Seká hry Vyřešeno

[ROCK4891]

ComboFix 13-08-07.01 - Dominik . 08. 2013 15:58:03.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4007.2150 [GMT 2:00]
Running from: c:\users\Dominik\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-07-08 to 2013-08-08 )))))))))))))))))))))))))))))))
.
.
2013-08-08 14:06 . 2013-08-08 14:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-08 14:06 . 2013-08-08 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 12:35 . 2013-08-07 12:35 -------- d-----w- c:\windows\ERUNT
2013-08-06 15:32 . 2013-08-06 15:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-06 15:32 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-06 14:18 . 2013-08-06 14:18 388096 ----a-r- c:\users\Dominik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-06 14:18 . 2013-08-06 14:18 -------- d-----w- c:\program files (x86)\Trend Micro
2013-08-06 13:52 . 2013-08-07 12:39 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{209BAC18-BBD4-4897-96D2-C4D7104E9164}\offreg.dll
2013-08-06 12:40 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{209BAC18-BBD4-4897-96D2-C4D7104E9164}\mpengine.dll
2013-08-02 15:16 . 2013-08-02 15:16 -------- d-----w- c:\users\Dominik\AppData\Local\GoPro
2013-08-02 14:08 . 2013-08-02 14:08 -------- d-----w- c:\users\Dominik\AppData\Roaming\GoPro
2013-08-02 14:06 . 2013-08-02 14:06 -------- d-----w- c:\program files (x86)\CineForm
2013-08-02 14:06 . 2013-08-02 14:07 -------- d-----w- c:\users\Public\CineForm
2013-08-02 14:05 . 2013-08-02 14:05 -------- d-----w- c:\program files (x86)\QuickTime
2013-08-02 14:05 . 2013-08-02 14:06 -------- d-----w- c:\program files (x86)\GoPro
2013-07-31 15:57 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-07-31 15:57 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-07-31 15:57 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-07-24 11:40 . 2013-07-24 11:40 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-24 11:40 . 2013-07-24 11:40 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 11:46 . 2013-07-21 11:53 -------- d-----w- c:\users\Dominik\AppData\Roaming\TeamViewer
2013-07-21 11:34 . 2013-07-21 11:34 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-17 11:14 . 2013-07-17 11:14 -------- d-----w- c:\programdata\GlarySoft
2013-07-17 11:05 . 2013-08-06 12:38 -------- d-----w- c:\program files (x86)\Glary Utilities 3
2013-07-15 04:15 . 2013-07-15 04:18 -------- d-----w- c:\windows\system32\MRT
2013-07-11 04:57 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 04:57 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 04:57 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 04:57 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 04:57 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 04:57 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 04:57 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 04:56 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 04:56 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 04:56 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 04:56 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 04:55 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 04:54 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 04:54 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 04:54 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 04:54 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 04:54 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 04:52 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 04:52 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 04:21 . 2011-10-14 14:00 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-07-24 11:40 . 2012-08-26 14:51 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-24 11:40 . 2012-06-17 10:04 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-15 18:13 . 2013-02-25 17:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 18:13 . 2013-02-25 17:54 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-27 19:20 . 2013-03-05 13:14 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 19:20 . 2013-01-03 18:13 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 19:20 . 2013-01-03 18:13 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 13:05 . 2013-06-27 13:05 119808 ----a-r- c:\users\Dominik\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-06-23 22:57 . 2011-10-17 05:53 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 12:06 . 2013-07-05 14:31 925648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-06-21 12:06 . 2013-07-05 14:31 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-07-05 14:31 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-05 14:31 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-05 14:31 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-05 14:31 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-06-21 12:06 . 2013-07-05 14:31 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-07-05 14:31 218592 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-06-21 12:06 . 2013-07-05 14:31 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-05 14:31 181488 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06 . 2013-07-05 14:31 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-05 14:31 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-05 14:31 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-05 14:31 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-05 14:31 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-05 14:31 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-05 14:31 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-05 14:31 266448 ----a-w- c:\windows\system32\nvinitx.dll
2013-06-21 12:06 . 2013-07-05 14:31 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-05 14:31 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-05 14:31 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-05 14:31 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-05 14:31 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-05 14:31 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-07-05 14:31 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-05 14:31 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-05 14:31 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-07-05 14:31 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-05 14:31 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2011-07-26 07:29 214448 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-06-21 12:06 . 2011-07-26 07:29 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2011-07-26 07:29 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2011-06-05 05:53 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2011-06-05 05:53 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2011-06-05 05:53 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2011-06-05 05:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-06-21 10:23 . 2011-06-05 05:53 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2011-06-05 05:53 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 10:23 . 2011-06-05 05:53 1025312 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-06-21 10:23 . 2011-03-06 13:45 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-20 04:17 . 2011-06-05 05:53 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-06-11 15:04 . 2013-06-11 15:04 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-05-26 14:57 . 2011-10-17 12:08 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-05-26 14:57 . 2011-10-17 12:08 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-05-14 06:21 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 16:21 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 16:21 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 16:21 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 16:21 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 16:21 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 16:21 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 16:21 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 16:21 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:21 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:21 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2010-08-03 10:11 819200 --sha-w- c:\windows\SysWOW64\xvidcore.dll
2010-08-03 10:11 180224 --sha-w- c:\windows\SysWOW64\xvidvfw.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-02-25 40448]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-1 548528]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe;c:\expressgateutil\VAWinService.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys;c:\windows\SYSNATIVE\DRIVERS\cv2k1.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys;c:\windows\SYSNATIVE\DRIVERS\tscomm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-25 18:13]
.
2013-08-07 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files (x86)\Glary Utilities 3\Initialize.exe [2013-07-22 07:32]
.
2013-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 12:48]
.
2013-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 12:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1933584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files (x86)\Tonec Inc\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Tonec Inc\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6FD41F5D-903A-4316-BABB-C7108FA43AFA}: NameServer = 0.0.0.0
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\uie6ph6i.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Ask Search
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{CDC95B92-E27C-4745-A8C5-64A52A78855D} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-SP_ccfde35c - c:\program files (x86)\SimpleSpeedy\uninstall.exe
AddRemove-SP_e14dcdfa - c:\program files (x86)\ContinueToSave\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1478861864-133897243-3711369256-1001\Software\SecuROM\License information*]
"datasecu"=hex:ba,6f,75,a8,fe,f3,a3,be,aa,46,0c,57,f1,3d,82,05,ae,ae,e8,eb,55,
c4,d7,5e,b7,d3,92,b5,c2,71,37,04,3c,7a,5c,1c,ae,94,0a,4b,38,63,e3,9f,91,09,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Completion time: 2013-08-08 16:09:20
ComboFix-quarantined-files.txt 2013-08-08 14:09
.
Pre-Run: 96 074 858 496 bytes free
Post-Run: 95 855 546 368 bytes free
.
- - End Of File - - CE6F8168BC6E813C43534D6BBA948DDF
D41D8CD98F00B204E9800998ECF8427E

[Reklama]

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\acovcnt.exe
c:\users\Dominik\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[ROCK4891]

c:\windows\system32\acovcnt.exe - toto neviem nájst...normálne ho nájdem ale ked ho chcem najst cez vir scan (obidva) tak tam nieje

https://www.virustotal.com/cs/file/853a ... 376055764/

c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll - a toto tam tiez nieje ...v C nemám progra2.....to rxinput.dll som našiel 2krát ale normálne v program files a v program files x86 - Nvidia Corporation

tak neviem čo stím teraz

[ROCK4891]

a súbory so odkryté

[jaro3]

Zadej hledat v průzkumníku..

nebo:

Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe

SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe

a ulož si ho na plochu.

Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:

Kód: Vybrat vše

:filefind
rxinput.dll.*
acovcnt.exe.*


Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.

[ROCK4891]

SystemLook 30.07.11 by jpshortstuff
Log created at 21:30 on 09/08/2013 by Dominik
Administrator - Elevation successful

========== filefind ==========

Searching for "rxinput.dll.*"
C:\Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{0A0BDCF9-9772-4EDB-8F7C-B10ED8540D82}\amd64\server\rxinput.dll --a---- 653600 bytes [15:57 31/07/2013] [08:49 27/07/2013] 573F6CE6D979335F02FFEF4308C0EFA5
C:\Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{0A0BDCF9-9772-4EDB-8F7C-B10ED8540D82}\x86\server\rxinput.dll --a---- 593696 bytes [15:57 31/07/2013] [08:51 27/07/2013] B6892768C986588D6E924F5C2E2EBE15
C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll --a---- 653600 bytes [15:57 31/07/2013] [08:49 27/07/2013] 573F6CE6D979335F02FFEF4308C0EFA5
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll --a---- 593696 bytes [15:57 31/07/2013] [08:51 27/07/2013] B6892768C986588D6E924F5C2E2EBE15

Searching for "acovcnt.exe.*"
C:\Windows\System32\acovcnt.exe --a---- 45056 bytes [14:00 14/10/2011] [04:21 02/08/2013] 6BCAF46E2B7FA9ACE92B4D39F3037C5C

-= EOF =-

[ROCK4891]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-08-09 18:07:25
-----------------------------
18:07:25.739 OS Version: Windows x64 6.1.7601 Service Pack 1
18:07:25.739 Number of processors: 4 586 0x2A07
18:07:25.739 ComputerName: DOMINIK-PC UserName: Dominik
18:07:27.676 Initialize success
18:07:28.346 AVAST engine defs: 13080901
18:07:35.326 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:07:35.326 Disk 0 Vendor: ST975042 0002 Size: 715404MB BusType: 3
18:07:35.451 Disk 0 MBR read successfully
18:07:35.451 Disk 0 MBR scan
18:07:35.482 Disk 0 Windows 7 default MBR code
18:07:35.482 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
18:07:35.497 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 286161 MB offset 52430848
18:07:35.497 Disk 0 Partition - 00 0F Extended LBA 403641 MB offset 638488576
18:07:35.529 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 403640 MB offset 638490624
18:07:35.560 Disk 0 scanning C:\Windows\system32\drivers
18:07:47.637 Service scanning
18:08:06.692 Modules scanning
18:08:06.692 Disk 0 trace - called modules:
18:08:07.228 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
18:08:07.232 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006d7c060]
18:08:07.235 3 CLASSPNP.SYS[fffff88000cc143f] -> nt!IofCallDriver -> [0xfffffa8004b03a00]
18:08:07.238 5 ACPI.sys[fffff88000f327a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b09050]
18:08:07.722 AVAST engine scan C:\Windows
18:08:10.230 AVAST engine scan C:\Windows\system32
18:10:34.960 AVAST engine scan C:\Windows\system32\drivers
18:10:45.817 AVAST engine scan C:\Users\Dominik
18:12:07.354 Disk 0 MBR has been saved successfully to "C:\Users\Dominik\Desktop\MBR.dat"
18:12:07.360 The log file has been saved successfully to "C:\Users\Dominik\Desktop\aswMBR.txt"
18:26:38.151 AVAST engine scan C:\ProgramData
18:28:42.904 Scan finished successfully
21:27:50.662 Disk 0 MBR has been saved successfully to "C:\Users\Dominik\Desktop\MBR.dat"
21:27:50.662 The log file has been saved successfully to "C:\Users\Dominik\Desktop\aswMBR.txt"

[jaro3]

VirusTotal:
C:\Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{0A0BDCF9-9772-4EDB-8F7C-B10ED8540D82}\amd64\server\rxinput.dll
C:\Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{0A0BDCF9-9772-4EDB-8F7C-B10ED8540D82}\x86\server\rxinput.dll
C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll
C:\Windows\System32\acovcnt.exe

[ROCK4891]

doriti nejde mi net...tak sorrry ak to bude chvilocku trvat

[ROCK4891]

https://www.virustotal.com/cs/file/50bc ... 376225306/
https://www.virustotal.com/cs/file/e15a ... 376225433/
https://www.virustotal.com/cs/file/50bc ... 376225498/
https://www.virustotal.com/cs/file/e15a ... 376225562/
https://www.virustotal.com/cs/file/aaf6 ... 376225801/

a ten poslekný acovcnt.exe som aj tak nenašiel...ale ked som ho potom skopíraval na plochu tak som ho nasiel a otestoval....dufam že je to tiež OK

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update


Driver::
gupdate
gupdatem

Firefox::
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\uie6ph6i.default\
FF - prefs.js: browser.search.selectedEngine - Ask Search

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[ROCK4891]

Po presunutí do Combofixu mi ho otvorí a napíše : Error opening file for writing:
C:/32788R22FWJFW/023.dat ... Click abort to stop the instalation, Retry to try again, or ignore to skip this file...
skúšal som dat ignorovat ale potom vyhodilo možno este dalších 50 podobných tak som sa preklikal cez ignor ale potom to nejako len seklo...retry nefunguje a prerušit ked som dal tak to stojí a nič!!!!!!!!!!!!čo som spravil zle...všetko do Notepadu som dal ako je napísane...skúsil som stiahnut odznova Combofix ale aj tak nic...skusím reštart PC