VIRY.CZ

Dobrý den,
chtěl bych porposit o kontrolu logu. Při instalaci doplňku do mozily firefox se mi podařilo chytnout nějakou čínskou infekci.
Velice děkuji

Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Ran by Daniel (administrator) on DANIEL-LENOVO (02-12-2015 22:12:24)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 10 Education (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe
( ) C:\Program Files (x86)\baidu\pps.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(iQIYI.COM) C:\IQIYI Video\LStyle\QyKernel.exe
() C:\IQIYI Video\LStyle\Mobile\AndroidService.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\TAOFrame.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCRTP.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCTray.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCRealTimeSpeedup.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-09-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-10-11] (Pixart Imaging Inc)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2015-11-02] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCTray.exe [355296 2015-12-02] (Tencent)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Daniel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Daniel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [GSplay.exe] => C:\Users\Daniel\Desktop\GSplay.exe
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe [81920 2015-11-04] ( )
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [HCDNClient] => C:\IQIYI Video\LStyle\QyKernel.exe [576104 2015-08-04] (iQIYI.COM)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {1dbc3f99-8472-11e5-9bd5-b888e373a893} - "E:\LG_PC_Programs.exe"
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {9927f19a-7030-11e5-9bd0-b888e373a893} - "E:\autorun.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177600 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-11-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QMGCShellExt64.dll [2015-04-07] (Tencent)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2015-11-24]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.1.1
Tcpip\..\Interfaces\{952e9e30-7837-4bd5-b7ce-835e1409f774}: [DhcpNameServer] 10.0.0.1 10.0.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=92280131_hao_pg
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=92280131_hao_pg
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {069202F1-27FC-4601-A5CA-41F878F17CB4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {0D95C45A-4BB5-40A8-AAC6-45A9A2CA3FDC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {17871175-3CF6-4B2C-94D8-C8E87473DBBA} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {1C10EE84-0FDE-4C21-92AA-A8E14B148BF1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {9BF95EE0-8409-4BE3-8C75-761AB9324909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {A1FBF928-091F-4EA8-BD03-00673561F5CD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {BE5B2B07-E2DB-4C66-9A79-AA1CDA6D160B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {CE5AAD91-AB43-45DC-94F4-1C9C48ADDEF3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {E5F225C3-804F-47D5-81B9-AB6A482B2607} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\TSWebMon64.dat [2015-12-02] (Tencent)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: °®ĆćŇŐÖúĘÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\LStyle\Accelerator\IEHelper.dll [2015-08-04] (爱奇艺)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xu00lnfi.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-08-04] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-08-04] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\npQMExtensionsMozilla.dll [2015-12-02] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2161712444-3510936251-563553130-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin HKU\S-1-5-21-2161712444-3510936251-563553130-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2014win32.dll [2015-04-30] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2015win32.dll [2015-06-17] (National Instruments)
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xu00lnfi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-09-05] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2014-08-07] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2015-06-01] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2015-06-01] (National Instruments Corporation)
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84792 2015-06-12] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2015-06-03] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2015-06-03] (National Instruments Corporation)
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [571712 2015-06-02] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [399152 2015-06-01] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177024 2015-06-12] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2015-06-02] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2015-06-03] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [703304 2015-06-11] (National Instruments Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQPCRTP.exe [297608 2015-12-02] (Tencent)
R3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\TAOFrame.exe [293728 2015-12-02] (Tencent)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-13] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QMUdisk64.sys [80184 2015-12-02] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\QQSysMonX64.sys [127800 2015-12-02] (电脑管家)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-09-02] (Realsil Semiconductor Corporation)
R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99640 2015-12-02] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-12-02] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-12-02] (电脑管家)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-07] ()
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\tscpm64.sys [42296 2015-12-02] (电脑管家)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\TSDefenseBT64.sys [28472 2015-12-02] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16065.215\TSSysKit64.sys [87352 2015-12-02] (电脑管家)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-10-11] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-02 22:12 - 2015-12-02 22:13 - 00023581 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-02 22:10 - 2015-12-02 22:10 - 02350080 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-02 22:02 - 2015-10-30 18:18 - 00126776 _____ (电脑管家) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2015-12-02 22:00 - 2015-12-02 21:59 - 00099640 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2015-12-02 21:59 - 2015-12-02 21:59 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2015-12-02 21:59 - 2015-12-02 21:59 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2015-12-02 21:59 - 2015-12-02 21:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-12-02 21:59 - 2015-12-02 21:59 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-12-02 21:58 - 2015-12-02 22:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Tencent
2015-12-02 21:58 - 2015-12-02 21:59 - 00000000 ____D C:\ProgramData\Tencent
2015-12-02 21:58 - 2015-12-02 21:58 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-12-02 21:35 - 2015-12-02 21:35 - 00001234 _____ C:\Users\Daniel\Desktop\全网影视.lnk
2015-12-02 21:34 - 2015-12-02 21:34 - 00001035 _____ C:\Users\Daniel\Desktop\PPS游戏大厅.lnk
2015-12-02 21:15 - 2015-12-02 21:15 - 00000000 ____D C:\Users\Daniel\.android
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ppslog
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\VirtualStore
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Unity
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\Unity
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\SysassistByHotWheel
2015-12-02 21:13 - 2015-12-02 21:45 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IQIYI Video
2015-12-02 21:13 - 2015-12-02 21:36 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-12-02 21:13 - 2015-12-02 21:14 - 00000000 ____D C:\IQIYI Video
2015-12-02 21:13 - 2015-12-02 21:13 - 00000000 ____D C:\Users\Public\QiYi
2015-12-02 21:11 - 2015-12-02 21:11 - 00000000 ____D C:\Program Files (x86)\baidu
2015-12-02 20:23 - 2015-12-02 20:23 - 00016148 _____ C:\WINDOWS\system32\DANIEL-LENOVO_Daniel_HistoryPrediction.bin
2015-12-02 18:18 - 2015-12-02 18:18 - 00858072 _____ C:\Users\Daniel\Desktop\mtlk.rar
2015-12-01 13:19 - 2015-12-01 13:19 - 00001085 _____ C:\Users\Daniel\Desktop\SafeQClient.lnk
2015-12-01 11:48 - 2015-12-01 11:48 - 01246406 _____ C:\Users\Daniel\Desktop\FKPIT-Projekt-č.1-zadaní-13.-Hodnocení-95-bodů-chyba-v-grafu-so-02.11.2015.rar
2015-11-30 11:14 - 2015-11-30 11:14 - 00000042 _____ C:\Users\Daniel\Desktop\vyplata listopad.txt
2015-11-28 22:19 - 2014-12-02 03:10 - 00971844 _____ C:\Users\Daniel\Desktop\Integrály komplet.pdf
2015-11-27 13:09 - 2015-11-24 11:18 - 00001153 _____ C:\Users\Daniel\Desktop\NI LabVIEW 2015 (32-bit).lnk
2015-11-27 12:44 - 2015-11-27 12:44 - 00680150 _____ C:\Users\Daniel\Desktop\Zadání semestrálního projektu MTLK.pdf
2015-11-25 17:31 - 2015-11-25 17:32 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-24 11:50 - 2015-11-24 11:50 - 00000000 ____D C:\Users\Public\Documents\National Instruments
2015-11-24 11:47 - 2015-11-24 11:47 - 00000000 ____D C:\National Instruments Downloads
2015-11-24 11:39 - 2015-12-01 21:16 - 00000000 ____D C:\Users\Daniel\Documents\LabVIEW Data
2015-11-24 11:31 - 2015-11-24 11:52 - 00003382 _____ C:\WINDOWS\System32\Tasks\NIUpdateServiceStartupTask
2015-11-24 11:31 - 2015-11-24 11:31 - 00000000 ____D C:\Users\Daniel\AppData\Local\National Instruments
2015-11-24 11:27 - 2015-11-24 12:45 - 00000000 ____D C:\ProgramData\JKI
2015-11-24 11:27 - 2015-11-24 11:27 - 00004146 _____ C:\WINDOWS\System32\Tasks\JKIUpdateTask
2015-11-24 11:27 - 2015-11-24 11:27 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VI Package Manager.lnk
2015-11-24 11:27 - 2015-11-24 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI
2015-11-24 11:27 - 2015-11-24 11:27 - 00000000 ____D C:\Program Files (x86)\JKI
2015-11-24 11:26 - 2015-11-24 11:26 - 00000000 ____D C:\Program Files\Common Files\OPC Foundation
2015-11-24 11:24 - 2015-11-24 11:24 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI MAX.lnk
2015-11-24 11:18 - 2015-11-24 11:18 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI LabVIEW 2015 (32-bit).lnk
2015-11-24 11:15 - 2015-11-24 11:15 - 00000132 _____ C:\WINDOWS\ODBC.INI
2015-11-24 11:14 - 2015-11-24 11:14 - 00000000 ____D C:\WINDOWS\SysWOW64\cvirte
2015-11-24 11:14 - 2015-11-24 11:14 - 00000000 ____D C:\WINDOWS\system32\cvirte
2015-11-24 11:13 - 2015-11-24 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
2015-11-24 11:13 - 2015-11-24 11:50 - 00000000 ____D C:\Program Files\National Instruments
2015-11-24 11:13 - 2015-11-24 11:13 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Launcher.lnk
2015-11-24 11:12 - 2015-11-24 11:50 - 00000000 ____D C:\Program Files (x86)\National Instruments
2015-11-24 11:09 - 2015-11-24 11:39 - 00000000 ____D C:\ProgramData\National Instruments
2015-11-24 10:47 - 2015-11-24 11:03 - 00000000 ____D C:\Program Files (x86)\LW
2015-11-21 12:08 - 2015-11-21 12:08 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-20 18:24 - 2015-11-20 18:24 - 00321152 _____ C:\WINDOWS\Minidump\112015-54046-01.dmp
2015-11-20 17:49 - 2015-11-20 17:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA
2015-11-20 17:49 - 2015-11-20 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-20 17:49 - 2015-11-16 04:54 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-11-20 17:48 - 2015-11-20 17:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\WINDOWS\system32\NV
2015-11-20 17:46 - 2015-11-16 04:54 - 00112944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-11-20 17:45 - 2015-11-20 17:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-20 17:41 - 2015-11-17 07:27 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-11-20 17:41 - 2015-11-16 04:54 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 37881976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 22345848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 18390832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 14844112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 13533608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 12870192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 03540544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00674096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-11-20 16:07 - 2015-11-20 16:07 - 00000810 _____ C:\Users\Daniel\Desktop\editor – zástupce.lnk
2015-11-19 19:45 - 2015-11-19 19:45 - 00001738 _____ C:\Users\Daniel\Desktop\EXCEL – zástupce.lnk
2015-11-18 10:09 - 2015-11-18 10:09 - 00000652 _____ C:\WINDOWS\setting.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000158 _____ C:\WINDOWS\system32\ricdb.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000141 _____ C:\WINDOWS\setting1.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempDIR
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeQClient
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\Program Files (x86)\SafeQ
2015-11-17 17:15 - 2015-11-21 00:54 - 00000000 ____D C:\Users\Daniel\Desktop\foto netřiděne
2015-11-10 20:20 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-10 20:20 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-10 20:20 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-10 20:20 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-10 20:20 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-10 20:20 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-10 20:20 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-10 20:20 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-10 20:20 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-10 20:20 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-10 20:20 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-10 20:20 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-10 20:20 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-10 20:20 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-10 20:20 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-10 20:20 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-10 20:20 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-10 20:20 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-10 20:20 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-10 20:20 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-10 20:20 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-10 20:20 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-10 20:20 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-10 20:20 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-10 20:20 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-10 20:20 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-10 20:20 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-10 20:20 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-10 20:20 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-10 20:20 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-10 20:20 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-10 20:20 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-10 20:20 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-10 20:20 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-10 20:20 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-10 20:20 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-10 20:20 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-10 20:20 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-10 20:20 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-10 20:20 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-10 20:20 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-10 20:20 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-10 20:20 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-10 20:20 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-10 20:20 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-10 20:20 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-10 20:20 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 09:48 - 2015-12-01 20:04 - 00000000 ____D C:\Users\Daniel\Desktop\OK1
2015-11-10 09:46 - 2015-11-28 15:10 - 00000000 ____D C:\Users\Daniel\Desktop\RS2
2015-11-05 11:09 - 2015-11-24 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-02 22:12 - 2015-09-06 17:44 - 00000000 ____D C:\FRST
2015-12-02 22:04 - 2015-09-22 07:39 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-02 21:59 - 2015-09-01 22:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore
2015-12-02 21:44 - 2015-09-14 07:33 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-02 21:37 - 2015-09-02 21:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 21:15 - 2015-09-01 22:48 - 00000000 ____D C:\Users\Daniel
2015-12-02 19:00 - 2015-09-20 22:03 - 00000600 _____ C:\Users\Daniel\AppData\Roaming\winscp.rnd
2015-12-02 18:52 - 2015-09-02 22:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2015-12-02 18:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-02 18:19 - 2015-09-14 07:35 - 00000000 ___RD C:\Users\Daniel\Disk Google
2015-12-02 18:18 - 2015-09-14 07:33 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-02 18:17 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-02 12:22 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 13:51 - 2015-09-02 22:24 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-11-30 23:18 - 2015-09-17 13:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-11-30 17:29 - 2015-09-11 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-11-29 22:30 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-28 23:27 - 2015-09-01 20:59 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-28 23:27 - 2015-07-10 17:01 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-28 23:27 - 2015-07-10 17:01 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-28 23:27 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-11-28 21:50 - 2015-09-14 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-27 11:05 - 2015-09-03 20:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 17:36 - 2015-09-01 21:42 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-24 11:15 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-23 19:47 - 2015-09-20 11:38 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-23 19:47 - 2015-09-20 11:38 - 00000000 ____D C:\Users\Daniel\.oracle_jre_usage
2015-11-21 23:02 - 2015-09-02 22:24 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 18:24 - 2015-10-17 20:45 - 556521389 _____ C:\WINDOWS\MEMORY.DMP
2015-11-20 18:24 - 2015-10-17 20:45 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-20 18:24 - 2015-07-10 13:20 - 00277600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-20 17:47 - 2015-09-01 20:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 16:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-20 16:45 - 2014-12-07 21:54 - 00000000 ____D C:\NVIDIA
2015-11-20 12:12 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-19 11:56 - 2015-09-20 21:58 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-11-19 11:56 - 2015-09-20 21:58 - 00001059 _____ C:\Users\Daniel\Desktop\WinSCP.lnk
2015-11-19 11:56 - 2015-09-20 21:58 - 00000000 ____D C:\Program Files (x86)\WinSCP
2015-11-19 11:26 - 2015-10-13 08:38 - 00000000 ____D C:\Users\Daniel\Desktop\voip
2015-11-18 22:38 - 2015-09-02 09:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 23:42 - 2015-10-02 10:42 - 00000000 ____D C:\Users\Daniel\Desktop\vpzma zapisek
2015-11-17 17:20 - 2015-09-02 22:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\Steam
2015-11-17 07:27 - 2015-07-23 03:02 - 11228816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-16 04:54 - 2015-07-23 03:02 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00177600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-16 04:54 - 2015-07-10 12:00 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2015-11-14 21:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-14 07:20 - 2015-09-01 20:48 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-14 07:20 - 2015-09-01 20:48 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00114296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-11 20:14 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 20:13 - 2015-09-05 09:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 20:10 - 2015-09-05 09:45 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-10 21:05 - 2015-09-02 21:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-10 20:05 - 2015-09-22 07:39 - 00003904 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-10 20:04 - 2015-10-17 21:04 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-11-03 19:20 - 2015-10-05 17:35 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-05 17:35 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Daniel\AppData\Roaming\syznI8o9vS
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Daniel\AppData\Roaming\syznI8o9vS.exe
2015-09-20 22:03 - 2015-12-02 19:00 - 0000600 _____ () C:\Users\Daniel\AppData\Roaming\winscp.rnd
2015-09-06 17:43 - 2015-09-06 17:43 - 0029696 _____ () C:\Users\Daniel\AppData\Local\MSGBOX.EXE
2015-10-14 10:40 - 2015-10-14 10:40 - 0000218 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-09-02 21:40 - 2015-09-02 21:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\2178.exe
C:\Users\Daniel\AppData\Local\Temp\DivX.Web.Player.Installer__8420_il635.exe
C:\Users\Daniel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Daniel\AppData\Local\Temp\IQIYIsetup_spl004@kb037.exe
C:\Users\Daniel\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\KMS Windows 8 n 8.1 Activator__9771_il302426.exe
C:\Users\Daniel\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Daniel\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Daniel\AppData\Local\Temp\qqpcmgr_v10.7.16065.215_71643_Silence.exe
C:\Users\Daniel\AppData\Local\Temp\setup3.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\~85B6.exe
C:\Users\Daniel\AppData\Local\Temp\~89FD.exe
C:\Users\Daniel\AppData\Local\Temp\~A7F.exe
C:\Users\Daniel\AppData\Local\Temp\~F35C.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-23 20:20

==================== End of FRST.txt ============================

Log addiction: http://leteckaposta.cz/660268803

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.023 - Logfile created 02/12/2015 at 22:40:16
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 10 Education (x64)
# Username : Daniel - DANIEL-LENOVO
# Running from : C:\Users\Daniel\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[-] Service Deleted : TSSysKit
[-] Service Deleted : QMUdisk
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TSCPM
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOFrame
[!] Service Not Deleted : TAOKernelDriver

***** [ Folders ] *****

[-] Folder Deleted : C:\IQIYI Video
[#] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\IQIYI Video
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Daniel\AppData\Local\SysassistByHotWheel
[-] Folder Deleted : C:\Users\Daniel\AppData\Local\Temp\tencent
[-] Folder Deleted : C:\Users\Daniel\AppData\Roaming\IQIYI Video
[#] Folder Deleted : C:\Users\Daniel\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Daniel\AppData\Roaming\ppslog
[-] Folder Deleted : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\Users\Daniel\AppData\Local\Temp\task.vbs
[-] File Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xu00lnfi.default\invalidprefs.js
[-] File Deleted : C:\Users\Daniel\Desktop\PPS游戏大厅.lnk
[-] File Deleted : C:\Users\Daniel\Desktop\全网影视.lnk
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOKernel64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\TsFltMgr.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HCDNClient]
[-] Key Deleted : HKLM\SOFTWARE\Classes\qygameclient
[-] Key Deleted : HKLM\SOFTWARE\Classes\HCDNProxy
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\GEEPLAYER.DIR
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPLICATIONS\GEEPLAYER.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ QQPCTray]
[-] Key Deleted : HKLM\SOFTWARE\Classes\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\GeePlayer.exe
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture
[-] Value Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [QyBrowser.exe]
[-] Value Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [QyClient.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5CD76C57-6893-478A-B776-47E7C82504BE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKCU\Software\QyGameClient
[-] Key Deleted : HKCU\Software\PPStream
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GeePlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C4396A8-6F7A-4786-9ED6-0B9225862E57}
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimagenetwork.com

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [11622 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Ran by Daniel (administrator) on DANIEL-LENOVO (02-12-2015 22:51:59)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 10 Education (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-09-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-10-11] (Pixart Imaging Inc)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2015-11-02] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Daniel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Daniel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [GSplay.exe] => C:\Users\Daniel\Desktop\GSplay.exe
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {1dbc3f99-8472-11e5-9bd5-b888e373a893} - "E:\LG_PC_Programs.exe"
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {9927f19a-7030-11e5-9bd0-b888e373a893} - "E:\autorun.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177600 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-11-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2015-11-24]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.1.1
Tcpip\..\Interfaces\{952e9e30-7837-4bd5-b7ce-835e1409f774}: [DhcpNameServer] 10.0.0.1 10.0.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {069202F1-27FC-4601-A5CA-41F878F17CB4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {0D95C45A-4BB5-40A8-AAC6-45A9A2CA3FDC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {17871175-3CF6-4B2C-94D8-C8E87473DBBA} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {1C10EE84-0FDE-4C21-92AA-A8E14B148BF1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {9BF95EE0-8409-4BE3-8C75-761AB9324909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {A1FBF928-091F-4EA8-BD03-00673561F5CD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {BE5B2B07-E2DB-4C66-9A79-AA1CDA6D160B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {CE5AAD91-AB43-45DC-94F4-1C9C48ADDEF3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2161712444-3510936251-563553130-1001 -> {E5F225C3-804F-47D5-81B9-AB6A482B2607} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xu00lnfi.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [No File]
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2161712444-3510936251-563553130-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2014win32.dll [2015-04-30] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2015win32.dll [2015-06-17] (National Instruments)
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xu00lnfi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-09-05] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2014-08-07] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2015-06-01] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2015-06-01] (National Instruments Corporation)
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84792 2015-06-12] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2015-06-03] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2015-06-03] (National Instruments Corporation)
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [571712 2015-06-02] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [399152 2015-06-01] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177024 2015-06-12] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2015-06-02] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2015-06-03] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [703304 2015-06-11] (National Instruments Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-13] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-09-02] (Realsil Semiconductor Corporation)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16924.223\softaal64.sys [35128 2015-12-02] (Tencent)
U4 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-12-02] (电脑管家)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-07] ()
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-10-11] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 QQSysMonX64; no ImagePath
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16924.223\TSDefenseBT64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-02 22:51 - 2015-12-02 22:51 - 00020315 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-02 22:43 - 2015-12-02 22:43 - 00016148 _____ C:\WINDOWS\system32\DANIEL-LENOVO_Daniel_HistoryPrediction.bin
2015-12-02 22:41 - 2015-12-02 22:41 - 00000000 ____D C:\ProgramData\TXQMPC
2015-12-02 22:37 - 2015-12-02 22:37 - 01736704 _____ C:\Users\Daniel\Desktop\adwcleaner_5.023.exe
2015-12-02 22:19 - 2015-12-02 22:19 - 00005120 _____ C:\Users\Daniel\AppData\Roaming\GiftBag.db
2015-12-02 22:10 - 2015-12-02 22:10 - 02350080 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-02 21:59 - 2015-12-02 21:59 - 00087864 ____N (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2015-12-02 21:58 - 2015-12-02 22:42 - 00000000 ____D C:\ProgramData\Tencent
2015-12-02 21:58 - 2015-12-02 21:58 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-12-02 21:15 - 2015-12-02 21:15 - 00000000 ____D C:\Users\Daniel\.android
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\VirtualStore
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Unity
2015-12-02 21:14 - 2015-12-02 21:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\Unity
2015-12-02 21:13 - 2015-12-02 21:13 - 00000000 ____D C:\Users\Public\QiYi
2015-12-02 21:11 - 2015-12-02 21:11 - 00000000 ____D C:\Program Files (x86)\baidu
2015-12-02 18:18 - 2015-12-02 18:18 - 00858072 _____ C:\Users\Daniel\Desktop\mtlk.rar
2015-12-01 13:19 - 2015-12-01 13:19 - 00001085 _____ C:\Users\Daniel\Desktop\SafeQClient.lnk
2015-12-01 11:48 - 2015-12-01 11:48 - 01246406 _____ C:\Users\Daniel\Desktop\FKPIT-Projekt-č.1-zadaní-13.-Hodnocení-95-bodů-chyba-v-grafu-so-02.11.2015.rar
2015-11-30 11:14 - 2015-11-30 11:14 - 00000042 _____ C:\Users\Daniel\Desktop\vyplata listopad.txt
2015-11-28 22:19 - 2014-12-02 03:10 - 00971844 _____ C:\Users\Daniel\Desktop\Integrály komplet.pdf
2015-11-27 13:09 - 2015-11-24 11:18 - 00001153 _____ C:\Users\Daniel\Desktop\NI LabVIEW 2015 (32-bit).lnk
2015-11-27 12:44 - 2015-11-27 12:44 - 00680150 _____ C:\Users\Daniel\Desktop\Zadání semestrálního projektu MTLK.pdf
2015-11-25 17:31 - 2015-11-25 17:32 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-24 11:50 - 2015-11-24 11:50 - 00000000 ____D C:\Users\Public\Documents\National Instruments
2015-11-24 11:47 - 2015-11-24 11:47 - 00000000 ____D C:\National Instruments Downloads
2015-11-24 11:39 - 2015-12-01 21:16 - 00000000 ____D C:\Users\Daniel\Documents\LabVIEW Data
2015-11-24 11:31 - 2015-11-24 11:52 - 00003382 _____ C:\WINDOWS\System32\Tasks\NIUpdateServiceStartupTask
2015-11-24 11:31 - 2015-11-24 11:31 - 00000000 ____D C:\Users\Daniel\AppData\Local\National Instruments
2015-11-24 11:27 - 2015-11-24 12:45 - 00000000 ____D C:\ProgramData\JKI
2015-11-24 11:27 - 2015-11-24 11:27 - 00004146 _____ C:\WINDOWS\System32\Tasks\JKIUpdateTask
2015-11-24 11:27 - 2015-11-24 11:27 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VI Package Manager.lnk
2015-11-24 11:27 - 2015-11-24 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI
2015-11-24 11:27 - 2015-11-24 11:27 - 00000000 ____D C:\Program Files (x86)\JKI
2015-11-24 11:26 - 2015-11-24 11:26 - 00000000 ____D C:\Program Files\Common Files\OPC Foundation
2015-11-24 11:24 - 2015-11-24 11:24 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI MAX.lnk
2015-11-24 11:18 - 2015-11-24 11:18 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI LabVIEW 2015 (32-bit).lnk
2015-11-24 11:15 - 2015-11-24 11:15 - 00000132 _____ C:\WINDOWS\ODBC.INI
2015-11-24 11:14 - 2015-11-24 11:14 - 00000000 ____D C:\WINDOWS\SysWOW64\cvirte
2015-11-24 11:14 - 2015-11-24 11:14 - 00000000 ____D C:\WINDOWS\system32\cvirte
2015-11-24 11:13 - 2015-11-24 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
2015-11-24 11:13 - 2015-11-24 11:50 - 00000000 ____D C:\Program Files\National Instruments
2015-11-24 11:13 - 2015-11-24 11:13 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Launcher.lnk
2015-11-24 11:12 - 2015-11-24 11:50 - 00000000 ____D C:\Program Files (x86)\National Instruments
2015-11-24 11:09 - 2015-11-24 11:39 - 00000000 ____D C:\ProgramData\National Instruments
2015-11-24 10:47 - 2015-11-24 11:03 - 00000000 ____D C:\Program Files (x86)\LW
2015-11-21 12:08 - 2015-11-21 12:08 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-20 18:24 - 2015-11-20 18:24 - 00321152 _____ C:\WINDOWS\Minidump\112015-54046-01.dmp
2015-11-20 17:49 - 2015-11-20 17:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA
2015-11-20 17:49 - 2015-11-20 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-20 17:49 - 2015-11-16 04:54 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-11-20 17:49 - 2015-11-16 04:54 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-11-20 17:48 - 2015-11-20 17:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\WINDOWS\system32\NV
2015-11-20 17:46 - 2015-11-16 04:54 - 00112944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-11-20 17:45 - 2015-11-20 17:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-20 17:41 - 2015-11-17 07:27 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-11-20 17:41 - 2015-11-16 04:54 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 37881976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 22345848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 18390832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 14844112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 13533608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 12870192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 03540544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00674096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-11-20 17:41 - 2015-11-16 04:54 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-11-20 16:07 - 2015-11-20 16:07 - 00000810 _____ C:\Users\Daniel\Desktop\editor – zástupce.lnk
2015-11-19 19:45 - 2015-11-19 19:45 - 00001738 _____ C:\Users\Daniel\Desktop\EXCEL – zástupce.lnk
2015-11-18 10:09 - 2015-11-18 10:09 - 00000652 _____ C:\WINDOWS\setting.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000158 _____ C:\WINDOWS\system32\ricdb.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000141 _____ C:\WINDOWS\setting1.ini
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempDIR
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeQClient
2015-11-18 10:09 - 2015-11-18 10:09 - 00000000 ____D C:\Program Files (x86)\SafeQ
2015-11-17 17:15 - 2015-11-21 00:54 - 00000000 ____D C:\Users\Daniel\Desktop\foto netřiděne
2015-11-15 12:31 - 2015-11-16 19:32 - 00919040 _____ (Farbar) C:\WINDOWS\mod_frst.exe
2015-11-10 20:20 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-10 20:20 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-10 20:20 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-10 20:20 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-10 20:20 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-10 20:20 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-10 20:20 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-10 20:20 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-10 20:20 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-10 20:20 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-10 20:20 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-10 20:20 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-10 20:20 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-10 20:20 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-10 20:20 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-10 20:20 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-10 20:20 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-10 20:20 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-10 20:20 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-10 20:20 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-10 20:20 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-10 20:20 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-10 20:20 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-10 20:20 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-10 20:20 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-10 20:20 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-10 20:20 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-10 20:20 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-10 20:20 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-10 20:20 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-10 20:20 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-10 20:20 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-10 20:20 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-10 20:20 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-10 20:20 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-10 20:20 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-10 20:20 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-10 20:20 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-10 20:20 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-10 20:20 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-10 20:20 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-10 20:20 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-10 20:20 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-10 20:20 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-10 20:20 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-10 20:20 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-10 20:20 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-10 20:20 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-10 20:20 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 09:48 - 2015-12-01 20:04 - 00000000 ____D C:\Users\Daniel\Desktop\OK1
2015-11-10 09:46 - 2015-11-28 15:10 - 00000000 ____D C:\Users\Daniel\Desktop\RS2
2015-11-05 11:09 - 2015-11-24 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-02 22:51 - 2015-09-06 17:44 - 00000000 ____D C:\FRST
2015-12-02 22:44 - 2015-09-14 07:35 - 00000000 ___RD C:\Users\Daniel\Disk Google
2015-12-02 22:44 - 2015-09-14 07:33 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-02 22:43 - 2015-09-14 07:33 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-02 22:42 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-02 22:42 - 2015-07-10 13:20 - 00280744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-02 22:41 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-02 22:40 - 2015-09-07 21:42 - 00000000 ____D C:\AdwCleaner
2015-12-02 22:14 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-02 22:04 - 2015-09-22 07:39 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-02 21:59 - 2015-09-01 22:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore
2015-12-02 21:37 - 2015-09-02 21:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 21:15 - 2015-09-01 22:48 - 00000000 ____D C:\Users\Daniel
2015-12-02 19:00 - 2015-09-20 22:03 - 00000600 _____ C:\Users\Daniel\AppData\Roaming\winscp.rnd
2015-12-02 18:52 - 2015-09-02 22:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2015-12-02 18:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-01 13:51 - 2015-09-02 22:24 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-11-30 23:18 - 2015-09-17 13:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-11-30 17:29 - 2015-09-11 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-11-29 22:30 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-28 23:27 - 2015-09-01 20:59 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-28 23:27 - 2015-07-10 17:01 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-28 23:27 - 2015-07-10 17:01 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-28 23:27 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-11-28 21:50 - 2015-09-14 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-27 11:05 - 2015-09-03 20:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 17:36 - 2015-09-01 21:42 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 19:48 - 2015-09-20 11:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-23 19:47 - 2015-09-20 11:38 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-23 19:47 - 2015-09-20 11:38 - 00000000 ____D C:\Users\Daniel\.oracle_jre_usage
2015-11-21 23:02 - 2015-09-02 22:24 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 18:24 - 2015-10-17 20:45 - 556521389 _____ C:\WINDOWS\MEMORY.DMP
2015-11-20 18:24 - 2015-10-17 20:45 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-20 17:49 - 2015-09-01 20:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-20 17:47 - 2015-09-01 20:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 16:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-20 16:45 - 2014-12-07 21:54 - 00000000 ____D C:\NVIDIA
2015-11-20 12:12 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-19 11:56 - 2015-09-20 21:58 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-11-19 11:56 - 2015-09-20 21:58 - 00001059 _____ C:\Users\Daniel\Desktop\WinSCP.lnk
2015-11-19 11:56 - 2015-09-20 21:58 - 00000000 ____D C:\Program Files (x86)\WinSCP
2015-11-19 11:26 - 2015-10-13 08:38 - 00000000 ____D C:\Users\Daniel\Desktop\voip
2015-11-18 22:38 - 2015-09-02 09:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 23:42 - 2015-10-02 10:42 - 00000000 ____D C:\Users\Daniel\Desktop\vpzma zapisek
2015-11-17 17:20 - 2015-09-02 22:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\Steam
2015-11-17 07:27 - 2015-07-23 03:02 - 11228816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-16 04:54 - 2015-07-23 03:02 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00177600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-16 04:54 - 2015-07-10 12:00 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2015-11-14 21:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-14 07:20 - 2015-09-01 20:48 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-14 07:20 - 2015-09-01 20:48 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00114296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-14 07:20 - 2015-09-01 20:48 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-11 20:14 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 20:13 - 2015-09-05 09:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 20:10 - 2015-09-05 09:45 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-10 21:05 - 2015-09-02 21:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-10 20:05 - 2015-09-22 07:39 - 00003904 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-10 20:04 - 2015-10-17 21:04 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-11-03 19:20 - 2015-10-05 17:35 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-05 17:35 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-12-02 22:19 - 2015-12-02 22:19 - 0005120 _____ () C:\Users\Daniel\AppData\Roaming\GiftBag.db
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Daniel\AppData\Roaming\syznI8o9vS
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Daniel\AppData\Roaming\syznI8o9vS.exe
2015-09-20 22:03 - 2015-12-02 19:00 - 0000600 _____ () C:\Users\Daniel\AppData\Roaming\winscp.rnd
2015-09-06 17:43 - 2015-09-06 17:43 - 0029696 _____ () C:\Users\Daniel\AppData\Local\MSGBOX.EXE
2015-10-14 10:40 - 2015-10-14 10:40 - 0000218 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-09-02 21:40 - 2015-09-02 21:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\2178.exe
C:\Users\Daniel\AppData\Local\Temp\DivX.Web.Player.Installer__8420_il635.exe
C:\Users\Daniel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Daniel\AppData\Local\Temp\IQIYIsetup_spl004@kb037.exe
C:\Users\Daniel\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\KMS Windows 8 n 8.1 Activator__9771_il302426.exe
C:\Users\Daniel\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Daniel\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Daniel\AppData\Local\Temp\PCMgr_Setup_11_1_16924_223.exe
C:\Users\Daniel\AppData\Local\Temp\qqpcmgr_v10.7.16065.215_71643_Silence.exe
C:\Users\Daniel\AppData\Local\Temp\setup3.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\~85B6.exe
C:\Users\Daniel\AppData\Local\Temp\~89FD.exe
C:\Users\Daniel\AppData\Local\Temp\~A7F.exe
C:\Users\Daniel\AppData\Local\Temp\~F35C.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-23 20:20

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {1dbc3f99-8472-11e5-9bd5-b888e373a893} - "E:\LG_PC_Programs.exe"
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {9927f19a-7030-11e5-9bd0-b888e373a893} - "E:\autorun.exe"
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [No File]
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
U4 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-12-02] (电脑管家)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16924.223\TSDefenseBT64.sys [X]
C:\WINDOWS\system32\Drivers\TFsFltX64.sys
C:\Users\Public\QiYi
C:\Program Files (x86)\baidu
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Daniel\AppData\Roaming\GiftBag.db
C:\Users\Daniel\AppData\Roaming\syznI8o9vS
C:\Users\Daniel\AppData\Roaming\syznI8o9vS.exe
C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version:01-12-2015
Ran by Daniel (2015-12-03 22:20:44) Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {1dbc3f99-8472-11e5-9bd5-b888e373a893} - "E:\LG_PC_Programs.exe"
HKU\S-1-5-21-2161712444-3510936251-563553130-1001\...\MountPoints2: {9927f19a-7030-11e5-9bd0-b888e373a893} - "E:\autorun.exe"
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [No File]
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
U4 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-12-02] (????)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16924.223\TSDefenseBT64.sys [X]
C:\WINDOWS\system32\Drivers\TFsFltX64.sys
C:\Users\Public\QiYi
C:\Program Files (x86)\baidu
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Daniel\AppData\Roaming\GiftBag.db
C:\Users\Daniel\AppData\Roaming\syznI8o9vS
C:\Users\Daniel\AppData\Roaming\syznI8o9vS.exe
C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-2161712444-3510936251-563553130-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1dbc3f99-8472-11e5-9bd5-b888e373a893}" => key removed successfully
HKCR\CLSID\{1dbc3f99-8472-11e5-9bd5-b888e373a893} => key not found.
"HKU\S-1-5-21-2161712444-3510936251-563553130-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9927f19a-7030-11e5-9bd0-b888e373a893}" => key removed successfully
HKCR\CLSID\{9927f19a-7030-11e5-9bd0-b888e373a893} => key not found.
"HKLM\Software\MozillaPlugins\@iqiyi.com/npclient" => key removed successfully
"HKLM\Software\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully
TFsFlt => service removed successfully
TSDefenseBt => service removed successfully
C:\WINDOWS\system32\Drivers\TFsFltX64.sys => moved successfully
C:\Users\Public\QiYi => moved successfully
C:\Program Files (x86)\baidu => moved successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Daniel\AppData\Roaming\GiftBag.db => moved successfully
C:\Users\Daniel\AppData\Roaming\syznI8o9vS => moved successfully
C:\Users\Daniel\AppData\Roaming\syznI8o9vS.exe => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Daniel\AppData\Local\Temp" folder move:

Could not move "C:\Users\Daniel\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-03 22:24:38)

C:\Users\Daniel\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:24:41 ====

Smazáno. Nastala nějaká změna?

Smazáno, vše vypadá v pohodě .
Velice děkuji za pomoc.
Odeslal jsem drobný finanční příspěvek .

Za podporu děkujeme a vy nemáte zač!