Moc prosím o kontrolu logu, zřejmě svchost.exe

[vanora]

koukám, že nejsem jediná, ale je bezva, že jsou tady borci, kteří tomu rozumí prosím až budete mít chvilku juknete aj na ten můj problém, vytížení CPU na 100% a želva je o proti tomu mému počítači tryskáč....)


C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-JARUSKA-PC-Jaruska.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fc509df-4b29-4ab3-96e6-47c178d60287}]
Toolbar BHO - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll [2013-12-11 859720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9}]
Search Assistant BHO - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll [2013-12-11 140360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-20 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - SafePCRepair - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll [2013-12-11 859720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2012-11-29 63048]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AutoKMS"=C:\WINDOWS\AutoKMS.exe [2013-02-07 615936]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZNA Start"=C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.ex [2013-07-25 2404352]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SafePCRepair Search Scope Monitor"=C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe [2013-12-11 55368]
"SafePCRepair_89 Browser Plugin Loader"=C:\Program Files\SafePCRepair_89\bar\1.bin\89brmon.exe [2013-12-11 61512]
"SafePCRepair Home Page Guard 32 bit"=C:\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Jaruska\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18706176]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2013-09-25 20133824]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-12-04 773728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2013-01-25 92520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Trillian\plugins\skypekit.exe"="C:\Program Files\Trillian\plugins\skypekit.exe:*:Enabled:skypekit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1712194-7121-11e2-afa2-000c76b2f6be}]
shell\AutoRun\command - E:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2013-12-13 11:13:20 ----D---- C:\Program Files\trend micro
2013-12-13 11:13:04 ----D---- C:\rsit
2013-12-13 10:14:07 ----SHD---- C:\Config.Msi
2013-12-12 10:37:28 ----A---- C:\WINDOWS\system32\SET608.tmp
2013-12-12 10:37:27 ----A---- C:\WINDOWS\system32\SET607.tmp
2013-12-12 10:37:26 ----A---- C:\WINDOWS\system32\SET60C.tmp
2013-12-12 10:37:26 ----A---- C:\WINDOWS\system32\SET602.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET606.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET601.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET600.tmp
2013-12-12 02:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 02:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 02:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 02:23:12 ----A---- C:\WINDOWS\imsins.BAK
2013-12-12 02:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 00:05:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\iolo
2013-12-12 00:05:23 ----D---- C:\Program Files\SafePCRepair
2013-12-11 21:59:58 ----D---- C:\Program Files\SafePCRepair_89
2013-12-11 17:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-04 08:24:42 ----D---- C:\Program Files\AC3Filter
2013-11-24 09:52:48 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\AC3Filter
2013-11-23 13:32:06 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\AVG
2013-11-23 13:29:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2013-11-23 13:29:07 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-16 08:40:34 ----D---- C:\Program Files\Mozilla Firefox
2013-11-15 22:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-15 22:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-15 22:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-15 22:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$

======List of files/folders modified in the last 1 months======

2013-12-13 11:13:34 ----RSD---- C:\WINDOWS\assembly
2013-12-13 11:13:20 ----RD---- C:\Program Files
2013-12-13 10:56:00 ----SHD---- C:\WINDOWS\Installer
2013-12-13 10:55:38 ----D---- C:\WINDOWS\Temp
2013-12-13 10:39:35 ----D---- C:\WINDOWS\WinSxS
2013-12-13 10:37:56 ----D---- C:\WINDOWS\system32
2013-12-13 10:37:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 10:11:54 ----D---- C:\WINDOWS\Prefetch
2013-12-13 09:49:01 ----D---- C:\Program Files\Trillian
2013-12-13 08:48:23 ----D---- C:\WINDOWS\Microsoft.NET
2013-12-13 08:45:38 ----D---- C:\WINDOWS
2013-12-13 08:44:26 ----HD---- C:\WINDOWS\inf
2013-12-13 08:42:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-13 02:01:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-13 02:01:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2013-12-13 01:51:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-13 01:50:33 ----D---- C:\Program Files\Internet Explorer
2013-12-12 23:10:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-12 23:01:18 ----D---- C:\WINDOWS\system32\CatRoot
2013-12-12 10:37:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ZNA
2013-12-12 08:14:06 ----D---- C:\WINDOWS\system32\config
2013-12-11 23:54:38 ----D---- C:\WINDOWS\system32\cs-cz
2013-12-11 21:19:01 ----D---- C:\WINDOWS\Debug
2013-12-11 17:14:03 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-11 12:00:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-07 20:09:09 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\OpenCandy
2013-11-24 17:02:08 ----D---- C:\WINDOWS\system32\drivers
2013-11-19 11:21:30 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 07:43:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 22:34:18 ----D---- C:\Program Files\Microsoft Security Client
2013-11-16 22:32:13 ----A---- C:\WINDOWS\win.ini
2013-11-15 22:09:19 ----D---- C:\WINDOWS\system32\MRT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 MpKsle9352bb8;MpKsle9352bb8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{55146AF4-1D70-42D1-8335-0BEF7F7B2927}\MpKsle9352bb8.sys []
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2013-02-17 231760]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-04-23 818496]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-20 182184]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2013-01-25 375144]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2013-01-25 137576]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2012-11-29 390528]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S2 SafePCRepair_89Service;SafePCRepairService; C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe [2013-12-11 88648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ioloService;ioloToolService; C:\Program Files\SafePCRepair\ioloToolService.exe [2013-04-05 2625800]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vanora]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jaruska at 2013-12-13 11:13:04
ještě ten začátek.....


Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (16%) free of 20 GB
Total RAM: 1791 MB (46% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-JARUSKA-PC-Jaruska.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004UA.job

[cernohous13]

Vítám tě u nás

Jako první zakaž Automatické aktualizace v Ovládacích panelech - restartuj

Mám podezření na nelegální Office - odinstaluj, jinak bych ti podle našich pravidel nemohl pomáhat
Pak dej nový RSIT

[vanora]

Dobrý večer,
je to instalované tento rok, windows mám oficiální, ale zřejmě se na to kámoš vyprdnul....

[vanora]

dá se to udělat nějak dodatečně, dát tam to sériový číslo, že bych nemusela zase všechny programy instalovat atd....

[vanora]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaruska at 2013-12-13 20:48:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (17%) free of 20 GB
Total RAM: 1791 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:46, on 13.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SafePCRepair_89\bar\1.bin\89brmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Jaruska.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll
O2 - BHO: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AutoKMS] C:\WINDOWS\AutoKMS.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZNA Start] C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SafePCRepair Search Scope Monitor] "C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [SafePCRepair_89 Browser Plugin Loader] C:\Program Files\SafePCRepair_89\bar\1.bin\89brmon.exe
O4 - HKLM\..\Run: [SafePCRepair Home Page Guard 32 bit] "C:\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jaruska\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0280784484
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ioloToolService (ioloService) - iolo technologies, LLC - C:\Program Files\SafePCRepair\ioloToolService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SafePCRepairService (SafePCRepair_89Service) - COMPANYVERS_NAME - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9481 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-JARUSKA-PC-Jaruska.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1563985344-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jaruska\Data aplikací\Mozilla\Firefox\Profiles\h61rsmie.default-1386946421234

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SafePCRepair_89.com/Plugin]
"Description"=SafePCRepair Plugin
"Path"=C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fc509df-4b29-4ab3-96e6-47c178d60287}]
Toolbar BHO - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll [2013-12-11 859720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9}]
Search Assistant BHO - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll [2013-12-11 140360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-20 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - SafePCRepair - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll [2013-12-11 859720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2012-11-29 63048]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AutoKMS"=C:\WINDOWS\AutoKMS.exe [2013-02-07 615936]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZNA Start"=C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.ex [2013-07-25 2404352]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SafePCRepair Search Scope Monitor"=C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe [2013-12-11 55368]
"SafePCRepair_89 Browser Plugin Loader"=C:\Program Files\SafePCRepair_89\bar\1.bin\89brmon.exe [2013-12-11 61512]
"SafePCRepair Home Page Guard 32 bit"=C:\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Jaruska\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18706176]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2013-09-25 20133824]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-12-04 773728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2013-01-25 92520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Trillian\plugins\skypekit.exe"="C:\Program Files\Trillian\plugins\skypekit.exe:*:Enabled:skypekit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm

======List of files/folders created in the last 1 month======

2013-12-13 20:48:18 ----D---- C:\rsit
2013-12-13 11:50:41 ----SHD---- C:\Config.Msi
2013-12-13 11:13:20 ----D---- C:\Program Files\trend micro
2013-12-12 10:37:28 ----A---- C:\WINDOWS\system32\SET608.tmp
2013-12-12 10:37:27 ----A---- C:\WINDOWS\system32\SET607.tmp
2013-12-12 10:37:26 ----A---- C:\WINDOWS\system32\SET60C.tmp
2013-12-12 10:37:26 ----A---- C:\WINDOWS\system32\SET602.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET606.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET601.tmp
2013-12-12 10:37:23 ----A---- C:\WINDOWS\system32\SET600.tmp
2013-12-12 02:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 02:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 02:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 02:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 00:05:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\iolo
2013-12-12 00:05:23 ----D---- C:\Program Files\SafePCRepair
2013-12-11 21:59:58 ----D---- C:\Program Files\SafePCRepair_89
2013-12-11 17:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-04 08:24:42 ----D---- C:\Program Files\AC3Filter
2013-11-24 09:52:48 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\AC3Filter
2013-11-23 13:32:06 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\AVG
2013-11-23 13:29:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2013-11-23 13:29:07 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-16 08:40:34 ----D---- C:\Program Files\Mozilla Firefox
2013-11-15 22:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-15 22:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-15 22:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-15 22:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$

======List of files/folders modified in the last 1 month======

2013-12-13 20:48:24 ----D---- C:\WINDOWS\Prefetch
2013-12-13 20:45:34 ----D---- C:\WINDOWS
2013-12-13 20:45:09 ----D---- C:\WINDOWS\Temp
2013-12-13 20:44:02 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-13 20:41:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-13 13:52:02 ----RSD---- C:\WINDOWS\assembly
2013-12-13 13:52:02 ----D---- C:\WINDOWS\Microsoft.NET
2013-12-13 13:35:24 ----D---- C:\WINDOWS\system32
2013-12-13 13:03:40 ----HD---- C:\WINDOWS\inf
2013-12-13 13:02:58 ----D---- C:\WINDOWS\system32\CatRoot
2013-12-13 12:30:51 ----SHD---- C:\WINDOWS\Installer
2013-12-13 12:11:50 ----D---- C:\WINDOWS\WinSxS
2013-12-13 11:13:20 ----RD---- C:\Program Files
2013-12-13 10:37:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 09:49:01 ----D---- C:\Program Files\Trillian
2013-12-13 02:01:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2013-12-13 01:51:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-13 01:50:33 ----D---- C:\Program Files\Internet Explorer
2013-12-12 23:10:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-12 10:37:07 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\ZNA
2013-12-12 08:14:06 ----D---- C:\WINDOWS\system32\config
2013-12-11 23:54:38 ----D---- C:\WINDOWS\system32\cs-cz
2013-12-11 21:19:01 ----D---- C:\WINDOWS\Debug
2013-12-11 17:17:36 ----D---- C:\WINDOWS\system32\MRT
2013-12-11 17:14:03 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-11 12:00:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-07 20:09:09 ----D---- C:\Documents and Settings\Jaruska\Data aplikací\OpenCandy
2013-11-24 17:02:08 ----D---- C:\WINDOWS\system32\drivers
2013-11-19 11:21:30 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 07:43:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 22:34:18 ----D---- C:\Program Files\Microsoft Security Client
2013-11-16 22:32:13 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 MpKslbe7029cd;MpKslbe7029cd; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3840434B-15D8-4245-B905-32B7A104B61A}\MpKslbe7029cd.sys []
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2013-02-17 231760]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-04-23 818496]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-20 182184]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2013-01-25 375144]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2013-01-25 137576]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2012-11-29 390528]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S2 SafePCRepair_89Service;SafePCRepairService; C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe [2013-12-11 88648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ioloService;ioloToolService; C:\Program Files\SafePCRepair\ioloToolService.exe [2013-04-05 2625800]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[cernohous13]

Zatím budu věřit, že jsou legální.

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

[vanora]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Jaruska on so 14.12.2013 at 14:11:47,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Jaruska\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Program Files\safepcrepair"
Failed to delete: [Folder] "C:\Program Files\safepcrepair_89"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 14.12.2013 at 14:20:29,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[vanora]

druhý krok:

# AdwCleaner v3.015 - Report created 14/12/2013 at 14:27:04
# Updated 10/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jaruska - JARUSKA-PC
# Running from : D:\Dokumenty\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\SafePCRepair_89

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SafePCRepair Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SafePCRepair_89 Browser Plugin Loader]
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\Jaruska\Data aplikací\Mozilla\Firefox\Profiles\h61rsmie.default-1386946421234\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Jaruska\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1233 octets] - [14/12/2013 14:25:05]
AdwCleaner[S0].txt - [1164 octets] - [14/12/2013 14:27:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1224 octets] ##########

[vanora]

krok třetí: snad proveden správně....?

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jaruska :: JARUSKA-PC [administrátor]

Ochrana: Povolena

14.12.2013 15:15:40
MBAM-log-2013-12-14 (15-39-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 364100
Uplynulý čas: 22 minut, 23 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.02 (PUP.Ardamax) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ZNA Start (PUP.Ardamax) -> Data: C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SafePCRepair Home Page Guard 32 bit (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator.exe" -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.02 (PUP.Ardamax) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\ZNA\ZNA.exe (PUP.Ardamax) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\SUS\SUS.02 (PUP.Ardamax) -> Nebyla provedena žádná instrukce.

(konec)
Jen ještě vsuvka, nedávno jsme dávala novou myš.......a pořád mi vyskakuje průvodce novým softwarem...dá se to nějak zlikvidovat?

[cernohous13]

MBAM spustit znovu - Kontrolor -> dát Úplná kontrola
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Umístnění do karantény a smazání se zdařilo..(Quarantined and deleted successfully)
ten bych taky rád viděl

Start -> Spustit... - zadej devmgmt.msc
nejsou tam někde žluté otazníky/vykřičníky?
hlavně "Myši a jiná polohovací zařízení"

[vanora]

jen prosím, o Ardamaxu vím, ten bych nechtěla mazat, jde o můj osobní počítač.

[vanora]

žádné vykřičníky ani otazníky.....

[cernohous13]

Na neznámé zařízení klik pravým a Vyhledat změny hadwaru - Aktualizovat/instalovat ovladač
měla bys mít možná k myši instalační CD nebo pohledat na netu

Ten keylogger si tam klidně nech, neručím za to, co všechno je schopný někam odesílat

[vanora]

no hurá myš vypadá vyřešená, nevím proč to nešlo hned na poprvé, když to chtělo tu a samou instalaci.....

jen, ono to ten Ardamax najde....a bude ho to chtít vymazat, bude na tom seznamu nebo? Podle pokynů mám mazat ))) takže ho mám nějak odškrtat....