Jak odstraním nežádoucí reklamní banery Safesaver

[Bluemar]

Dobrý den,

projela jsem pc vším možným od adwcleaner, spyhunter po hitmanpro a pořád se nemůžu zbavit reklamních panelů Safesaver. Můžete mi nějak pomoct prosím? Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marketa at 2014-01-07 11:26:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (28%) free of 100 GB
Total RAM: 3067 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:30, on 7.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\GamePark2\gpcl.exe
C:\Program Files\ScreenShots\ScreenShots.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\explorer.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Users\Marketa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marketa\Desktop\RSIT.exe
C:\Program Files\trend micro\Marketa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iSafeService - Elex do Brasil Participaçoes Ltda - C:\Program Files\iSafe\iSafeSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6806 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178054908-3889953938-3483174869-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178054908-3889953938-3483174869-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\p5p0d94d.default-1389016612556

"{88c0442b-6405-4382-b747-2af3030015d8}"=C:\Program Files\gamesfree\firefox
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdjvu.dll
NPOFFICE.DLL
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-25 7723552]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-26 336384]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-09-03 41336]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2013-09-03 840568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe [2011-07-29 409088]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ScreenShots.lnk - C:\Program Files\ScreenShots\ScreenShots.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"msacm.lhacm"=lhacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mpg4"=C:\Windows\mpg4c32.dll
"vidc.mpg2"=C:\Windows\mpg4c32.dll
"vidc.mpg3"=C:\Windows\mpg4c32.dll
"vidc.iv50"=C:\Windows\ir50_32.dll
"vidc.MJPG"=C:\Windows\m3jpeg32.dll
"vidc.dmb1"=C:\Windows\m3jpeg32.dll
"vidc.GEOX"=C:\Windows\system32\v8400\GEO-MPEG4\2010.10.11.12.51\GeoCodec.dll
"vidc.GEOV"=C:\Windows\system32\v8400\GEO-MPEG4\2010.10.11.12.51\GeoCodec.dll
"vidc.GM20"=C:\Windows\system32\v8300\GEO-MPEG2\2008.12.16.10.38\GXGM20.dll
"vidc.GMP4"=C:\Windows\system32\v8400\GEO-MPEG4-ASP\2010.10.11.12.50\GXAMP4.dll
"vidc.GM40"=C:\Windows\system32\v8400\GEO-MPEG4-ASP\2010.10.11.12.50\GXAMP4.dll
"vidc.G264"=C:\Windows\system32\v8400\GEO-H264\2010.10.11.13.54\GX264.dll
"vidc.GEOS"=C:\Windows\system32\v8400\GEO-MPEG4\2010.10.11.12.51\GeoCodecD.dll
"vidc.GM4H"=C:\Windows\system32\v8400\GEO-MPEG4-ASP\2010.10.11.12.50\GXAMP4D.dll
"vidc.GM4S"=C:\Windows\system32\v8400\GEO-MPEG4-ASP\2010.10.11.12.50\GXAMP4D.dll
"vidc.G26S"=C:\Windows\system32\v8400\GEO-H264\2010.10.11.13.54\GX264D.dll
"vidc.GJPG"=C:\Windows\system32\v8400\GEO-JPEG\2010.10.11.12.47\GXJPG.dll
"vidc.MXPG"=C:\Windows\system32\v8400\GEO-JPEG\2010.10.11.12.47\GXJPG.dll
"vidc.GAVC"=C:\Windows\system32\v8400\GEO-H264-V2\2010.10.12.12.5\GXAVC.dll
"vidc.GAVS"=C:\Windows\system32\v8400\GEO-H264-V2\2010.10.12.12.5\GXAVCD.dll
"msacm.geoadpcm"=system32\v8400\GEO-ADPCM\2010.6.17.9.10\GeoADPCM.acm
"msacm.geoaac"=system32\v8350\GEO-AAC\2010.5.28.15.53\GeoAAC.acm
"vidc.lags"=lagarith.dll
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-07 11:26:17 ----D---- C:\rsit
2014-01-07 11:26:17 ----D---- C:\Program Files\trend micro
2014-01-07 10:48:37 ----SHD---- C:\$RECYCLE.BIN
2014-01-07 10:48:32 ----D---- C:\Windows\temp
2014-01-07 10:48:30 ----A---- C:\ComboFix.txt
2014-01-07 10:35:24 ----A---- C:\Windows\zip.exe
2014-01-07 10:35:24 ----A---- C:\Windows\SWSC.exe
2014-01-07 10:35:24 ----A---- C:\Windows\SWREG.exe
2014-01-07 10:35:24 ----A---- C:\Windows\sed.exe
2014-01-07 10:35:24 ----A---- C:\Windows\PEV.exe
2014-01-07 10:35:24 ----A---- C:\Windows\NIRCMD.exe
2014-01-07 10:35:24 ----A---- C:\Windows\MBR.exe
2014-01-07 10:35:24 ----A---- C:\Windows\grep.exe
2014-01-07 10:34:47 ----D---- C:\Qoobox
2014-01-07 10:34:27 ----D---- C:\Windows\erdnt
2014-01-07 10:15:21 ----D---- C:\Users\Marketa\AppData\Roaming\eCyber
2014-01-07 10:15:10 ----D---- C:\Program Files\iSafe
2014-01-07 10:13:06 ----D---- C:\Users\Marketa\AppData\Roaming\iSafe
2014-01-06 21:10:09 ----D---- C:\Windows\A358F2F62500420C989C25C4F22DF51E.TMP
2014-01-06 20:58:26 ----D---- C:\Program Files\Enigma Software Group
2014-01-05 13:52:09 ----D---- C:\Users\Marketa\AppData\Roaming\Nokia Suite
2014-01-04 20:25:58 ----D---- C:\Program Files\HitmanPro
2014-01-04 20:25:46 ----D---- C:\ProgramData\HitmanPro
2014-01-04 19:45:37 ----D---- C:\Users\Marketa\AppData\Roaming\Malwarebytes
2014-01-04 19:45:29 ----D---- C:\ProgramData\Malwarebytes
2014-01-03 11:42:58 ----D---- C:\Windows\ERUNT
2013-12-31 22:53:13 ----D---- C:\ProgramData\Prowebi
2013-12-31 22:17:18 ----D---- C:\ProgramData\Browser Enhancer
2013-12-31 11:22:25 ----D---- C:\ProgramData\Browser faster
2013-12-30 19:55:36 ----D---- C:\ProgramData\KeepnBrowse
2013-12-30 19:29:30 ----D---- C:\ProgramData\SmartWeb
2013-12-30 09:16:31 ----D---- C:\ProgramData\ilhkodmbamkkaokapjfificgckppmhhf
2013-12-30 09:16:31 ----D---- C:\ProgramData\FunDeaaLs
2013-12-30 09:16:23 ----D---- C:\ProgramData\df4fa880cfa9ad5
2013-12-30 09:16:22 ----D---- C:\ProgramData\DDigiSaovver
2013-12-29 09:25:36 ----D---- C:\ProgramData\FastSys
2013-12-28 09:08:27 ----D---- C:\ProgramData\Winclean performap
2013-12-27 13:37:28 ----D---- C:\ProgramData\Browser Stabilizer
2013-12-27 09:28:18 ----D---- C:\ProgramData\Performancer
2013-12-24 10:53:33 ----D---- C:\Users\Marketa\AppData\Roaming\AC3Filter
2013-12-24 10:23:10 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2013-12-24 10:23:03 ----D---- C:\Program Files\PC Connectivity Solution
2013-12-24 10:12:16 ----D---- C:\ProgramData\NokiaInstallerCache
2013-12-16 05:37:17 ----D---- C:\Program Files\Free Zip
2013-12-11 09:36:11 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-11 09:36:10 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 09:36:10 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 09:36:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 09:36:09 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-11 09:36:08 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-11 09:36:08 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-11 09:36:08 ----A---- C:\Windows\system32\iesetup.dll
2013-12-11 09:36:08 ----A---- C:\Windows\system32\iernonce.dll
2013-12-11 09:36:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-11 09:36:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-11 09:36:07 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 09:36:06 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 09:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 09:36:04 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 09:36:03 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 09:36:02 ----A---- C:\Windows\system32\jscript9.dll
2013-12-11 09:31:36 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 09:31:34 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 08:31:09 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 08:31:08 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 08:31:07 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 08:31:07 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-11 08:31:07 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 08:31:07 ----A---- C:\Windows\system32\cscript.exe
2013-12-11 08:31:05 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 08:31:02 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 08:31:01 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 08:31:01 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-08 17:57:43 ----D---- C:\ProgramData\M-Photo
2013-12-08 17:55:49 ----A---- C:\Windows\system32\AKCE_MCL_AKCE_MCL_uninstaller.exe

======List of files/folders modified in the last 1 month======

2014-01-07 11:26:17 ----RD---- C:\Program Files
2014-01-07 10:51:34 ----D---- C:\Windows\Prefetch
2014-01-07 10:48:32 ----D---- C:\Windows
2014-01-07 10:46:07 ----A---- C:\Windows\system.ini
2014-01-07 10:46:00 ----D---- C:\Windows\system32\drivers\etc
2014-01-07 10:45:28 ----D---- C:\Windows\System32
2014-01-07 10:45:28 ----D---- C:\ProgramData
2014-01-07 10:42:50 ----D---- C:\Windows\system32\drivers
2014-01-07 10:42:50 ----D---- C:\Windows\AppPatch
2014-01-07 10:42:49 ----D---- C:\Program Files\Common Files
2014-01-07 10:21:45 ----D---- C:\Windows\system32\config
2014-01-06 23:55:53 ----D---- C:\Shoty
2014-01-06 22:55:25 ----D---- C:\Users\Marketa\AppData\Roaming\TS3Client
2014-01-06 21:54:31 ----A---- C:\Windows\system32\PnkBstrB.exe
2014-01-06 21:11:05 ----SHD---- C:\Windows\Installer
2014-01-06 21:11:05 ----SD---- C:\Users\Marketa\AppData\Roaming\Microsoft
2014-01-06 21:11:05 ----D---- C:\Windows\system32\Tasks
2014-01-06 21:10:01 ----SHD---- C:\System Volume Information
2014-01-06 20:57:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2014-01-06 14:57:11 ----D---- C:\Program Files\Mozilla Firefox
2014-01-06 14:48:47 ----D---- C:\Program Files\QIP 2012
2014-01-06 14:24:19 ----D---- C:\1
2014-01-06 13:58:15 ----D---- C:\Program Files\Last.fm
2014-01-06 13:06:19 ----D---- C:\Windows\inf
2014-01-06 13:06:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-05 13:52:07 ----D---- C:\Users\Marketa\AppData\Roaming\Nokia
2014-01-05 13:47:35 ----D---- C:\Windows\tracing
2014-01-05 09:02:09 ----D---- C:\Windows\system32\catroot2
2014-01-05 00:02:09 ----D---- C:\Users\Marketa\AppData\Roaming\HLSW
2014-01-03 20:03:14 ----D---- C:\Users\Marketa\AppData\Roaming\Skype
2013-12-24 16:52:15 ----D---- C:\Windows\system32\catroot
2013-12-24 10:24:31 ----D---- C:\ProgramData\Nokia
2013-12-24 10:23:45 ----D---- C:\Program Files\Nokia
2013-12-24 10:23:10 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-24 10:23:10 ----D---- C:\Windows\system32\DriverStore
2013-12-23 13:12:53 ----D---- C:\Windows\system32\FxsTmp
2013-12-13 09:48:18 ----D---- C:\Users\Marketa\AppData\Roaming\uTorrent
2013-12-12 09:47:01 ----D---- C:\Windows\rescache
2013-12-12 08:26:56 ----A---- C:\Windows\M3JPEG.INI
2013-12-11 15:51:30 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 09:44:47 ----D---- C:\Windows\winsxs
2013-12-11 09:40:23 ----D---- C:\Program Files\Internet Explorer
2013-12-11 09:40:21 ----D---- C:\Windows\system32\cs-CZ
2013-12-11 09:40:21 ----D---- C:\Program Files\Windows Media Player
2013-12-11 09:36:58 ----A---- C:\Windows\win.ini
2013-12-11 09:35:19 ----D---- C:\Windows\system32\MRT
2013-12-11 09:31:59 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-08-13 96368]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-06 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-17 26024]
R1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [2013-12-30 39424]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2000-02-03 24608]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 95896]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-03 25416]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-25 2758240]
R3 iSafeKrnl;iSafeKrnl; \??\C:\Program Files\iSafe\iSafeKrnl.sys [2013-12-30 192000]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-03 278984]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aqi3cpkt;aqi3cpkt; C:\Windows\system32\drivers\aqi3cpkt.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 104976]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys []
S3 cpuz130;cpuz130; \??\C:\Users\Marketa\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2000-06-29 52224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 iSafeService;iSafeService; C:\Program Files\iSafe\iSafeSvc.exe [2013-12-30 491688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-29 935208]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-02-10 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2014-01-06 214520]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-02 655624]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-25 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1343400]

-----------------EOF-----------------

[vyosek]

Zdravim, pekne poledne preji a vitam Vas u nas na foru

Ten ComboFix Vam tam poradil kdo??

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Dejte mi sem tento log C:\ComboFix.txt

[Bluemar]

Tak to se omlouvám, většinou radí kamarádi, člověk se na odborníky obrací až ve stavu nouze, protože nechce vypadat jak trotl, co si neumí poradit A ono to je pak naopak.

ComboFix 14-01-04.03 - Marketa 07.01.2014 10:37:10.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3067.1859 [GMT 1:00]
Spuštěný z: c:\users\Marketa\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\windows
c:\programdata\windows\dumd.dat
c:\programdata\windows\xdor.dat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ijl11.dll
c:\windows\system32\vbpng1.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-07 do 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-07 09:45 . 2014-01-07 09:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-07 09:19 . 2014-01-07 09:19 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C6321943-ED4A-4947-81DB-50EB3CA6BD89}\offreg.dll
2014-01-07 09:15 . 2014-01-07 09:15 -------- d-----w- c:\users\Marketa\AppData\Roaming\eCyber
2014-01-07 09:15 . 2014-01-07 09:40 -------- d-----w- c:\program files\iSafe
2014-01-07 09:13 . 2014-01-07 09:17 -------- d-----w- c:\users\Marketa\AppData\Roaming\iSafe
2014-01-06 20:10 . 2014-01-06 20:11 -------- d-----w- c:\windows\A358F2F62500420C989C25C4F22DF51E.TMP
2014-01-06 19:58 . 2014-01-06 19:58 -------- d-----w- c:\program files\Enigma Software Group
2014-01-05 12:52 . 2014-01-05 12:52 -------- d-----w- c:\users\Marketa\AppData\Roaming\Nokia Suite
2014-01-04 19:25 . 2014-01-07 09:03 -------- d-----w- c:\program files\HitmanPro
2014-01-04 19:25 . 2014-01-04 19:42 -------- d-----w- c:\programdata\HitmanPro
2014-01-04 18:45 . 2014-01-04 18:45 -------- d-----w- c:\users\Marketa\AppData\Roaming\Malwarebytes
2014-01-04 18:45 . 2014-01-04 18:45 -------- d-----w- c:\programdata\Malwarebytes
2014-01-03 10:42 . 2014-01-03 10:42 -------- d-----w- c:\windows\ERUNT
2014-01-03 09:08 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C6321943-ED4A-4947-81DB-50EB3CA6BD89}\mpengine.dll
2013-12-31 21:53 . 2014-01-07 09:01 -------- d-----w- c:\programdata\Prowebi
2013-12-31 21:17 . 2014-01-07 09:01 -------- d-----w- c:\programdata\Browser Enhancer
2013-12-31 10:22 . 2014-01-07 09:01 -------- d-----w- c:\programdata\Browser faster
2013-12-30 18:55 . 2014-01-07 09:01 -------- d-----w- c:\programdata\KeepnBrowse
2013-12-30 18:29 . 2014-01-07 09:01 -------- d-----w- c:\programdata\SmartWeb
2013-12-30 08:16 . 2013-12-30 08:16 -------- d-----w- c:\programdata\FunDeaaLs
2013-12-30 08:16 . 2013-12-30 08:16 -------- d-----w- c:\programdata\ilhkodmbamkkaokapjfificgckppmhhf
2013-12-30 08:16 . 2013-12-30 08:16 -------- d-----w- c:\programdata\df4fa880cfa9ad5
2013-12-30 08:16 . 2013-12-30 08:16 -------- d-----w- c:\programdata\DDigiSaovver
2013-12-29 08:25 . 2014-01-07 09:01 -------- d-----w- c:\programdata\FastSys
2013-12-28 08:08 . 2013-12-28 08:08 -------- d-----w- c:\programdata\Winclean performap
2013-12-27 12:37 . 2014-01-07 09:01 -------- d-----w- c:\programdata\Browser Stabilizer
2013-12-27 08:28 . 2014-01-07 09:01 -------- d-----w- c:\programdata\Performancer
2013-12-24 09:53 . 2013-12-24 09:53 -------- d-----w- c:\users\Marketa\AppData\Roaming\AC3Filter
2013-12-24 09:23 . 2012-10-17 13:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-12-24 09:23 . 2013-12-24 09:23 -------- d-----w- c:\program files\PC Connectivity Solution
2013-12-24 09:12 . 2013-12-24 09:12 -------- d-----w- c:\programdata\NokiaInstallerCache
2013-12-16 04:37 . 2013-12-16 04:37 -------- d-----w- c:\program files\Free Zip
2013-12-11 08:31 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 08:31 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 07:31 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 07:31 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 07:31 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 07:31 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 07:31 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 07:31 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 07:31 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 07:31 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 07:31 . 2013-10-30 01:27 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 07:31 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 07:31 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-08 17:48 . 2013-12-08 17:48 -------- d-----w- c:\users\Marketa\AppData\Local\M-Photo_Ltd
2013-12-08 16:57 . 2013-12-08 16:57 -------- d-----w- c:\programdata\M-Photo
2013-12-08 16:55 . 2013-12-08 16:55 19727745 ----a-w- c:\windows\system32\AKCE_MCL_AKCE_MCL_uninstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-06 20:54 . 2010-02-10 20:35 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-01-06 20:54 . 2010-02-10 20:35 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-01-06 20:54 . 2010-02-10 20:35 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-12-11 14:51 . 2012-05-01 13:22 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 14:51 . 2011-05-16 05:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 22:31 . 2013-11-27 22:31 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-27 22:31 . 2013-11-27 22:31 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 22:31 . 2013-11-27 22:31 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 22:31 . 2013-11-27 22:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 22:31 . 2013-11-27 22:31 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 22:31 . 2013-11-27 22:31 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 22:31 . 2013-11-27 22:31 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 22:31 . 2013-11-27 22:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 22:31 . 2013-11-27 22:31 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 22:31 . 2013-11-27 22:31 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 22:31 . 2013-11-27 22:31 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 22:31 . 2013-11-27 22:31 337408 ----a-w- c:\windows\system32\html.iec
2013-11-27 22:31 . 2013-11-27 22:31 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-27 22:31 . 2013-11-27 22:31 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 22:31 . 2013-11-27 22:31 182272 ----a-w- c:\windows\system32\msls31.dll
2013-11-27 22:31 . 2013-11-27 22:31 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-11-27 22:31 . 2013-11-27 22:31 139264 ----a-w- c:\windows\system32\wextract.exe
2013-11-27 22:31 . 2013-11-27 22:31 13312 ----a-w- c:\windows\system32\mshta.exe
2013-11-27 22:31 . 2013-11-27 22:31 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-27 22:31 . 2013-11-27 22:31 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-19 02:33 . 2010-02-10 07:23 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 02:03 . 2013-11-13 08:20 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 08:20 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-13 08:20 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-25 7723552]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-09-03 41336]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-09-03 840568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ScreenShots.lnk - c:\program files\ScreenShots\ScreenShots.exe [2006-8-14 196608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2011-5-24 409088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-06-17 11:13 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-10-02 19:28 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-06-26 11:10 1516632 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 09:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 18:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 cpuz130;cpuz130;c:\users\Marketa\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-06 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
S1 iSafeNetFilter;iSafeNetFilter;c:\program files\iSafe\iSafeNetFilter.sys [2013-12-30 39424]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 219136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 95896]
S2 iSafeService;iSafeService;c:\program files\iSafe\iSafeSvc.exe [2013-12-30 491688]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 iSafeKrnl;iSafeKrnl;c:\program files\iSafe\iSafeKrnl.sys [2013-12-30 192000]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ISAFEKRNL
*NewlyCreated* - ISAFENETFILTER
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 14:51]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178054908-3889953938-3483174869-1000Core.job
- c:\users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-09 16:35]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178054908-3889953938-3483174869-1000UA.job
- c:\users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-09 16:35]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\p5p0d94d.default-1389016612556\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-AdobeBridge - (no file)
HKU-Default-Run-Exetender_298 - c:\program files\Frag Games\GPlayer.exe
MSConfigStartUp-Exetender_298 - c:\program files\Frag Games\GPlayer.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{14be225b} - c:\progra~2\FastSys\FastSys.dll
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{34677ac8} - c:\progra~2\SmartWeb\SmartWeb.dll
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{5837205} - c:\progra~2\BROWSE~2\BROWSE~1.DLL
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{6ea8c3d5} - c:\progra~2\Prowebi\Prowebi.dll
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{dfc86759} - c:\progra~2\PERFOR~1\PERFOR~1.DLL
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
AddRemove-QipGuard - c:\users\Marketa\AppData\Roaming\QipGuard\QipGuard.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2178054908-3889953938-3483174869-1000\Software\SecuROM\License information*]
"datasecu"=hex:c6,f5,3f,18,ba,4f,31,4e,ca,08,b2,31,c4,45,29,83,1c,fd,6c,b8,74,
62,f5,5d,0e,57,73,5c,52,f1,7b,cc,66,7f,da,79,7b,e5,76,27,c6,c1,59,e2,f0,78,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-07 10:48:30
ComboFix-quarantined-files.txt 2014-01-07 09:48
.
Před spuštěním: Volných bajtů: 29 203 161 088
Po spuštění: Volných bajtů: 29 180 403 712
.
- - End Of File - - BCB46BEFB9C6F3560DF0E6BFCE1DC0A2
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Ja bych prave volil uuuplne opacny postup, jelikoz s kamarady nad tim muzete stravit nekolik dni a neuspesne a tady to muze byt za dve hodiny hotove

Na ten ESET mate radne zakoupenou licenci?? Verze vypada docela zastarala

[Bluemar]

Nemám zakoupenou licenci

Problém jsem vyřešila,děkuji

[vyosek]

Problém jsem vyřešila,děkuji

A jak prosim???