Ahojda
Prosím o pomoc s odstraněním CinPlus-2.4c.
Vyzkoušel jsem několik nástrojů a nedaří se.
Log FRST:
----------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Kapoli (administrator) on SONYNB on 12-11-2014 14:41:40
Running from C:\Users\Kapoli\Desktop
Loaded Profile: Kapoli (Available profiles: Kapoli)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ServiceEx) C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\service-install.exe
(The PHP Group) C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\ews-dashboard.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Dropbox, Inc.) C:\Users\Kapoli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files\Opera x64\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774904 2014-11-04] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681656 2014-11-04] (Crawler.com)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8482680 2014-07-09] (Innovative Solutions)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8482680 2014-07-09] (Innovative Solutions)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-27] (Siber Systems)
Startup: C:\Users\Kapoli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kapoli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611381131} -> No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611381131} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKU\S-1-5-21-2074586848-1309138504-2724831536-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: HD-V2.2V31.10 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-31]
FF Extension: Internet Speed Checker - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\sepherdwilbur@aol.com [2014-10-31]
FF Extension: 0c8fbd76bdeb4c529b24d587ce7b9dc3 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-07-25]
Chrome:
=======
CHR Profile: C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Disk Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Peněženka Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR Extension: (HD-V2.2V31.10) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-10-31]
CHR Extension: (RoboForm) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-08-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ews-dashboard; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\service-install.exe [114688 2014-04-06] (ServiceEx) [File not signed]
S2 ews-dbserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe [10958848 2014-05-06] () [File not signed]
S2 ews-httpserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\httpserver\bin\ews-httpd.exe [20992 2014-07-19] (Apache Software Foundation) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146272 2014-11-04] (Crawler.com)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-07-26] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-10] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-11-10] (Windows (R) Win 7 DDK provider)
R3 tifm21; C:\Windows\system32\drivers\tifm21.sys [319488 2009-10-12] (Texas Instruments)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (CaptainFlint Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-09-03] (Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 14:41 - 2014-11-12 14:42 - 00016982 _____ () C:\Users\Kapoli\Desktop\FRST.txt
2014-11-12 14:41 - 2014-11-12 14:41 - 00000000 ____D () C:\FRST
2014-11-12 14:40 - 2014-11-12 14:40 - 00015327 _____ () C:\Users\Kapoli\Desktop\LM.bat
2014-11-12 14:38 - 2014-11-12 14:39 - 00000000 ____D () C:\Users\Kapoli\Desktop\Scan
2014-11-12 14:38 - 2014-11-12 14:38 - 02116096 _____ (Farbar) C:\Users\Kapoli\Desktop\FRST64.exe
2014-11-12 14:38 - 2014-11-12 14:38 - 00112640 _____ (forum.viry.cz) C:\Users\Kapoli\Desktop\FRSTLauncher.exe
2014-11-12 14:29 - 2014-11-12 14:29 - 00000117 _____ () C:\Windows\system32\netcfg-38142.txt
2014-11-12 10:43 - 2014-11-12 10:43 - 00000117 _____ () C:\Windows\system32\netcfg-1618884.txt
2014-11-12 10:17 - 2014-11-12 10:17 - 00000117 _____ () C:\Windows\system32\netcfg-43851.txt
2014-11-11 19:30 - 2014-11-11 19:30 - 00000117 _____ () C:\Windows\system32\netcfg-3421803.txt
2014-11-11 18:33 - 2014-11-11 18:33 - 00000117 _____ () C:\Windows\system32\netcfg-302127.txt
2014-11-11 18:29 - 2014-11-11 18:29 - 00000117 _____ () C:\Windows\system32\netcfg-44039.txt
2014-11-10 19:40 - 2014-11-10 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-4650639.txt
2014-11-10 18:24 - 2014-11-10 18:24 - 00000117 _____ () C:\Windows\system32\netcfg-47502.txt
2014-11-10 16:12 - 2014-11-10 16:12 - 00000117 _____ () C:\Windows\system32\netcfg-3242979.txt
2014-11-10 15:55 - 2014-11-12 10:18 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-11-10 15:55 - 2014-11-10 15:55 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-11-10 15:55 - 2014-11-10 15:55 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Spyware Terminator
2014-11-10 15:55 - 2014-11-10 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-11-10 15:54 - 2014-11-10 15:55 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-11-10 15:45 - 2014-11-10 15:45 - 00000117 _____ () C:\Windows\system32\netcfg-1587341.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1437096.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1423789.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1423165.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000000 _____ () C:\autoexec.bat
2014-11-10 15:41 - 2014-11-10 15:41 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Enigma Software Group
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\sh4ldr
2014-11-10 15:40 - 2014-11-10 15:40 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-10 15:19 - 2014-11-10 15:19 - 00000117 _____ () C:\Windows\system32\netcfg-42416.txt
2014-11-10 11:02 - 2014-11-10 11:02 - 00000117 _____ () C:\Windows\system32\netcfg-5109407.txt
2014-11-10 09:38 - 2014-11-10 09:38 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\ESET
2014-11-10 09:37 - 2014-11-10 09:37 - 00000117 _____ () C:\Windows\system32\netcfg-39125.txt
2014-11-10 09:26 - 2014-11-10 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-873995.txt
2014-11-10 09:22 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-10 09:22 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\ProgramData\ESET
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\Program Files\ESET
2014-11-10 09:12 - 2014-11-10 09:12 - 00000117 _____ () C:\Windows\system32\netcfg-35537.txt
2014-11-10 09:11 - 2014-11-10 09:11 - 00000117 _____ () C:\Windows\system32\netcfg-1160288.txt
2014-11-10 09:06 - 2014-11-10 09:11 - 00000000 ____D () C:\AdwCleaner
2014-11-10 08:52 - 2014-11-10 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-37253.txt
2014-11-09 18:53 - 2014-11-09 18:53 - 00000117 _____ () C:\Windows\system32\netcfg-1771094.txt
2014-11-09 18:25 - 2014-11-09 18:25 - 00000117 _____ () C:\Windows\system32\netcfg-46909.txt
2014-11-09 18:22 - 2014-11-09 18:22 - 00000117 _____ () C:\Windows\system32\netcfg-2115326.txt
2014-11-09 17:48 - 2014-11-09 17:48 - 00000117 _____ () C:\Windows\system32\netcfg-76128.txt
2014-11-09 17:04 - 2014-11-09 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-2050227.txt
2014-11-09 16:31 - 2014-11-09 16:31 - 00000117 _____ () C:\Windows\system32\netcfg-38797.txt
2014-11-09 15:01 - 2014-11-09 15:01 - 00000117 _____ () C:\Windows\system32\netcfg-11499379.txt
2014-11-09 12:23 - 2014-11-09 12:23 - 00001408 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-11-09 12:23 - 2014-11-09 12:23 - 00001339 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-11-09 12:23 - 2014-11-09 12:23 - 00000000 ____D () C:\Windows\cs
2014-11-09 12:22 - 2014-11-09 12:22 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-09 12:22 - 2014-11-09 12:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-09 12:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-09 12:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-09 12:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-09 12:21 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-09 12:21 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-09 12:20 - 2014-11-09 12:24 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\Windows Live
2014-11-09 11:49 - 2014-11-09 11:50 - 00000117 _____ () C:\Windows\system32\netcfg-31949.txt
2014-11-08 18:32 - 2014-11-08 18:32 - 00000117 _____ () C:\Windows\system32\netcfg-7532430.txt
2014-11-08 16:27 - 2014-11-08 16:27 - 00000117 _____ () C:\Windows\system32\netcfg-30919.txt
2014-11-07 20:16 - 2014-11-07 20:16 - 00000117 _____ () C:\Windows\system32\netcfg-10229640.txt
2014-11-07 17:27 - 2014-11-07 17:27 - 00000117 _____ () C:\Windows\system32\netcfg-30498.txt
2014-11-05 18:06 - 2014-11-05 18:06 - 00000117 _____ () C:\Windows\system32\netcfg-4713507.txt
2014-11-05 16:48 - 2014-11-05 16:48 - 00000117 _____ () C:\Windows\system32\netcfg-29842.txt
2014-11-04 19:32 - 2014-11-04 19:32 - 00000117 _____ () C:\Windows\system32\netcfg-40279.txt
2014-11-04 19:32 - 2014-11-04 19:32 - 00000117 _____ () C:\Windows\system32\netcfg-31168.txt
2014-11-04 19:31 - 2014-11-04 19:31 - 00000117 _____ () C:\Windows\system32\netcfg-3011817.txt
2014-11-04 18:41 - 2014-11-04 18:42 - 00000117 _____ () C:\Windows\system32\netcfg-38953.txt
2014-11-03 17:59 - 2014-11-03 17:59 - 00000117 _____ () C:\Windows\system32\netcfg-8537123.txt
2014-11-02 19:52 - 2014-11-02 19:52 - 00000117 _____ () C:\Windows\system32\netcfg-3416125.txt
2014-11-02 16:24 - 2014-11-02 16:24 - 00000117 _____ () C:\Windows\system32\netcfg-833778.txt
2014-11-02 16:11 - 2014-11-02 16:11 - 00000117 _____ () C:\Windows\system32\netcfg-30685.txt
2014-11-02 16:10 - 2014-11-02 16:10 - 00000117 _____ () C:\Windows\system32\netcfg-1072132.txt
2014-11-01 16:07 - 2014-11-01 16:07 - 00000117 _____ () C:\Windows\system32\netcfg-3408185.txt
2014-11-01 15:11 - 2014-11-01 15:11 - 00000117 _____ () C:\Windows\system32\netcfg-31137.txt
2014-10-31 20:29 - 2014-10-31 20:29 - 00000117 _____ () C:\Windows\system32\netcfg-1788613.txt
2014-10-31 19:59 - 2014-10-31 20:00 - 00000117 _____ () C:\Windows\system32\netcfg-38969.txt
2014-10-31 19:58 - 2014-10-31 19:58 - 00000117 _____ () C:\Windows\system32\netcfg-634814.txt
2014-10-31 19:48 - 2014-10-31 19:48 - 00000117 _____ () C:\Windows\system32\netcfg-39920.txt
2014-10-31 15:32 - 2014-10-31 15:32 - 00000117 _____ () C:\Windows\system32\netcfg-786713.txt
2014-10-31 15:31 - 2014-11-02 16:08 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Seznam.cz
2014-10-31 15:31 - 2014-10-31 15:31 - 01468848 _____ (InfoHD-V2.2V31.10) C:\Users\Kapoli\AppData\Roaming\PQGBZY.exe
2014-10-31 15:30 - 2014-11-12 14:29 - 00001356 _____ () C:\Windows\Tasks\ROKWAA.job
2014-10-31 15:30 - 2014-10-31 15:30 - 00004360 _____ () C:\Windows\System32\Tasks\ROKWAA
2014-10-31 15:20 - 2014-10-31 15:20 - 00000117 _____ () C:\Windows\system32\netcfg-31559.txt
2014-10-31 09:30 - 2014-10-31 09:30 - 00000117 _____ () C:\Windows\system32\netcfg-1506813.txt
2014-10-31 09:05 - 2014-10-31 09:06 - 00000117 _____ () C:\Windows\system32\netcfg-30154.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000117 _____ () C:\Windows\system32\netcfg-4006355.txt
2014-10-30 20:08 - 2014-10-30 20:08 - 00000117 _____ () C:\Windows\system32\netcfg-30607.txt
2014-10-30 18:51 - 2014-10-30 18:51 - 00000117 _____ () C:\Windows\system32\netcfg-2260048.txt
2014-10-30 18:14 - 2014-10-30 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-93538.txt
2014-10-29 19:49 - 2014-10-29 19:49 - 00000117 _____ () C:\Windows\system32\netcfg-10687644.txt
2014-10-29 16:52 - 2014-10-29 16:52 - 00000117 _____ () C:\Windows\system32\netcfg-37627.txt
2014-10-28 19:29 - 2014-10-28 19:29 - 00000117 _____ () C:\Windows\system32\netcfg-10020490.txt
2014-10-28 16:43 - 2014-10-28 16:43 - 00000117 _____ () C:\Windows\system32\netcfg-58063.txt
2014-10-27 20:39 - 2014-10-27 20:39 - 00000117 _____ () C:\Windows\system32\netcfg-5472156.txt
2014-10-27 19:12 - 2014-10-27 19:26 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\TeamViewer
2014-10-27 19:12 - 2014-10-27 19:12 - 00001212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-27 19:12 - 2014-10-27 19:12 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-27 19:08 - 2014-10-27 19:08 - 00000117 _____ () C:\Windows\system32\netcfg-29671.txt
2014-10-27 18:46 - 2014-10-27 18:46 - 00000117 _____ () C:\Windows\system32\netcfg-5824078.txt
2014-10-27 17:10 - 2014-10-27 17:10 - 00000117 _____ () C:\Windows\system32\netcfg-39281.txt
2014-10-26 16:27 - 2014-10-26 16:27 - 00000117 _____ () C:\Windows\system32\netcfg-9406751.txt
2014-10-26 13:51 - 2014-10-26 13:51 - 00000117 _____ () C:\Windows\system32\netcfg-29827.txt
2014-10-25 17:28 - 2014-10-25 17:28 - 00000117 _____ () C:\Windows\system32\netcfg-7420967.txt
2014-10-25 15:25 - 2014-10-25 15:25 - 00000117 _____ () C:\Windows\system32\netcfg-32526.txt
2014-10-24 19:11 - 2014-10-24 19:11 - 00000117 _____ () C:\Windows\system32\netcfg-4434671.txt
2014-10-24 08:17 - 2014-10-24 08:17 - 00000117 _____ () C:\Windows\system32\netcfg-4319433.txt
2014-10-24 07:11 - 2014-10-24 07:11 - 00868328 _____ (Opera Software) C:\Users\Kapoli\Downloads\Opera_NI_stable.exe
2014-10-24 07:10 - 2014-10-30 18:18 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414131028
2014-10-24 07:10 - 2014-10-30 18:18 - 00001079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 25.lnk
2014-10-24 07:10 - 2014-10-30 18:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-24 07:10 - 2014-10-24 07:10 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Opera Software
2014-10-24 07:10 - 2014-10-24 07:10 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\Opera Software
2014-10-24 07:05 - 2014-10-24 07:05 - 00000117 _____ () C:\Windows\system32\netcfg-33805.txt
2014-10-23 19:52 - 2014-10-23 19:52 - 00000117 _____ () C:\Windows\system32\netcfg-9387250.txt
2014-10-23 17:16 - 2014-10-23 17:17 - 00000117 _____ () C:\Windows\system32\netcfg-32635.txt
2014-10-23 16:35 - 2014-10-23 16:35 - 00000117 _____ () C:\Windows\system32\netcfg-3803663.txt
2014-10-23 15:33 - 2014-10-23 15:33 - 00000117 _____ () C:\Windows\system32\netcfg-32838.txt
2014-10-21 19:55 - 2014-10-21 19:55 - 00000117 _____ () C:\Windows\system32\netcfg-10332663.txt
2014-10-21 17:43 - 2014-10-21 17:43 - 00000117 _____ () C:\Windows\system32\netcfg-2411401.txt
2014-10-21 17:05 - 2014-10-21 17:05 - 00000117 _____ () C:\Windows\system32\netcfg-137483.txt
2014-10-21 17:05 - 2014-10-21 17:05 - 00000117 _____ () C:\Windows\system32\netcfg-133802.txt
2014-10-21 17:04 - 2014-10-21 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-32775.txt
2014-10-20 18:09 - 2014-10-20 18:09 - 00000117 _____ () C:\Windows\system32\netcfg-3983142.txt
2014-10-20 17:04 - 2014-10-20 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-65972.txt
2014-10-20 16:59 - 2014-10-20 16:59 - 00000117 _____ () C:\Windows\system32\netcfg-1556031.txt
2014-10-20 16:33 - 2014-10-20 16:34 - 00000117 _____ () C:\Windows\system32\netcfg-29796.txt
2014-10-19 15:39 - 2014-10-19 15:39 - 00000117 _____ () C:\Windows\system32\netcfg-52041.txt
2014-10-19 15:38 - 2014-10-19 15:38 - 00000117 _____ () C:\Windows\system32\netcfg-39156.txt
2014-10-19 15:37 - 2014-10-19 15:37 - 00000117 _____ () C:\Windows\system32\netcfg-7156592.txt
2014-10-19 13:38 - 2014-10-19 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-30295.txt
2014-10-18 21:30 - 2014-10-18 21:30 - 00000117 _____ () C:\Windows\system32\netcfg-5163867.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-41683.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-38579.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-35178.txt
2014-10-17 18:47 - 2014-10-17 18:47 - 00000117 _____ () C:\Windows\system32\netcfg-2397782.txt
2014-10-17 18:07 - 2014-10-17 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-31028.txt
2014-10-17 09:29 - 2014-10-17 09:29 - 00000117 _____ () C:\Windows\system32\netcfg-4665755.txt
2014-10-17 08:12 - 2014-10-17 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-35552.txt
2014-10-16 19:56 - 2014-10-16 19:56 - 00000117 _____ () C:\Windows\system32\netcfg-5323565.txt
2014-10-16 18:28 - 2014-10-16 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-45755.txt
2014-10-16 13:50 - 2014-10-16 13:50 - 00000117 _____ () C:\Windows\system32\netcfg-1384181.txt
2014-10-16 13:28 - 2014-10-16 13:28 - 00000117 _____ () C:\Windows\system32\netcfg-29374.txt
2014-10-15 17:38 - 2014-10-15 17:38 - 00000117 _____ () C:\Windows\system32\netcfg-4364736.txt
2014-10-15 16:26 - 2014-10-15 16:26 - 00000117 _____ () C:\Windows\system32\netcfg-30123.txt
2014-10-14 19:59 - 2014-10-14 19:59 - 00000117 _____ () C:\Windows\system32\netcfg-3517806.txt
2014-10-14 19:01 - 2014-10-14 19:01 - 00000117 _____ () C:\Windows\system32\netcfg-29203.txt
2014-10-14 16:42 - 2014-10-14 16:42 - 00000117 _____ () C:\Windows\system32\netcfg-474211.txt
2014-10-14 16:34 - 2014-10-14 16:34 - 00000117 _____ () C:\Windows\system32\netcfg-28719.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 14:35 - 2014-07-25 17:51 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2074586848-1309138504-2724831536-1001
2014-11-12 14:31 - 2014-08-02 07:12 - 00000000 ___RD () C:\Users\Kapoli\Dropbox
2014-11-12 14:31 - 2014-08-02 07:08 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Dropbox
2014-11-12 14:30 - 2014-09-05 13:42 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Wise Care 365
2014-11-12 14:29 - 2014-09-05 13:44 - 00000438 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-12 14:29 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 10:43 - 2014-07-25 18:14 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\ClassicShell
2014-11-12 10:43 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-11 19:17 - 2014-07-26 09:46 - 00000000 ____D () C:\IL2
2014-11-11 19:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-11 18:51 - 2014-07-25 18:39 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 16:12 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-10 15:41 - 2014-07-25 17:44 - 00000000 ____D () C:\Users\Kapoli
2014-11-10 09:42 - 2012-07-26 11:01 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-11-10 09:42 - 2012-07-26 11:01 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-11-10 09:42 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 14:13 - 2014-07-26 06:30 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\vlc
2014-11-09 13:38 - 2014-07-26 09:22 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\XnView
2014-11-09 12:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-08 18:23 - 2014-07-26 09:02 - 00000000 ____D () C:\Windows\AutoKMS
2014-11-08 18:23 - 2014-07-26 07:17 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-11-08 16:28 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-10-30 12:25 - 2014-07-26 11:10 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 16:46 - 2014-07-25 18:39 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-28 16:46 - 2014-07-25 18:39 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-28 16:46 - 2014-07-25 18:39 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 16:43 - 2014-07-26 12:49 - 05124712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-24 07:08 - 2014-07-26 06:13 - 00000000 ____D () C:\Program Files (x86)\Opera x64
2014-10-24 07:08 - 2014-07-26 06:12 - 00000000 ____D () C:\Program Files\Opera x64
Some content of TEMP:
====================
C:\Users\Kapoli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplxwn2a.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 12:04
==================== End Of Log ============================
----------------------------------------------------------------------------------
Díky za Váš čas
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomoc s odstraněním CinPlus-2.4c
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomoc s odstraněním CinPlus-2.4c
- Přílohy
-
- Addition.rar
- (6.98 KiB) Staženo 42 x
Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Zdravim 
Pouzil jste v AdwCleaneru i moznost Clean?
Odinstalujte Takze zlehka zacneme... uvidime jak moc se bude branit 
Pouzil jste v AdwCleaneru i moznost Clean? Odinstalujte - Seznam Software - jen pokud nepouzivate
- SpyHunter
- Spyware Terminator
Takze zlehka zacneme... uvidime jak moc se bude branit
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: Task: {890DFBD8-244A-4D70-91BB-B9B63950C2C0} - System32\Tasks\ROKWAA => C:\Users\Kapoli\AppData\Roaming\ROKWAA.exe <==== ATTENTION Task: {E9C22BC6-59F4-4765-B9EC-EB4942C5A980} - \AutoKMS No Task File <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ROKWAA.job => C:\Users\Kapoli\AppData\Roaming\ROKWAA.exe <==== ATTENTION Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774904 2014-11-04] (Crawler.com) HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681656 2014-11-04] (Crawler.com) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File BHO: No Name -> {11111111-1111-1111-1111-110611381131} -> No File BHO-x32: No Name -> {11111111-1111-1111-1111-110611171152} -> No File BHO-x32: No Name -> {11111111-1111-1111-1111-110611381131} -> No File FF Extension: HD-V2.2V31.10 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-31] FF Extension: Internet Speed Checker - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\sepherdwilbur@aol.com [2014-10-31] FF Extension: 0c8fbd76bdeb4c529b24d587ce7b9dc3 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} [2014-11-05] CHR Extension: (HD-V2.2V31.10) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-10-31] 2014-11-12 14:40 - 2014-11-12 14:40 - 00015327 _____ () C:\Users\Kapoli\Desktop\LM.bat 2014-10-31 15:31 - 2014-10-31 15:31 - 01468848 _____ (InfoHD-V2.2V31.10) C:\Users\Kapoli\AppData\Roaming\PQGBZY.exe 2014-10-31 15:30 - 2014-11-12 14:29 - 00001356 _____ () C:\Windows\Tasks\ROKWAA.job 2014-11-08 18:23 - 2014-07-26 09:02 - 00000000 ____D () C:\Windows\AutoKMS Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
S tím Seznam software mám trochu problém.
Už jsem ho odinstalovat zkoušel, což skončilo neúspěchem - vybral jsem všechny komponenty v okně pro odinstalaci, spustil, komponenty se odebraly (nikde už neotravuje) ale v seznamu instalovaných programů zůstal. Při opakování se otevře okno odinstalace ale již neb komponentů k odebrání.
SpyHunter jsem chtěl odebrat také, ale ten nešel vůbec - instalátor jenom otevřel okno s reklamou. Po pátém pokusu jsem se nasr... a proti svým zásadám ho natvrdo smazal z Program Files a a vypucoval registry CCleanerem.
Díky za pomoc, zkusím to.
Už jsem ho odinstalovat zkoušel, což skončilo neúspěchem - vybral jsem všechny komponenty v okně pro odinstalaci, spustil, komponenty se odebraly (nikde už neotravuje) ale v seznamu instalovaných programů zůstal. Při opakování se otevře okno odinstalace ale již neb komponentů k odebrání.
SpyHunter jsem chtěl odebrat také, ale ten nešel vůbec - instalátor jenom otevřel okno s reklamou. Po pátém pokusu jsem se nasr... a proti svým zásadám ho natvrdo smazal z Program Files a a vypucoval registry CCleanerem.
Díky za pomoc, zkusím to.
Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Diky za info... Toto domazeme v dalsim kroku. Ted mi jde o zbaveni reklam. Pouzijte fixlist a dejte vedet. Ptal jsem se take na AdwCleaner. Pouzil jste moznost Clean?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Hotovo, fixlog je zde.
Kód: Vybrat vše
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by Kapoli at 2014-11-13 06:40:29 Run:1
Running from C:\Users\Kapoli\Desktop
Loaded Profile: Kapoli (Available profiles: Kapoli)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Task: {890DFBD8-244A-4D70-91BB-B9B63950C2C0} - System32\Tasks\ROKWAA => C:\Users\Kapoli\AppData\Roaming\ROKWAA.exe <==== ATTENTION
Task: {E9C22BC6-59F4-4765-B9EC-EB4942C5A980} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROKWAA.job => C:\Users\Kapoli\AppData\Roaming\ROKWAA.exe <==== ATTENTION
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774904 2014-11-04] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681656 2014-11-04] (Crawler.com)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611381131} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611381131} -> No File
FF Extension: HD-V2.2V31.10 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-31]
FF Extension: Internet Speed Checker - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\sepherdwilbur@aol.com [2014-10-31]
FF Extension: 0c8fbd76bdeb4c529b24d587ce7b9dc3 - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} [2014-11-05]
CHR Extension: (HD-V2.2V31.10) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-10-31]
2014-11-12 14:40 - 2014-11-12 14:40 - 00015327 _____ () C:\Users\Kapoli\Desktop\LM.bat
2014-10-31 15:31 - 2014-10-31 15:31 - 01468848 _____ (InfoHD-V2.2V31.10) C:\Users\Kapoli\AppData\Roaming\PQGBZY.exe
2014-10-31 15:30 - 2014-11-12 14:29 - 00001356 _____ () C:\Windows\Tasks\ROKWAA.job
2014-11-08 18:23 - 2014-07-26 09:02 - 00000000 ____D () C:\Windows\AutoKMS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{890DFBD8-244A-4D70-91BB-B9B63950C2C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{890DFBD8-244A-4D70-91BB-B9B63950C2C0}" => Key deleted successfully.
C:\Windows\System32\Tasks\ROKWAA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROKWAA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E9C22BC6-59F4-4765-B9EC-EB4942C5A980}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9C22BC6-59F4-4765-B9EC-EB4942C5A980}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\ROKWAA.job => Moved successfully.
C:\Windows\Tasks\Wise Care 365.job => Moved successfully.
C:\Windows\Tasks\Wise Turbo Checker.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110611171152}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110611381131}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}" => Key not found.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611171152}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}" => Key not found.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611381131}" => Key not found.
C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com => Moved successfully.
C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\sepherdwilbur@aol.com => Moved successfully.
C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} => Moved successfully.
C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa => Moved successfully.
C:\Users\Kapoli\Desktop\LM.bat => Moved successfully.
C:\Users\Kapoli\AppData\Roaming\PQGBZY.exe => Moved successfully.
"C:\Windows\Tasks\ROKWAA.job" => File/Directory not found.
C:\Windows\AutoKMS => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 107.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Vyborne, jak jsme na tom s vyskakovanim reklam? A co ten AdwCleaner? Klidne budte sdilnejsi 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Chtěl jsem počkat na Vaše vyjádření.
Zatím reklamy netravují ale ve Woknech strávím velmi málo času. Vlastně je mám jako druhý systém jen díky tomu, že v Linuxu u některých aplikací neexistují dobře ovladatelné náhrady a občas relaxuji sestřelováním v IL2.
Nicméně reklamy nejsou, povedlo se odstranit i Seznam a všechny ostatní nástroje-viry.
Moc děkuji za pomoc.
Bez ní bych byl odkázán na rádoby "nástroje", které jsou samy o sobě více virem než řešením problému.
Dnes se těžko hledá fórum, kde se místo chytrých zvratků přemoudřelců zabývají skutečnou a produktivní pomocí.
Zatím reklamy netravují ale ve Woknech strávím velmi málo času. Vlastně je mám jako druhý systém jen díky tomu, že v Linuxu u některých aplikací neexistují dobře ovladatelné náhrady a občas relaxuji sestřelováním v IL2.
Nicméně reklamy nejsou, povedlo se odstranit i Seznam a všechny ostatní nástroje-viry.
Moc děkuji za pomoc.
Bez ní bych byl odkázán na rádoby "nástroje", které jsou samy o sobě více virem než řešením problému.
Dnes se těžko hledá fórum, kde se místo chytrých zvratků přemoudřelců zabývají skutečnou a produktivní pomocí.
Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Takova vlidna slova velmi potesi... Dekuji Dejte jeste novy FRST log a docistime zbytecky. Za 2-3 hodky jak dojdu k PC, to dodelame Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Díky.
Bohužel se dostanu do Woken až odpoledne tak to pošlu kolem 17 hod.
Díky
Bohužel se dostanu do Woken až odpoledne tak to pošlu kolem 17 hod.
Díky
Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
OK, takze vecer Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Pozdě ale přece.
Tady je log:
Tady je log:
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014
Ran by Kapoli (administrator) on SONYNB on 13-11-2014 18:34:39
Running from C:\Users\Kapoli\Desktop
Loaded Profile: Kapoli (Available profiles: Kapoli)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ServiceEx) C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\service-install.exe
(The PHP Group) C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\ews-dashboard.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Dropbox, Inc.) C:\Users\Kapoli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8482680 2014-07-09] (Innovative Solutions)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8482680 2014-07-09] (Innovative Solutions)
HKU\S-1-5-21-2074586848-1309138504-2724831536-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-27] (Siber Systems)
Startup: C:\Users\Kapoli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kapoli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKU\S-1-5-21-2074586848-1309138504-2724831536-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-07-25]
FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\sepherdwilbur@aol.com [Not Found]
FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Disk Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Peněženka Google) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR Extension: (RoboForm) - C:\Users\Kapoli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-08-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ews-dashboard; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\dashboard\service-install.exe [114688 2014-04-06] (ServiceEx) [File not signed]
S2 ews-dbserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe [10958848 2014-05-06] () [File not signed]
S2 ews-httpserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\httpserver\bin\ews-httpd.exe [20992 2014-07-19] (Apache Software Foundation) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-07-26] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-10] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc.)
R3 tifm21; C:\Windows\system32\drivers\tifm21.sys [319488 2009-10-12] (Texas Instruments)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (CaptainFlint Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-09-03] (Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 18:34 - 2014-11-13 18:35 - 00014781 _____ () C:\Users\Kapoli\Desktop\FRST.txt
2014-11-13 18:33 - 2014-11-13 18:33 - 00000000 ____D () C:\Users\Kapoli\Desktop\FRST-OlderVersion
2014-11-13 18:28 - 2014-11-13 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-39187.txt
2014-11-13 15:18 - 2014-11-13 15:18 - 00000117 _____ () C:\Windows\system32\netcfg-8893367.txt
2014-11-13 12:50 - 2014-11-13 12:50 - 00000117 _____ () C:\Windows\system32\netcfg-39733.txt
2014-11-13 06:55 - 2014-11-13 06:55 - 00000117 _____ () C:\Windows\system32\netcfg-783234.txt
2014-11-13 06:42 - 2014-11-13 06:42 - 00000117 _____ () C:\Windows\system32\netcfg-39546.txt
2014-11-13 06:41 - 2014-11-13 06:41 - 00000117 _____ () C:\Windows\system32\netcfg-410563.txt
2014-11-13 06:35 - 2014-11-13 06:35 - 00000117 _____ () C:\Windows\system32\netcfg-40747.txt
2014-11-13 06:34 - 2014-11-13 06:34 - 00000117 _____ () C:\Windows\system32\netcfg-421265.txt
2014-11-13 06:28 - 2014-11-13 06:28 - 00000117 _____ () C:\Windows\system32\netcfg-48110.txt
2014-11-12 21:36 - 2014-11-12 21:36 - 00000117 _____ () C:\Windows\system32\netcfg-196218.txt
2014-11-12 21:34 - 2014-11-12 21:34 - 00000117 _____ () C:\Windows\system32\netcfg-73882.txt
2014-11-12 21:33 - 2014-11-12 21:33 - 00005848 _____ () C:\Windows\PFRO.log
2014-11-12 16:50 - 2014-11-12 16:50 - 00000117 _____ () C:\Windows\system32\netcfg-8478966.txt
2014-11-12 16:43 - 2014-11-12 16:43 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2008
2014-11-12 16:43 - 2014-11-12 16:43 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2008
2014-11-12 16:27 - 2014-11-12 16:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-12 16:27 - 2014-11-12 16:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-12 15:55 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:55 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:55 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-12 15:55 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-12 15:55 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:55 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:55 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:55 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:55 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-12 15:55 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:55 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:55 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:55 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:55 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:55 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 15:55 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:55 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:55 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:55 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-12 15:55 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:55 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:55 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:55 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:54 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:54 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:54 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:54 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:54 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:54 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:54 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:54 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:54 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:54 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 15:54 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:54 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:46 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-11-12 15:46 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-11-12 15:46 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-11-12 15:46 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-11-12 15:46 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-11-12 15:46 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-11-12 15:27 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-11-12 15:27 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-11-12 15:18 - 2014-11-12 16:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 15:17 - 2014-11-12 16:19 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:15 - 2014-11-13 06:34 - 01700830 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 15:06 - 2014-11-12 15:10 - 00026112 _____ () C:\Users\Kapoli\Desktop\Movite veci.xls
2014-11-12 14:58 - 2014-11-12 14:58 - 00029696 _____ () C:\Users\Kapoli\AppData\Local\MSGBOX.EXE
2014-11-12 14:48 - 2014-11-12 14:48 - 00007144 _____ () C:\Users\Kapoli\Desktop\Addition.rar
2014-11-12 14:41 - 2014-11-13 18:34 - 00000000 ____D () C:\FRST
2014-11-12 14:38 - 2014-11-13 18:33 - 02116608 _____ (Farbar) C:\Users\Kapoli\Desktop\FRST64.exe
2014-11-12 14:38 - 2014-11-13 18:33 - 00000000 ____D () C:\Users\Kapoli\Desktop\Scan
2014-11-12 14:29 - 2014-11-12 14:29 - 00000117 _____ () C:\Windows\system32\netcfg-38142.txt
2014-11-12 10:43 - 2014-11-12 10:43 - 00000117 _____ () C:\Windows\system32\netcfg-1618884.txt
2014-11-12 10:17 - 2014-11-12 10:17 - 00000117 _____ () C:\Windows\system32\netcfg-43851.txt
2014-11-11 19:30 - 2014-11-11 19:30 - 00000117 _____ () C:\Windows\system32\netcfg-3421803.txt
2014-11-11 18:33 - 2014-11-11 18:33 - 00000117 _____ () C:\Windows\system32\netcfg-302127.txt
2014-11-11 18:29 - 2014-11-11 18:29 - 00000117 _____ () C:\Windows\system32\netcfg-44039.txt
2014-11-10 19:40 - 2014-11-10 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-4650639.txt
2014-11-10 18:24 - 2014-11-10 18:24 - 00000117 _____ () C:\Windows\system32\netcfg-47502.txt
2014-11-10 16:12 - 2014-11-10 16:12 - 00000117 _____ () C:\Windows\system32\netcfg-3242979.txt
2014-11-10 15:55 - 2014-11-10 15:55 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-11-10 15:45 - 2014-11-10 15:45 - 00000117 _____ () C:\Windows\system32\netcfg-1587341.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1437096.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1423789.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-1423165.txt
2014-11-10 15:42 - 2014-11-10 15:42 - 00000000 _____ () C:\autoexec.bat
2014-11-10 15:41 - 2014-11-10 15:41 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Enigma Software Group
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\sh4ldr
2014-11-10 15:40 - 2014-11-10 15:40 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-10 15:19 - 2014-11-10 15:19 - 00000117 _____ () C:\Windows\system32\netcfg-42416.txt
2014-11-10 11:02 - 2014-11-10 11:02 - 00000117 _____ () C:\Windows\system32\netcfg-5109407.txt
2014-11-10 09:38 - 2014-11-10 09:38 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\ESET
2014-11-10 09:37 - 2014-11-10 09:37 - 00000117 _____ () C:\Windows\system32\netcfg-39125.txt
2014-11-10 09:26 - 2014-11-10 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-873995.txt
2014-11-10 09:22 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-10 09:22 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\ProgramData\ESET
2014-11-10 09:17 - 2014-11-10 09:17 - 00000000 ____D () C:\Program Files\ESET
2014-11-10 09:12 - 2014-11-10 09:12 - 00000117 _____ () C:\Windows\system32\netcfg-35537.txt
2014-11-10 09:11 - 2014-11-10 09:11 - 00000117 _____ () C:\Windows\system32\netcfg-1160288.txt
2014-11-10 09:06 - 2014-11-10 09:11 - 00000000 ____D () C:\AdwCleaner
2014-11-10 08:52 - 2014-11-10 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-37253.txt
2014-11-09 18:53 - 2014-11-09 18:53 - 00000117 _____ () C:\Windows\system32\netcfg-1771094.txt
2014-11-09 18:25 - 2014-11-09 18:25 - 00000117 _____ () C:\Windows\system32\netcfg-46909.txt
2014-11-09 18:22 - 2014-11-09 18:22 - 00000117 _____ () C:\Windows\system32\netcfg-2115326.txt
2014-11-09 17:48 - 2014-11-09 17:48 - 00000117 _____ () C:\Windows\system32\netcfg-76128.txt
2014-11-09 17:04 - 2014-11-09 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-2050227.txt
2014-11-09 16:31 - 2014-11-09 16:31 - 00000117 _____ () C:\Windows\system32\netcfg-38797.txt
2014-11-09 15:01 - 2014-11-09 15:01 - 00000117 _____ () C:\Windows\system32\netcfg-11499379.txt
2014-11-09 12:23 - 2014-11-09 12:23 - 00001408 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-11-09 12:23 - 2014-11-09 12:23 - 00001339 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-11-09 12:23 - 2014-11-09 12:23 - 00000000 ____D () C:\Windows\cs
2014-11-09 12:22 - 2014-11-09 12:22 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-09 12:22 - 2014-11-09 12:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-09 12:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-09 12:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-09 12:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-09 12:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-09 12:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-09 12:21 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-09 12:21 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-09 12:20 - 2014-11-09 12:24 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\Windows Live
2014-11-09 11:49 - 2014-11-09 11:50 - 00000117 _____ () C:\Windows\system32\netcfg-31949.txt
2014-11-08 18:32 - 2014-11-08 18:32 - 00000117 _____ () C:\Windows\system32\netcfg-7532430.txt
2014-11-08 16:27 - 2014-11-08 16:27 - 00000117 _____ () C:\Windows\system32\netcfg-30919.txt
2014-11-07 20:16 - 2014-11-07 20:16 - 00000117 _____ () C:\Windows\system32\netcfg-10229640.txt
2014-11-07 17:27 - 2014-11-07 17:27 - 00000117 _____ () C:\Windows\system32\netcfg-30498.txt
2014-11-05 18:06 - 2014-11-05 18:06 - 00000117 _____ () C:\Windows\system32\netcfg-4713507.txt
2014-11-05 16:48 - 2014-11-05 16:48 - 00000117 _____ () C:\Windows\system32\netcfg-29842.txt
2014-11-04 19:32 - 2014-11-04 19:32 - 00000117 _____ () C:\Windows\system32\netcfg-40279.txt
2014-11-04 19:32 - 2014-11-04 19:32 - 00000117 _____ () C:\Windows\system32\netcfg-31168.txt
2014-11-04 19:31 - 2014-11-04 19:31 - 00000117 _____ () C:\Windows\system32\netcfg-3011817.txt
2014-11-04 18:41 - 2014-11-04 18:42 - 00000117 _____ () C:\Windows\system32\netcfg-38953.txt
2014-11-03 17:59 - 2014-11-03 17:59 - 00000117 _____ () C:\Windows\system32\netcfg-8537123.txt
2014-11-02 19:52 - 2014-11-02 19:52 - 00000117 _____ () C:\Windows\system32\netcfg-3416125.txt
2014-11-02 16:24 - 2014-11-02 16:24 - 00000117 _____ () C:\Windows\system32\netcfg-833778.txt
2014-11-02 16:11 - 2014-11-02 16:11 - 00000117 _____ () C:\Windows\system32\netcfg-30685.txt
2014-11-02 16:10 - 2014-11-02 16:10 - 00000117 _____ () C:\Windows\system32\netcfg-1072132.txt
2014-11-01 16:07 - 2014-11-01 16:07 - 00000117 _____ () C:\Windows\system32\netcfg-3408185.txt
2014-11-01 15:11 - 2014-11-01 15:11 - 00000117 _____ () C:\Windows\system32\netcfg-31137.txt
2014-10-31 20:29 - 2014-10-31 20:29 - 00000117 _____ () C:\Windows\system32\netcfg-1788613.txt
2014-10-31 19:59 - 2014-10-31 20:00 - 00000117 _____ () C:\Windows\system32\netcfg-38969.txt
2014-10-31 19:58 - 2014-10-31 19:58 - 00000117 _____ () C:\Windows\system32\netcfg-634814.txt
2014-10-31 19:48 - 2014-10-31 19:48 - 00000117 _____ () C:\Windows\system32\netcfg-39920.txt
2014-10-31 15:32 - 2014-10-31 15:32 - 00000117 _____ () C:\Windows\system32\netcfg-786713.txt
2014-10-31 15:31 - 2014-11-13 06:32 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Seznam.cz
2014-10-31 15:20 - 2014-10-31 15:20 - 00000117 _____ () C:\Windows\system32\netcfg-31559.txt
2014-10-31 09:30 - 2014-10-31 09:30 - 00000117 _____ () C:\Windows\system32\netcfg-1506813.txt
2014-10-31 09:05 - 2014-10-31 09:06 - 00000117 _____ () C:\Windows\system32\netcfg-30154.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000117 _____ () C:\Windows\system32\netcfg-4006355.txt
2014-10-30 20:08 - 2014-10-30 20:08 - 00000117 _____ () C:\Windows\system32\netcfg-30607.txt
2014-10-30 18:51 - 2014-10-30 18:51 - 00000117 _____ () C:\Windows\system32\netcfg-2260048.txt
2014-10-30 18:14 - 2014-10-30 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-93538.txt
2014-10-29 19:49 - 2014-10-29 19:49 - 00000117 _____ () C:\Windows\system32\netcfg-10687644.txt
2014-10-29 16:52 - 2014-10-29 16:52 - 00000117 _____ () C:\Windows\system32\netcfg-37627.txt
2014-10-28 19:29 - 2014-10-28 19:29 - 00000117 _____ () C:\Windows\system32\netcfg-10020490.txt
2014-10-28 16:43 - 2014-10-28 16:43 - 00000117 _____ () C:\Windows\system32\netcfg-58063.txt
2014-10-27 20:39 - 2014-10-27 20:39 - 00000117 _____ () C:\Windows\system32\netcfg-5472156.txt
2014-10-27 19:12 - 2014-10-27 19:26 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\TeamViewer
2014-10-27 19:12 - 2014-10-27 19:12 - 00001212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-27 19:12 - 2014-10-27 19:12 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-27 19:08 - 2014-10-27 19:08 - 00000117 _____ () C:\Windows\system32\netcfg-29671.txt
2014-10-27 18:46 - 2014-10-27 18:46 - 00000117 _____ () C:\Windows\system32\netcfg-5824078.txt
2014-10-27 17:10 - 2014-10-27 17:10 - 00000117 _____ () C:\Windows\system32\netcfg-39281.txt
2014-10-26 16:27 - 2014-10-26 16:27 - 00000117 _____ () C:\Windows\system32\netcfg-9406751.txt
2014-10-26 13:51 - 2014-10-26 13:51 - 00000117 _____ () C:\Windows\system32\netcfg-29827.txt
2014-10-25 17:28 - 2014-10-25 17:28 - 00000117 _____ () C:\Windows\system32\netcfg-7420967.txt
2014-10-25 15:25 - 2014-10-25 15:25 - 00000117 _____ () C:\Windows\system32\netcfg-32526.txt
2014-10-24 19:11 - 2014-10-24 19:11 - 00000117 _____ () C:\Windows\system32\netcfg-4434671.txt
2014-10-24 08:17 - 2014-10-24 08:17 - 00000117 _____ () C:\Windows\system32\netcfg-4319433.txt
2014-10-24 07:11 - 2014-10-24 07:11 - 00868328 _____ (Opera Software) C:\Users\Kapoli\Downloads\Opera_NI_stable.exe
2014-10-24 07:10 - 2014-10-30 18:18 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414131028
2014-10-24 07:10 - 2014-10-30 18:18 - 00001079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 25.lnk
2014-10-24 07:10 - 2014-10-30 18:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-24 07:10 - 2014-10-24 07:10 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Opera Software
2014-10-24 07:10 - 2014-10-24 07:10 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\Opera Software
2014-10-24 07:05 - 2014-10-24 07:05 - 00000117 _____ () C:\Windows\system32\netcfg-33805.txt
2014-10-23 19:52 - 2014-10-23 19:52 - 00000117 _____ () C:\Windows\system32\netcfg-9387250.txt
2014-10-23 17:16 - 2014-10-23 17:17 - 00000117 _____ () C:\Windows\system32\netcfg-32635.txt
2014-10-23 16:35 - 2014-10-23 16:35 - 00000117 _____ () C:\Windows\system32\netcfg-3803663.txt
2014-10-23 15:33 - 2014-10-23 15:33 - 00000117 _____ () C:\Windows\system32\netcfg-32838.txt
2014-10-21 19:55 - 2014-10-21 19:55 - 00000117 _____ () C:\Windows\system32\netcfg-10332663.txt
2014-10-21 17:43 - 2014-10-21 17:43 - 00000117 _____ () C:\Windows\system32\netcfg-2411401.txt
2014-10-21 17:05 - 2014-10-21 17:05 - 00000117 _____ () C:\Windows\system32\netcfg-137483.txt
2014-10-21 17:05 - 2014-10-21 17:05 - 00000117 _____ () C:\Windows\system32\netcfg-133802.txt
2014-10-21 17:04 - 2014-10-21 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-32775.txt
2014-10-20 18:09 - 2014-10-20 18:09 - 00000117 _____ () C:\Windows\system32\netcfg-3983142.txt
2014-10-20 17:04 - 2014-10-20 17:04 - 00000117 _____ () C:\Windows\system32\netcfg-65972.txt
2014-10-20 16:59 - 2014-10-20 16:59 - 00000117 _____ () C:\Windows\system32\netcfg-1556031.txt
2014-10-20 16:33 - 2014-10-20 16:34 - 00000117 _____ () C:\Windows\system32\netcfg-29796.txt
2014-10-19 15:39 - 2014-10-19 15:39 - 00000117 _____ () C:\Windows\system32\netcfg-52041.txt
2014-10-19 15:38 - 2014-10-19 15:38 - 00000117 _____ () C:\Windows\system32\netcfg-39156.txt
2014-10-19 15:37 - 2014-10-19 15:37 - 00000117 _____ () C:\Windows\system32\netcfg-7156592.txt
2014-10-19 13:38 - 2014-10-19 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-30295.txt
2014-10-18 21:30 - 2014-10-18 21:30 - 00000117 _____ () C:\Windows\system32\netcfg-5163867.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-41683.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-38579.txt
2014-10-18 20:05 - 2014-10-18 20:05 - 00000117 _____ () C:\Windows\system32\netcfg-35178.txt
2014-10-17 18:47 - 2014-10-17 18:47 - 00000117 _____ () C:\Windows\system32\netcfg-2397782.txt
2014-10-17 18:07 - 2014-10-17 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-31028.txt
2014-10-17 09:29 - 2014-10-17 09:29 - 00000117 _____ () C:\Windows\system32\netcfg-4665755.txt
2014-10-17 08:12 - 2014-10-17 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-35552.txt
2014-10-16 19:56 - 2014-10-16 19:56 - 00000117 _____ () C:\Windows\system32\netcfg-5323565.txt
2014-10-16 18:28 - 2014-10-16 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-45755.txt
2014-10-16 13:50 - 2014-10-16 13:50 - 00000117 _____ () C:\Windows\system32\netcfg-1384181.txt
2014-10-16 13:28 - 2014-10-16 13:28 - 00000117 _____ () C:\Windows\system32\netcfg-29374.txt
2014-10-15 17:38 - 2014-10-15 17:38 - 00000117 _____ () C:\Windows\system32\netcfg-4364736.txt
2014-10-15 16:26 - 2014-10-15 16:26 - 00000117 _____ () C:\Windows\system32\netcfg-30123.txt
2014-10-14 19:59 - 2014-10-14 19:59 - 00000117 _____ () C:\Windows\system32\netcfg-3517806.txt
2014-10-14 19:01 - 2014-10-14 19:01 - 00000117 _____ () C:\Windows\system32\netcfg-29203.txt
2014-10-14 16:42 - 2014-10-14 16:42 - 00000117 _____ () C:\Windows\system32\netcfg-474211.txt
2014-10-14 16:34 - 2014-10-14 16:34 - 00000117 _____ () C:\Windows\system32\netcfg-28719.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 18:34 - 2014-07-25 17:51 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2074586848-1309138504-2724831536-1001
2014-11-13 18:30 - 2014-09-05 13:42 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Wise Care 365
2014-11-13 18:30 - 2014-08-02 07:12 - 00000000 ___RD () C:\Users\Kapoli\Dropbox
2014-11-13 18:30 - 2014-08-02 07:08 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Dropbox
2014-11-13 18:28 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 15:18 - 2014-07-25 18:14 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\ClassicShell
2014-11-13 15:08 - 2014-07-26 09:46 - 00000000 ____D () C:\IL2
2014-11-13 15:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-12 21:36 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-11-12 21:34 - 2014-07-26 12:49 - 05123456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 16:43 - 2014-07-26 08:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 16:42 - 2014-07-26 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-12 16:34 - 2012-07-26 06:26 - 00000167 _____ () C:\Windows\win.ini
2014-11-12 16:19 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-12 16:15 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-11-12 15:42 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-12 15:07 - 2014-07-25 17:44 - 00000000 ____D () C:\Users\Kapoli\AppData\Local\Packages
2014-11-12 10:43 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-10 15:41 - 2014-07-25 17:44 - 00000000 ____D () C:\Users\Kapoli
2014-11-10 09:42 - 2012-07-26 11:01 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-11-10 09:42 - 2012-07-26 11:01 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-11-10 09:42 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 14:13 - 2014-07-26 06:30 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\vlc
2014-11-09 13:38 - 2014-07-26 09:22 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\XnView
2014-11-09 12:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-08 18:23 - 2014-07-26 07:17 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-11-08 16:28 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-10-30 12:25 - 2014-07-26 11:10 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 01:53 - 2014-07-26 12:13 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:53 - 2014-07-26 12:13 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-28 16:46 - 2014-07-25 18:39 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-28 16:46 - 2014-07-25 18:39 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-24 07:08 - 2014-07-26 06:13 - 00000000 ____D () C:\Program Files (x86)\Opera x64
2014-10-24 07:08 - 2014-07-26 06:12 - 00000000 ____D () C:\Program Files\Opera x64
Some content of TEMP:
====================
C:\Users\Kapoli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpih57ow.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 12:04
==================== End Of Log ============================- Přílohy
-
- Addition.rar
- (6.42 KiB) Staženo 41 x
Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Nic se nedeje.. stejne jsem az ted dosel z prednasky Doporucim opatrnost pri pouzivani Wise Care 365- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found] FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\sepherdwilbur@aol.com [Not Found] S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-10] () C:\Windows\System32\DRIVERS\EsgScanner.sys 2014-11-12 14:58 - 2014-11-12 14:58 - 00029696 _____ () C:\Users\Kapoli\AppData\Local\MSGBOX.EXE 2014-11-10 15:41 - 2014-11-10 15:41 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup 2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Enigma Software Group 2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\sh4ldr 2014-11-10 15:40 - 2014-11-10 15:40 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys Task: {0331808D-8B37-438D-B807-ECCB05266307} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Program Files\Enigma Software Group C:\Program Files (x86)\Spyware Terminator Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Tak jsem se k tomu konečně dostal. Přikládám fixlog.txt.
Noťas startuje 5x rychleji - také jsem odstranil kromě Esetu všechny (prt)removátory, wisekraviny apod.
Díky za pomoc
Noťas startuje 5x rychleji - také jsem odstranil kromě Esetu všechny (prt)removátory, wisekraviny apod.
Díky za pomoc
Kód: Vybrat vše
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-11-2014
Ran by Kapoli at 2014-11-14 16:12:18 Run:2
Running from C:\Users\Kapoli\Desktop
Loaded Profile: Kapoli (Available profiles: Kapoli)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\sepherdwilbur@aol.com [Not Found]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-10] ()
C:\Windows\System32\DRIVERS\EsgScanner.sys
2014-11-12 14:58 - 2014-11-12 14:58 - 00029696 _____ () C:\Users\Kapoli\AppData\Local\MSGBOX.EXE
2014-11-10 15:41 - 2014-11-10 15:41 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\Users\Kapoli\AppData\Roaming\Enigma Software Group
2014-11-10 15:41 - 2014-11-10 15:41 - 00000000 ____D () C:\sh4ldr
2014-11-10 15:40 - 2014-11-10 15:40 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
Task: {0331808D-8B37-438D-B807-ECCB05266307} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\Spyware Terminator
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com not found.
C:\Users\Kapoli\AppData\Roaming\Mozilla\Firefox\Profiles\3vlfuscx.default\extensions\sepherdwilbur@aol.com not found.
EsgScanner => Service deleted successfully.
C:\Windows\System32\DRIVERS\EsgScanner.sys => Moved successfully.
C:\Users\Kapoli\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
C:\Users\Kapoli\AppData\Roaming\Enigma Software Group => Moved successfully.
C:\sh4ldr => Moved successfully.
"C:\Windows\system32\Drivers\EsgScanner.sys" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0331808D-8B37-438D-B807-ECCB05266307}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0331808D-8B37-438D-B807-ECCB05266307}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => Key deleted successfully.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
"C:\Program Files (x86)\Spyware Terminator" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 25.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====Většinou je problém stejně mezi židlí a klávesnicí
Re: Pomoc s odstraněním CinPlus-2.4c
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomoc s odstraněním CinPlus-2.4c
Hotovo
Ještě jednou děkuji za pomoc
Kód: Vybrat vše
# DelFix v10.8 - Logfile created 15/11/2014 at 05:23:00
# Updated 29/07/2014 by Xplode
# Username : Kapoli - SONYNB
# Operating System : Windows 8 Pro (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Kapoli\Desktop\FRST-OlderVersion
Deleted : C:\Users\Kapoli\Desktop\Addition.txt
Deleted : C:\Users\Kapoli\Desktop\Fixlog.txt
Deleted : C:\Users\Kapoli\Desktop\FRST.txt
Deleted : C:\Users\Kapoli\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########Většinou je problém stejně mezi židlí a klávesnicí
Přispějete na provoz fóra?