Facebook vs. malware

[Pepik]

Your Computer Needs to Be Cleaned
Váš počítač byl pravděpodobně napaden malwarem. Pomůžeme vám problém odstranit a zabezpečit váš účet, aby se malware nerozšiřoval vašim přátelům.
Malware je software, který se pokouší ukrást osobní údaje a způsobuje problémy při používání Facebooku. Malware se může do vašeho počítače dostat kliknutím na odkazy, které obsahují spam, nebo jejich sdílením.

Tož sem si stáhl po dvoudenním absťáku jeho doporučení trend Micro HouseCall - Nod se mohl v průběku placebo trendu kontroli párkrát zvencnout - nic nenašel a Facebook mele pořád to stejné

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza_BD at 2016-06-15 13:58:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 628 GB (88%) free of 715 GB
Total RAM: 3327 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:47, on 15.6.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\VVCap\VVCap.exe
C:\Documents and Settings\Honza_BD\Data aplikací\Mozilla\Firefox\Profiles\qlaI9o3M.default\extensions\adbhelper@mozilla.org\win32\adb.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Honza_BD\Dokumenty\Stažené soubory\ESETLogCollector_csy(1).exe
C:\Documents and Settings\Honza_BD\Plocha\RSIT.exe
C:\Program Files\trend micro\Honza_BD.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [1] C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.exe /r /p
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {3E278D18-99A7-4885-9C9A-8D1219D474F8} (SNCIntelligence Class) - http://10.0.0.104/program/SNCIntelligence.cab
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://10.0.0.100/RtspVaPgDec.cab
O16 - DPF: {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} - http://10.0.0.36/VVTK_Plugin_Installer.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7244178937
O16 - DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} (RtspVaPgCtrlNew2 Class) - http://10.0.0.102/RtspVaPgDecNew2.cab
O16 - DPF: {9F1C0B35-8230-4176-8B99-5C2485121A4E} (SNCActiveXViewerControl Class) - http://10.0.0.104/program/SNCActiveXViewer.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 4573 bytes

======Scheduled tasks folder======




ComboFix 16-06-01.01 - Honza_BD 15.06.2016 4:21.4.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2708 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honza_BD\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET Smart Security 9.0.376.1 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-15 do 2016-06-15 )))))))))))))))))))))))))))))))
.
.
2016-06-15 01:33 . 2016-06-15 01:56 123264 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-15 01:33 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-15 01:33 . 2016-06-15 02:13 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-06-15 01:33 . 2016-06-15 01:33 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2016-06-15 01:07 . 2016-06-15 01:07 -------- d-----w- c:\documents and settings\Honza_BD\Local Settings\Data aplikací\Adblock Plus for IE
2016-06-15 01:05 . 2016-06-15 01:05 -------- d-----w- c:\documents and settings\Honza_BD\Data aplikací\Adblock Plus for IE
2016-06-15 01:05 . 2016-06-15 01:05 -------- d-----w- c:\program files\Adblock Plus for IE
2016-06-03 02:12 . 2016-06-03 02:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\ESET
2016-06-03 02:12 . 2016-06-03 02:12 -------- d-----w- c:\program files\ESET
2016-06-03 01:38 . 2016-06-03 01:38 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Nabídka Start
2016-06-02 16:17 . 2016-06-02 16:17 -------- d-----w- c:\documents and settings\Default User.WINDOWS\Data aplikací\TuneUp Software
2016-05-31 23:49 . 2016-05-31 23:52 -------- d-----w- c:\program files\trend micro
2016-05-31 23:49 . 2016-05-31 23:50 -------- d-----w- C:\rsit
2016-05-31 23:04 . 2016-06-01 00:30 -------- d-----w- c:\windows\system32\drivers\UMDF
2016-05-31 23:04 . 2016-05-31 23:04 -------- d-----w- c:\windows\system32\LogFiles
2016-05-31 20:29 . 2016-05-31 20:29 765440 ----a-r- c:\documents and settings\Honza_BD\Data aplikací\Microsoft\Installer\{23BF7533-1747-4744-94FF-CF716FBB5597}\VVCap.exe
2016-05-31 20:29 . 2016-05-31 20:29 -------- d-----w- c:\program files\VVCap
2016-05-29 16:23 . 2008-04-14 06:51 81920 ------w- c:\windows\system32\ieencode.dll
2016-05-29 06:52 . 2001-10-24 10:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2016-05-29 06:52 . 2008-04-14 06:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2016-05-28 02:36 . 2016-06-14 22:43 -------- d-----w- C:\AdwCleaner
2016-05-28 02:33 . 2016-05-28 02:34 -------- d-----w- c:\program files\AdwCleaner
2016-05-28 01:32 . 2016-05-28 01:32 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Martau
2016-05-28 01:31 . 2016-06-03 01:41 -------- d-----w- c:\program files\Total Uninstall 6
2016-05-26 00:44 . 2016-05-26 00:44 -------- d-----w- c:\documents and settings\Honza_BD\Data aplikací\Spyware Terminator
2016-05-26 00:26 . 2016-05-26 00:26 -------- d-----w- c:\documents and settings\Honza_BD\Data aplikací\TuneUp Software
2016-05-26 00:26 . 2016-06-03 01:32 -------- d-----w- C:\$AVG
2016-05-26 00:23 . 2016-06-03 01:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\MFAData
2016-05-26 00:23 . 2016-05-26 00:23 -------- d-----w- c:\documents and settings\Honza_BD\Local Settings\Data aplikací\MFAData
2016-05-26 00:17 . 2016-06-03 01:44 -------- d-----w- c:\program files\AVG
2016-05-25 23:02 . 2016-06-03 01:33 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Avg
2016-05-25 23:02 . 2016-06-03 01:33 -------- d-----w- c:\documents and settings\Honza_BD\Local Settings\Data aplikací\Avg
2016-05-25 22:54 . 2016-05-25 22:54 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Licenses
2016-05-25 22:54 . 2016-06-03 00:57 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\TEMP
2016-05-25 22:41 . 2016-05-25 22:41 -------- d-----w- c:\program files\CCleaner
2016-05-25 22:35 . 2016-05-27 10:01 -------- d-----w- c:\program files\Spyware Terminator
2016-05-25 22:22 . 2016-05-25 23:02 -------- d-----w- C:\AVG_Remover
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-26 10:52 . 2013-01-03 17:11 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-05-26 10:52 . 2013-01-03 17:11 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-04-14 13:09 . 2016-04-14 13:09 69816 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2016-04-14 13:09 . 2016-04-14 13:09 47168 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2016-04-14 13:09 . 2016-04-14 13:09 206312 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-04-14 13:09 . 2016-04-14 13:09 154288 ----a-w- c:\windows\system32\drivers\edevmon.sys
2016-04-14 13:09 . 2016-04-14 13:09 152728 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-04-14 13:09 . 2016-04-14 13:09 146024 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2016-04-14 13:09 . 2016-04-14 13:09 111040 ----a-w- c:\windows\system32\drivers\ekbdflt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files\Malwarebytes Anti-Malware\Chameleon\Windows\mrvnlmmex"="rd" [X]
"1"="c:\program files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.com" [2016-03-10 960480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2010-08-23 08:11 206240 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 15:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 15:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-07-07 22:52 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2012-10-30 15:25 20117648 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2015-03-07 12:53 335232 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Total Uninstall]
2015-05-29 11:14 4607136 ----a-w- c:\program files\Total Uninstall 6\Tu.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Honza_BD\\Plocha\\ComboFix.exe"=
.
R0 edevmon;edevmon;c:\windows\system32\drivers\edevmon.sys [14.4.2016 15:09 154288]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [5.1.2013 16:15 5248]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [14.4.2016 15:09 206312]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.4.2016 15:09 146024]
R2 ekbdflt;ekbdflt;c:\windows\system32\drivers\ekbdflt.sys [14.4.2016 15:09 111040]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [3.3.2016 23:18 1983264]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [14.5.2010 5:09 65536]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [15.6.2016 3:33 123264]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15.6.2016 3:33 24448]
S0 vax347b;vax347b;c:\windows\system32\DRIVERS\vax347b.sys --> c:\windows\system32\DRIVERS\vax347b.sys [?]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [15.6.2016 3:33 1136608]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.1.2013 22:07 1691480]
S3 AVerBDA6x;AVerBDA6x service;c:\windows\system32\drivers\AVerBDA716x.sys [6.1.2013 19:33 1151104]
S3 eapihdrv;eapihdrv;\??\c:\docume~1\Honza_BD\LOCALS~1\Temp\ehdrv.sys --> c:\docume~1\Honza_BD\LOCALS~1\Temp\ehdrv.sys [?]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\MSI\Live Update 5\msibios32_100507.sys --> c:\program files\MSI\Live Update 5\msibios32_100507.sys [?]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;\??\c:\program files\MSI\Super-Charger\NTIOLib.sys --> c:\program files\MSI\Super-Charger\NTIOLib.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\MSI\Live Update 5\NTIOLib.sys --> c:\program files\MSI\Live Update 5\NTIOLib.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSERVICE
.
Obsah adresáře 'Naplánované úlohy'
.
2016-05-27 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-06-19 23:28]
.
2016-05-27 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-06-19 23:28]
.
2016-06-14 c:\windows\Tasks\User_Feed_Synchronization-{BB253650-2A62-44CA-BB35-CC623EC967B7}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 10.0.0.138
DPF: {3E278D18-99A7-4885-9C9A-8D1219D474F8} - hxxp://10.0.0.104/program/SNCIntelligence.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://10.0.0.100/RtspVaPgDec.cab
DPF: {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} - hxxp://10.0.0.36/VVTK_Plugin_Installer.exe
DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} - hxxp://10.0.0.102/RtspVaPgDecNew2.cab
DPF: {9F1C0B35-8230-4176-8B99-5C2485121A4E} - hxxp://10.0.0.104/program/SNCActiveXViewer.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-06-15 04:26
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,98,f1,0d,6d,98,fe,be,4e,9b,52,97,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,98,f1,0d,6d,98,fe,be,4e,9b,52,97,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(20084)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2016-06-15 04:27:58
ComboFix-quarantined-files.txt 2016-06-15 02:27
ComboFix2.txt 2016-06-14 23:26
ComboFix3.txt 2016-05-25 22:03
.
Před spuštěním: Volných bajtů: 661 346 787 328
Po spuštění: Volných bajtů: 661 330 755 584
.
- - End Of File - - 2C1882D2EE8E378CB516E4FB22B853E6
413FC2A0C716421B3158746D63736515

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.