Pomalé spúšťanie notebooku

[Veterans]

ComboFix 13-08-04.01 - asus . 08. 2013 10:33:19.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2989.1721 [GMT 2:00]
Running from: C:\Users\asus\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Windows\SysWow64\frapsvid.dll


((((((((((((((((((((((((( Files Created from 2013-07-04 to 2013-08-04 )))))))))))))))))))))))))))))))


2013-08-04 08:46:32 . 2013-08-04 08:46:32 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-08-03 14:14:08 . 2013-08-03 14:14:08 -------- d-----w- C:\Windows\ERUNT
2013-08-03 11:51:05 . 2013-04-04 12:50:32 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys
2013-08-03 11:51:04 . 2013-08-03 11:51:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-03 10:46:22 . 2013-08-03 10:46:22 388096 ----a-r- C:\Users\asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-03 10:46:22 . 2013-08-03 10:46:22 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-16 11:41:42 . 2013-07-16 11:41:23 312232 ----a-w- C:\Windows\system32\javaws.exe
2013-07-16 11:41:42 . 2013-07-16 11:41:22 972712 ----a-w- C:\Windows\system32\deployJava1.dll
2013-07-16 11:41:42 . 2013-07-16 11:41:22 1093032 ----a-w- C:\Windows\system32\npDeployJava1.dll
2013-07-16 11:41:32 . 2013-07-16 11:41:25 108968 ----a-w- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-16 11:41:32 . 2013-07-16 11:41:23 189352 ----a-w- C:\Windows\system32\javaw.exe
2013-07-16 11:41:32 . 2013-07-16 11:41:23 188840 ----a-w- C:\Windows\system32\java.exe
2013-07-16 11:41:19 . 2013-07-16 11:41:19 -------- d-----w- C:\Program Files\Java
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-07-04 18:21:41 . 2012-08-23 10:55:41 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-04 18:21:41 . 2012-08-23 10:55:41 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-12 14:08:31 . 2012-04-05 15:17:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 14:08:31 . 2012-04-05 15:17:43 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2010-02-10 02:18:42 . 2012-04-10 19:30:27 2131336 ----a-w- C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
2009-04-08 17:31:56 . 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 . 2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08:18 143360 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-31 08:34:53 2429]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 15:50:56 98304]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 00:50:50 6806144]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 21:41:46 170624]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 20:36:26 1597440]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-11-28 18:01:24 3744552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2010-8-31 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe;C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys;C:\Windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys;C:\Windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys;C:\Windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe;C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys;C:\Windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys;C:\Windows\SYSNATIVE\DRIVERS\JME.sys [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys;C:\Windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe;C:\Windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys;C:\Windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]


Contents of the 'Scheduled Tasks' folder

2013-08-04 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:17:43 . 2013-06-12 14:08:32]

2013-08-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 19:55:36 . 2012-04-20 19:55:34]

2013-08-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 19:55:36 . 2012-04-20 19:55:34]

2013-07-31 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000Core.job
- C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-07 08:22:47 . 2012-04-07 08:22:44]

2013-08-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000UA.job
- C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-07 08:22:47 . 2012-04-07 08:22:44]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01:11 134384 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52:58 159744 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49:40 70656 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49:40 70656 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 01:48:34 1754448]
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 13:54:26 112512]

------- Supplementary Scan -------

uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy.zssha.edu.sk:3128
IE: E&xportovať do programu Microsoft Excel
IE: Od&oslať do programu OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 80.87.208.29 80.87.208.166
FF - ProfilePath - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\gxf9r3s3.default\
FF - prefs.js: browser.startup.homepage - about:home

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
Toolbar-Locked - (no file)
WebBrowser-{124D001A-BDCB-472F-AA59-BBE7E4BC3204} - (no file)
HKLM-Run-ETDWare - C:\Program Files (x86)\Elantech\ETDCtrl.exe
AddRemove-{10CD364B-FFCC-48BE-B469-B9622A033075} - C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe

[Reklama]

[memphisto]

ještě tu druhou půlku dodej. Poslal jsi jen tu první...

[Veterans]

Tú máš súbor fakt som tam dal všetko.
http://uloz.to/xLRxT7Ks/combofix-txt

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000UA.job

Folder::
C:\Program Files (x86)\Google\Update
C:\Program Files (x86)\Skype\Updater

Driver::
gupdate
SkypeUpdate
gupdatem

DDS::
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory

Toto otestuj na Virustotal
C:\Program Files (x86)\Common Files\CPInstallAction.dll
C:\Program Files (x86)\Common Files\MSIactionall.dll
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Veterans]

https://www.virustotal.com/sk/file/5c03 ... 375694154/
https://www.virustotal.com/sk/file/0fc1 ... 375694170/
Ten súbor windows/installer nejde nájsť (ani keď idem do C tak ho nevidím).

[Veterans]

+ log
http://uloz.to/x38WuQ4M/combofix-txt

...len tak čo sa mi stalo (po dokončený sa mi Notebook reštartoval a po kliknutí na GoogleChrome/Moziulu/PS.... proste na program tak mi nešiel pustiť a vypisovalo dačo s registrom že bol pokus o odstránenie)...po reštartovaní už to ide

[memphisto]

Dej ten log sem... V tom texťáku to nejde číst...

[Veterans]

ComboFix 13-08-04.01 - asus . 08. 2013 11:23:36.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2989.1684 [GMT 2:00]
Running from: C:\Users\asus\Desktop\ComboFix.exe
Command switches used :: C:\Users\asus\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point

FILE ::
"C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe"
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job"
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job"
"C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000Core.job"
"C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000UA.job"


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\Google\Update
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\psmachine.dll
C:\Program Files (x86)\Google\Update\1.3.21.153\psuser.dll
C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Skype\Updater
C:\Program Files (x86)\Skype\Updater\Updater.dll
C:\Program Files (x86)\Skype\Updater\Updater.exe

---- Previous Run -------

C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Windows\SysWow64\frapsvid.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate


((((((((((((((((((((((((( Files Created from 2013-07-05 to 2013-08-05 )))))))))))))))))))))))))))))))


2013-08-05 09:34:58 . 2013-08-05 09:34:58 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-08-03 14:14:08 . 2013-08-03 14:14:08 -------- d-----w- C:\Windows\ERUNT
2013-08-03 11:51:05 . 2013-04-04 12:50:32 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys
2013-08-03 11:51:04 . 2013-08-03 11:51:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-03 10:46:22 . 2013-08-03 10:46:22 388096 ----a-r- C:\Users\asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-03 10:46:22 . 2013-08-03 10:46:22 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-16 11:41:42 . 2013-07-16 11:41:23 312232 ----a-w- C:\Windows\system32\javaws.exe
2013-07-16 11:41:42 . 2013-07-16 11:41:22 972712 ----a-w- C:\Windows\system32\deployJava1.dll
2013-07-16 11:41:42 . 2013-07-16 11:41:22 1093032 ----a-w- C:\Windows\system32\npDeployJava1.dll
2013-07-16 11:41:32 . 2013-07-16 11:41:25 108968 ----a-w- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-16 11:41:32 . 2013-07-16 11:41:23 189352 ----a-w- C:\Windows\system32\javaw.exe
2013-07-16 11:41:32 . 2013-07-16 11:41:23 188840 ----a-w- C:\Windows\system32\java.exe
2013-07-16 11:41:19 . 2013-07-16 11:41:19 -------- d-----w- C:\Program Files\Java
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-07-04 18:21:41 . 2012-08-23 10:55:41 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-04 18:21:41 . 2012-08-23 10:55:41 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-12 14:08:31 . 2012-04-05 15:17:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 14:08:31 . 2012-04-05 15:17:43 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2010-02-10 02:18:42 . 2012-04-10 19:30:27 2131336 ----a-w- C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
2009-04-08 17:31:56 . 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 . 2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08:18 143360 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-31 08:34:53 2429]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 15:50:56 98304]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 00:50:50 6806144]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 21:41:46 170624]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 20:36:26 1597440]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-11-28 18:01:24 3744552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe" [BU]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2010-8-31 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys;C:\Windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys;C:\Windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys;C:\Windows\SYSNATIVE\DRIVERS\JME.sys [x]
R3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys;C:\Windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe;C:\Windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys;C:\Windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys;C:\Windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys;C:\Windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]


Contents of the 'Scheduled Tasks' folder

2013-08-05 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:17:43 . 2013-06-12 14:08:32]

2013-07-31 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000Core.job
- C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-07 08:22:47 . 2012-04-07 08:22:44]

2013-08-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4140168926-4231804305-3951148228-1000UA.job
- C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-07 08:22:47 . 2012-04-07 08:22:44]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01:11 134384 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52:58 159744 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49:40 70656 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49:40 70656 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]
"ASUS WebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 01:48:34 1754448]
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 13:54:26 112512]

------- Supplementary Scan -------

uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy.zssha.edu.sk:3128
IE: E&xportovať do programu Microsoft Excel
IE: Od&oslať do programu OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 80.87.208.29 80.87.208.166
FF - ProfilePath - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\gxf9r3s3.default\
FF - prefs.js: browser.startup.homepage - about:home

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{124D001A-BDCB-472F-AA59-BBE7E4BC3204} - (no file)
AddRemove-{10CD364B-FFCC-48BE-B469-B9622A033075} - C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ info o stavu PC
+ nový HJT log