk
2017-07-04 10:04 - 2016-07-01 18:36 - 00001990 _____ C:\Users\Tom\Desktop\OnScreen Control.lnk
2017-07-04 07:33 - 2016-08-03 16:33 - 05358584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-04 07:32 - 2017-01-08 12:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-04 07:32 - 2017-01-08 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-30 19:56 - 2017-01-21 19:36 - 00000000 ____D C:\Users\Tom\Desktop\zvuky
2017-06-30 11:29 - 2017-05-05 16:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-30 11:29 - 2016-07-28 19:55 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2017-06-30 11:29 - 2016-07-28 19:55 - 00000000 ____D C:\ProgramData\Skype
2017-06-29 20:14 - 2017-05-31 12:55 - 00000000 ____D C:\Users\Tom\Desktop\kodevzdani
2017-06-29 18:03 - 2017-03-12 20:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-29 18:03 - 2016-08-03 16:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-29 18:03 - 2016-07-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-29 17:48 - 2017-05-23 13:03 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 17:48 - 2017-05-23 13:03 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-29 17:48 - 2016-08-03 16:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-29 17:48 - 2016-08-03 16:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 17:36 - 2017-05-21 19:01 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk
2017-06-29 11:21 - 2017-04-14 13:29 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-29 11:21 - 2017-04-14 13:29 - 00000000 ____D C:\Program Files\UNP
2017-06-28 00:39 - 2017-01-24 21:51 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-28 00:39 - 2016-07-15 15:30 - 04208984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-06-28 00:39 - 2016-07-15 15:30 - 03709952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-06-28 00:39 - 2016-07-15 15:30 - 00046373 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-27 23:03 - 2016-08-03 16:34 - 06462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 02478712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-27 23:03 - 2016-08-03 16:34 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-27 22:52 - 2016-10-21 15:15 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-27 12:35 - 2017-05-08 18:04 - 00000000 ____D C:\Users\Tom\Desktop\prubeh
2017-06-27 10:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-27 10:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-27 10:38 - 2016-07-01 17:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-27 10:26 - 2016-07-01 15:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2017-06-27 06:54 - 2016-07-01 17:47 - 00000000 ____D C:\ProgramData\Adobe
2017-06-23 19:19 - 2016-08-03 17:33 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-22 22:30 - 2016-08-03 16:34 - 08076177 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-21 09:07 - 2016-10-21 15:15 - 01903224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-06-21 09:07 - 2016-10-21 15:15 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-06-21 09:07 - 2016-10-21 15:15 - 01489528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-06-21 09:07 - 2016-10-21 15:15 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-06-21 09:07 - 2016-10-21 15:15 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-06-21 09:07 - 2016-10-21 15:14 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-06-20 22:58 - 2016-12-15 15:05 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-17 12:20 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 14:27 - 2016-04-27 09:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 14:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-14 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 12:22 - 2016-07-01 16:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 12:21 - 2016-07-01 16:12 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-09 15:41 - 2016-07-01 15:46 - 00000000 ____D C:\Users\Tom\AppData\Local\NVIDIA Corporation
2017-06-08 03:45 - 2016-08-16 12:29 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-08 03:45 - 2016-06-14 23:45 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== Files in the root of some directories =======

2016-09-13 19:29 - 2017-04-09 11:26 - 0033580 _____ () C:\Users\Tom\AppData\Roaming\SLOVA.WAV
2016-09-13 19:29 - 2017-04-09 11:26 - 0033180 _____ () C:\Users\Tom\AppData\Roaming\TMP.WAV
2016-10-09 18:01 - 2016-10-09 18:01 - 0007597 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg
2016-08-22 16:01 - 2016-08-22 16:01 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-12-15 15:05 - 2017-01-24 21:51 - 0025102 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 15:05 - 2017-01-11 22:51 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-07-07 00:47 - 2017-07-07 00:47 - 4015032 _____ (Easeware ) C:\Users\Tom\AppData\Local\Temp\48B.tmp.exe
2017-07-07 00:47 - 2017-07-07 00:47 - 0121856 _____ () C:\Users\Tom\AppData\Local\Temp\load.exe
2017-07-07 00:47 - 2017-07-07 00:47 - 1199825 _____ () C:\Users\Tom\AppData\Local\Temp\unins000.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-08 00:38

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.