Reklamy v prehliadači, pomalý prehladiač a PC

[mr2ky]

Zdravím vás,

už dlhšiu dobu pozorujem pomalosť môjho PC a aj prehliadača, ktorý niekedy nezvládne napr. 3-4 otvorené stránky. Taktiež mám týždeň problém s vyskakovacími reklamami a revolučných spôsoboch chudnutia (zasielam náhlad v prílohe).
Budem vďačný za každú pomoc.

Ďakujem

Tu je log z RSIT:


Logfile of random's system information tool 1.10 (written by random/random)
Run by Name at 2014-11-04 16:15:12
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (5%) free of 153 GB
Total RAM: 1023 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:49, on 4. 11. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Name\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Name.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "c:\Program Files\HP\HP UT\bin\hppusg.exe" "c:\Program Files\HP\HP UT\"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Unibet - {9BB02029-F61F-425B-ABE1-E1E382CEE2D7} - C:\Microgaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{91A4A077-71C7-40AB-BAF0-DCB60D184E0B}: NameServer = 192.168.2.101,192.168.2.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 7502 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20 709312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09 1152808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-10 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20 480448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-10 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20 891072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-12-15 18789920]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-08 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-08 13762560]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
""= []
"HPUsageTracking"=c:\Program Files\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-01-26 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Doxxbet\pokerclient\Doxxbet.exe"="C:\Program Files\Doxxbet\pokerclient\Doxxbet.exe:*:Enabled:Poker Client Software"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Counter-Strike 1.6 Non-Steam\hl.exe"="C:\Program Files\Counter-Strike 1.6 Non-Steam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Steam\SteamApps\weafij@hotmail.com\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\weafij@hotmail.com\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Casino\ParadiseCasino\casino.exe"="C:\Program Files\Casino\ParadiseCasino\casino.exe:*:Enabled:casino"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04)"
"C:\Program Files\Steam\SteamApps\mr2ky\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\mr2ky\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\csko\Counter-Strike 1.6\csko.exe"="C:\csko\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="C:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Name\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Name\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Age of empires 1\EMPIRES.EXE"="C:\Program Files\Age of empires 1\EMPIRES.EXE:*:Enabled:Age of Empires"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-11-04 16:15:12 ----D---- C:\rsit
2014-10-09 11:52:44 ----D---- C:\Program Files\Tunatic
2014-10-06 20:01:33 ----D---- C:\Program Files\Age of empires 1

======List of files/folders modified in the last 1 month======

2014-11-04 16:15:48 ----D---- C:\Program Files\trend micro
2014-11-04 16:14:13 ----D---- C:\WINDOWS\Prefetch
2014-11-04 14:46:17 ----D---- C:\WINDOWS\Temp
2014-11-04 08:19:04 ----D---- C:\WINDOWS\system32
2014-11-04 08:19:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-04 08:15:12 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2014-11-04 08:15:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-11-04 08:14:58 ----SHD---- C:\System Volume Information
2014-11-03 21:47:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-11-03 21:47:01 ----D---- C:\Program Files\Steam
2014-11-03 07:49:39 ----HD---- C:\Config.Msi
2014-10-30 15:45:45 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-30 15:36:41 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-30 15:35:51 ----HD---- C:\WINDOWS\inf
2014-10-30 15:35:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-10-30 15:35:41 ----D---- C:\WINDOWS\system32\drivers
2014-10-30 15:33:14 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2014-10-30 15:33:13 ----SHD---- C:\WINDOWS\Installer
2014-10-30 15:33:13 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-30 15:32:47 ----D---- C:\WINDOWS
2014-10-30 15:30:18 ----RD---- C:\Program Files
2014-10-30 15:29:58 ----SD---- C:\WINDOWS\Tasks
2014-10-30 15:29:22 ----RSD---- C:\WINDOWS\assembly
2014-10-30 15:29:21 ----D---- C:\Program Files\Common Files
2014-10-30 15:29:21 ----D---- C:\Program Files\Autodesk
2014-10-30 15:28:13 ----D---- C:\Documents and Settings\All Users\Application Data\Boss Media
2014-10-30 15:27:46 ----D---- C:\Program Files\Design Master Software
2014-10-30 15:27:36 ----D---- C:\Documents and Settings\Name\Application Data\Design Master Software
2014-10-30 15:23:25 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2014-10-30 15:09:03 ----D---- C:\Documents and Settings\Name\Application Data\Autodesk
2014-10-30 15:09:02 ----RSD---- C:\WINDOWS\Fonts
2014-10-09 09:02:39 ----D---- C:\Documents and Settings\Name\Application Data\DOXXBet
2014-10-06 19:07:24 ----D---- C:\Documents and Settings
2014-10-06 19:03:41 ----D---- C:\Program Files\Valve
2014-10-06 18:26:25 ----D---- C:\Program Files\Seven Kingdoms

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2014-02-20 135264]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-03-20 242240]
R1 klhk;klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [2014-04-10 33888]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2014-10-09 641736]
R1 klpd;klpd; C:\WINDOWS\system32\DRIVERS\klpd.sys [2013-04-12 14432]
R1 kltdi;kltdi; C:\WINDOWS\system32\DRIVERS\kltdi.sys [2014-03-25 45024]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2014-03-26 145888]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-01-26 6406656]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-07-16 17432]
R3 HPFXFAX;HPFXFAX; C:\WINDOWS\system32\drivers\hpfxfax.sys [2007-07-16 20504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-12-15 6020128]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2014-10-09 109064]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2013-04-19 36448]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2014-03-28 23648]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2013-08-08 24672]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Andbus;LGE Android Platform Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgandbus.sys [2012-03-02 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\WINDOWS\system32\DRIVERS\lganddiag.sys [2012-03-02 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\WINDOWS\system32\DRIVERS\lgandgps.sys [2012-03-02 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\WINDOWS\system32\DRIVERS\lgandmodem.sys [2012-03-02 25088]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-26 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-08 7967712]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-01-26 638976]
R2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [2014-04-20 233552]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-10 182696]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-16 755880]
S2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-08 168004]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-01 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Zdravím
a jdeme na to
Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
https://toolslib.net/downloads/finish/1/
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Po spuštění do okna vlozte skript nize

  Kód: Vybrat vše

  srinfo;
  autoclean;
  emptyclsid;
  iedefaults;
  process;
  hijackthis;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

[mr2ky]

Ďakujem za pomoc


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Microsoft Windows XP x86
Ran by Name on ut 04. 11. 2014 at 21:45:20,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Program Files\4zres.dll
Successfully deleted: [File] C:\Program Files\4zUninstall VideoDownloadConverter.dll



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Name\Application Data\opencandy"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 04. 11. 2014 at 21:49:53,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[mr2ky]

# AdwCleaner v3.311 - Report created 04/11/2014 at 21:55:20
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Name - WWW
# Running from : C:\Documents and Settings\Name\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\melblfbinmodbgmiocmiemlgdonimclf

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\o2ttw1lm.default\prefs.js ]


-\\ Google Chrome v38.0.2125.111

[ File : C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={4EB7ADF4-2B59-461E-B126-4356363DA173}
Deleted [Search Provider] : hxxp://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=49&cc=

*************************

AdwCleaner[R0].txt - [6849 octets] - [04/11/2014 21:53:21]
AdwCleaner[S0].txt - [7248 octets] - [04/11/2014 21:55:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7308 octets] ##########

[mr2ky]

Zoek.exe v5.0.0.0 Updated 04-November-2014
Tool run by Name on ut 04. 11. 2014 at 22:02:03,18.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Name\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4. 11. 2014 22:04:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Documents and Settings\Name\Desktop\zoek.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Documents and Settings\Name\Local Settings\Application Data\cache deleted

======== System Restore Points ========

RP1297: 22. 9. 2014 15:34:00 - Software Distribution Service 3.0
RP1298: 22. 9. 2014 15:34:00 - Software Distribution Service 3.0
RP1299: 22. 9. 2014 15:34:00 - System Checkpoint
RP1300: 22. 9. 2014 15:34:01 - Software Distribution Service 3.0
RP1301: 22. 9. 2014 15:34:01 - Software Distribution Service 3.0
RP1302: 22. 9. 2014 15:34:01 - Software Distribution Service 3.0
RP1303: 22. 9. 2014 15:34:01 - Software Distribution Service 3.0
RP1304: 22. 9. 2014 15:34:01 - System Checkpoint
RP1305: 22. 9. 2014 15:34:01 - Software Distribution Service 3.0
RP1306: 22. 9. 2014 15:34:02 - System Checkpoint
RP1307: 22. 9. 2014 15:34:02 - Software Distribution Service 3.0
RP1308: 22. 9. 2014 15:34:02 - Software Distribution Service 3.0
RP1309: 22. 9. 2014 15:34:02 - Software Distribution Service 3.0
RP1310: 22. 9. 2014 15:34:02 - System Checkpoint
RP1311: 22. 9. 2014 15:34:03 - Software Distribution Service 3.0
RP1312: 22. 9. 2014 15:34:03 - Software Distribution Service 3.0
RP1313: 22. 9. 2014 15:34:03 - Software Distribution Service 3.0
RP1314: 22. 9. 2014 15:34:03 - Software Distribution Service 3.0
RP1315: 22. 9. 2014 15:34:03 - System Checkpoint
RP1316: 22. 9. 2014 15:34:04 - Software Distribution Service 3.0
RP1317: 22. 9. 2014 15:34:04 - Software Distribution Service 3.0
RP1318: 22. 9. 2014 15:34:04 - System Checkpoint
RP1319: 22. 9. 2014 15:34:05 - Software Distribution Service 3.0
RP1320: 22. 9. 2014 15:34:05 - Software Distribution Service 3.0
RP1321: 22. 9. 2014 15:34:06 - System Checkpoint
RP1322: 22. 9. 2014 15:34:06 - Software Distribution Service 3.0
RP1323: 22. 9. 2014 15:34:06 - System Checkpoint
RP1324: 22. 9. 2014 15:34:06 - Software Distribution Service 3.0
RP1325: 22. 9. 2014 15:34:06 - Software Distribution Service 3.0
RP1326: 22. 9. 2014 15:34:06 - Software Distribution Service 3.0
RP1327: 22. 9. 2014 15:34:06 - System Checkpoint
RP1328: 22. 9. 2014 15:34:07 - Software Distribution Service 3.0
RP1329: 22. 9. 2014 15:34:07 - Software Distribution Service 3.0
RP1330: 22. 9. 2014 15:34:07 - Software Distribution Service 3.0
RP1331: 22. 9. 2014 15:34:07 - Software Distribution Service 3.0
RP1332: 22. 9. 2014 15:34:07 - Software Distribution Service 3.0
RP1333: 22. 9. 2014 15:34:07 - System Checkpoint
RP1334: 22. 9. 2014 15:34:08 - Software Distribution Service 3.0
RP1335: 22. 9. 2014 15:34:09 - Software Distribution Service 3.0
RP1336: 22. 9. 2014 15:34:09 - Software Distribution Service 3.0
RP1337: 22. 9. 2014 15:34:10 - Unsigned driver install
RP1338: 22. 9. 2014 15:34:10 - Unsigned driver install
RP1339: 22. 9. 2014 15:34:10 - Printer Driver hpfax1 Installed
RP1340: 22. 9. 2014 15:34:10 - Software Distribution Service 3.0
RP1341: 22. 9. 2014 15:34:10 - Software Distribution Service 3.0
RP1342: 22. 9. 2014 15:34:10 - System Checkpoint
RP1343: 22. 9. 2014 15:34:10 - Software Distribution Service 3.0
RP1344: 22. 9. 2014 15:34:11 - Software Distribution Service 3.0
RP1345: 22. 9. 2014 15:34:12 - System Checkpoint
RP1346: 22. 9. 2014 15:34:12 - System Checkpoint
RP1347: 22. 9. 2014 15:34:13 - Software Distribution Service 3.0
RP1348: 22. 9. 2014 15:34:13 - First Restore Point
RP1349: 22. 9. 2014 15:34:13 - First Restore Point
RP1350: 22. 9. 2014 15:34:14 - System Checkpoint
RP1351: 22. 9. 2014 15:34:15 - Software Distribution Service 3.0
RP1352: 22. 9. 2014 15:34:16 - Software Distribution Service 3.0
RP1353: 22. 9. 2014 15:34:16 - Unsigned driver install
RP1354: 22. 9. 2014 15:34:18 - Software Distribution Service 3.0
RP1355: 22. 9. 2014 15:34:19 - Software Distribution Service 3.0
RP1356: 22. 9. 2014 15:34:20 - System Checkpoint
RP1357: 22. 9. 2014 15:34:21 - Software Distribution Service 3.0
RP1358: 22. 9. 2014 15:34:22 - Software Distribution Service 3.0
RP1359: 22. 9. 2014 15:34:22 - Software Distribution Service 3.0
RP1360: 22. 9. 2014 15:34:23 - Software Distribution Service 3.0
RP1361: 22. 9. 2014 15:34:24 - Software Distribution Service 3.0
RP1362: 22. 9. 2014 15:34:24 - System Checkpoint
RP1363: 22. 9. 2014 15:34:25 - Software Distribution Service 3.0
RP1364: 22. 9. 2014 15:34:26 - Software Distribution Service 3.0
RP1365: 22. 9. 2014 15:34:26 - System Checkpoint
RP1366: 22. 9. 2014 15:34:26 - Software Distribution Service 3.0
RP1367: 22. 9. 2014 15:34:26 - Software Distribution Service 3.0
RP1368: 22. 9. 2014 15:34:26 - System Checkpoint
RP1369: 22. 9. 2014 15:34:26 - Software Distribution Service 3.0
RP1370: 22. 9. 2014 15:34:27 - Software Distribution Service 3.0
RP1371: 22. 9. 2014 15:34:27 - Software Distribution Service 3.0
RP1372: 22. 9. 2014 15:34:27 - Software Distribution Service 3.0
RP1373: 22. 9. 2014 15:34:28 - zoek.exe restore point
RP1374: 22. 9. 2014 15:34:35 - End of disinfection
RP1375: 23. 9. 2014 8:29:26 - Software Distribution Service 3.0
RP1376: 24. 9. 2014 10:22:29 - System Checkpoint
RP1377: 25. 9. 2014 8:24:09 - Software Distribution Service 3.0
RP1378: 26. 9. 2014 12:04:54 - System Checkpoint
RP1379: 29. 9. 2014 8:14:20 - Software Distribution Service 3.0
RP1380: 29. 9. 2014 12:28:39 - Software Distribution Service 3.0
RP1381: 30. 9. 2014 12:50:00 - System Checkpoint
RP1382: 1. 10. 2014 8:21:46 - Software Distribution Service 3.0
RP1383: 1. 10. 2014 9:02:53 - Installed DIMcomfort
RP1384: 1. 10. 2014 10:57:58 - Installed Windows XP KB942288-v3.
RP1385: 1. 10. 2014 11:05:17 - Installed DirectX
RP1386: 2. 10. 2014 12:04:12 - System Checkpoint
RP1387: 3. 10. 2014 8:13:03 - Software Distribution Service 3.0
RP1388: 6. 10. 2014 8:10:34 - Software Distribution Service 3.0
RP1389: 6. 10. 2014 12:18:46 - Software Distribution Service 3.0
RP1390: 8. 10. 2014 8:23:08 - Software Distribution Service 3.0
RP1391: 9. 10. 2014 8:25:22 - Software Distribution Service 3.0
RP1392: 9. 10. 2014 11:28:24 - First Restore Point
RP1393: 10. 10. 2014 13:04:44 - System Checkpoint
RP1394: 13. 10. 2014 11:53:03 - System Checkpoint
RP1395: 14. 10. 2014 8:41:14 - Software Distribution Service 3.0
RP1396: 15. 10. 2014 9:21:55 - System Checkpoint
RP1397: 16. 10. 2014 8:44:02 - Software Distribution Service 3.0
RP1398: 17. 10. 2014 11:55:39 - System Checkpoint
RP1399: 20. 10. 2014 8:05:35 - Software Distribution Service 3.0
RP1400: 20. 10. 2014 12:29:49 - Software Distribution Service 3.0
RP1401: 21. 10. 2014 13:14:49 - System Checkpoint
RP1402: 22. 10. 2014 8:17:53 - Software Distribution Service 3.0
RP1403: 23. 10. 2014 8:33:18 - Software Distribution Service 3.0
RP1404: 24. 10. 2014 13:19:12 - System Checkpoint
RP1405: 27. 10. 2014 8:28:49 - Software Distribution Service 3.0
RP1406: 28. 10. 2014 12:49:31 - System Checkpoint
RP1407: 29. 10. 2014 14:46:02 - Software Distribution Service 3.0
RP1408: 30. 10. 2014 15:05:01 - Removed Autodesk Material Library 2012.
RP1409: 30. 10. 2014 15:21:38 - Removed Autodesk Content Service
RP1410: 30. 10. 2014 15:25:03 - Removed Autodesk Material Library Base Resolution Image Library 2012.
RP1411: 30. 10. 2014 15:32:20 - Removed Samsung Kies
RP1412: 3. 11. 2014 14:08:22 - System Checkpoint
RP1413: 4. 11. 2014 22:04:31 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com" [09. 10. 2014 10:27]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\o2ttw1lm.default
- Undetermined - C:\Program Files\SpeedUpToolbar\Firefox\SpeedUp@igeared
- Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

ProfilePath: C:\Documents and Settings\Name\Application Data\Thunderbird\Profiles\6yxz41xy.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\o2ttw1lm.default
C7794A997CEC29173A4401F3AE16C51F - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
7D894ED61EF0505277D8A476D7DF43F1 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
7D894ED61EF0505277D8A476D7DF43F1 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
7EC56424E3E77EBF4BF5E0798175E4E5 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM


==== Fake Chromium Profiles Check ======================

Fake profile C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome deleted
Fake profile C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon deleted
Fake profile C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome deleted
Fake profile C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon deleted
Fake profile C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome deleted
Fake profile C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon deleted
Fake profile C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome deleted
Fake profile C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon deleted
Fake profile C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/deta ... ojhbllhbho[]

Google Voice Search Hotword (Beta) - Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

==== Chromium Fix ======================

C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "c:\Program Files\HP\HP UT\bin\hppusg.exe" "c:\Program Files\HP\HP UT\"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Unibet - {9BB02029-F61F-425B-ABE1-E1E382CEE2D7} - C:\Microgaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{91A4A077-71C7-40AB-BAF0-DCB60D184E0B}: NameServer = 192.168.2.101,192.168.2.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

==== Empty IE Cache ======================

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Name\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Name\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=166 folders=59 1713760 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\Name\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Name\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\Name\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ut 04. 11. 2014 at 22:25:26,90 ======================

[cernohous13]

Dobře ti to jde
Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při instalaci ti jako první nabídne instalaci nové verze - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej

[mr2ky]

Zdravím ťa cernohous





Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Name :: WWW [administrátor]

5. 11. 2014 9:42:05
MBAM-log-2014-11-05 (13-09-29).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 418528
Uplynutý čas: 2 hod, 20 min, 51 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 2
C:\Záloha\Plocha\2010\Dokumenty\FoxitPDFeditor.2.0.0806.Beta.rar (PUP.Riskware.Tool.CK) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Name\My Documents\Downloads\AutoCAd2012 x86\x-force_2012_x32.exe (PUP.RiskwareTool.CK) -> Žiadna úloha nevykonaná.

(koniec)

[cernohous13]

Verzia databázy: v2013.04.04.07

Na druhé kartě "Aktualizace" nech nainstalovat novou databázi
už mám v2014.11.05.05 a novou kontrolu - pak uvidíme

nález jsou zřejmě jen možná reklamní okna při instalaci nebo spuštění
je na tobě co s tím provedeš

jak se chovají prohlížeče ?

[mr2ky]

ďaľšie 2 hodiny skenovania

Prehliadač ... zatiaľ v pohode, reklamy mi už nevyskakujú, je to ovela lepšie. To čo MBAM našiel zmažem, myslím že jedno a ani druhé potrebovať nebudem .

Po dokončení skenu dám nový log.

[cernohous13]

OK - jen pro jistotu chci aktualizovanou databázi

[mr2ky]

Prosím ťa, po aktualizovaní MBAM-u sa úpne zmenil design. A po tom čo som dal čestinu, mám rusko-češtinu.
Je to normálne?

[cernohous13]

Nechal jsi při aktualizaci upgrade na novu verzi 2.0
Jen je mi divné že ti běží na WinXP - dosud s tím byly problémy
a nemáš česky-rusky - vidím krásnou slovenčinu

zkus "Prispôsobená kontrola" na všechny oddíly/disky