ComboFix 13-03-30.01 - Roman 30.03.2013  19:46:15.1.2 - x86
Sputn z: c:\users\Roman\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2013-02-28 do 2013-03-30  )))))))))))))))))))))))))))))))
.
.
2013-03-30 18:56 . 2013-03-30 18:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-30 18:56 . 2013-03-30 18:56	--------	d-----w-	c:\users\Jan\AppData\Local\temp
2013-03-30 12:44 . 2013-03-30 12:45	--------	d-----w-	c:\program files\trend micro
2013-03-28 17:36 . 2013-03-30 18:36	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-03-28 16:51 . 2013-03-15 07:21	7108640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{57A2B713-6838-47C9-8D51-F312E9493389}\mpengine.dll
2013-03-21 19:19 . 2013-03-21 19:22	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-03-21 19:13 . 2013-03-21 19:13	--------	d-----w-	c:\program files\Adobe Media Player
2013-03-21 19:10 . 2013-03-21 19:10	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2013-03-16 06:30 . 2013-03-16 06:30	4546560	----a-w-	c:\windows\system32\GPhotos.scr
2013-03-14 21:34 . 2013-02-12 03:32	15872	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-03-03 13:54 . 2013-03-03 13:54	--------	d-----w-	c:\users\Roman\AppData\Roaming\PeerNetworking
2013-03-03 12:13 . 2013-03-03 12:13	--------	d-----w-	c:\program files\iPod
2013-03-03 12:13 . 2013-03-03 12:14	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-03 12:13 . 2013-03-03 12:14	--------	d-----w-	c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 15:56 . 2012-03-31 09:42	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-13 15:56 . 2011-06-26 12:23	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 04:48 . 2013-03-14 21:34	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 21:34	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-01-17 00:28 . 2011-06-26 01:14	232336	------w-	c:\windows\system32\MpSigStub.exe
2013-01-13 21:17 . 2013-02-27 20:02	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 20:02	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 20:02	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 20:02	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 20:02	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 20:02	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 20:02	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 20:02	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 20:02	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 20:02	1247744	----a-w-	c:\windows\system32\DWrite.dll
2013-01-13 20:30 . 2013-02-27 20:02	906240	----a-w-	c:\windows\system32\FntCache.dll
2013-01-13 20:22 . 2013-02-27 20:02	1988096	----a-w-	c:\windows\system32\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 20:02	293376	----a-w-	c:\windows\system32\dxgi.dll
2013-01-13 20:09 . 2013-02-27 20:02	249856	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 20:02	220160	----a-w-	c:\windows\system32\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 20:02	1504768	----a-w-	c:\windows\system32\d3d11.dll
2013-01-13 19:54 . 2013-02-27 20:02	604160	----a-w-	c:\windows\system32\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 20:02	207872	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 20:03	187392	----a-w-	c:\windows\system32\UIAnimation.dll
2013-01-13 19:48 . 2013-02-27 20:02	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 20:02	1080832	----a-w-	c:\windows\system32\d3d10.dll
2013-01-13 19:43 . 2013-02-27 20:02	1230336	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:37 . 2013-02-27 20:02	3419136	----a-w-	c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 20:02	417792	----a-w-	c:\windows\system32\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 20:02	364544	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 20:02	1158144	----a-w-	c:\windows\system32\XpsPrint.dll
2013-01-05 05:00 . 2013-02-24 23:04	3967848	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-24 23:04	3913064	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-01-04 06:11 . 2013-02-27 20:02	2284544	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-01-04 04:50 . 2013-02-24 23:03	169984	----a-w-	c:\windows\system32\winsrv.dll
2013-01-04 03:00 . 2013-02-24 23:04	2347008	----a-w-	c:\windows\system32\win32k.sys
2013-01-03 05:05 . 2013-02-24 23:04	1293672	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04 . 2013-02-24 23:04	187752	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-01 14:53 . 2011-06-26 12:19	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"="c:\program files\TrueCrypt\TrueCrypt.exe" [2011-06-26 1496528]
"Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2010-07-12 548864]
"ICQ"="c:\program files\ICQ7M\ICQ.exe" [2013-01-05 127040]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-25 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-25 151064]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-07-30 225280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-08-13 467036]
"UpdatePRCShortCut"="c:\program files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2012-10-04 1912832]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2010-03-09 614400]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 2453504]
"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-02 140640]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 5074384]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-08-08 08:58	136176	----atw-	c:\users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 11:35	152392	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2011-04-12 08:58	222776	----a-w-	c:\program files\Software602\Print2PDF\Print2PDF.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04	252848	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 DCamUSBET;ET USB 2760 Camera;c:\windows\system32\DRIVERS\etDevice.sys [x]
R3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenovn WSD pes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 xmengine service;CryptoPlus XME Engine Service;c:\windows\system32\xmesrv.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
.
.
--- Ostatn sluby/ovladae v pamti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
HPService	REG_MULTI_SZ   	HPSLPSVC
GPSvcGroup	REG_MULTI_SZ   	GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
.
Obsah adrese 'Naplnovan lohy'
.
2013-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 15:56]
.
2013-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2516512843-1580492656-1956549955-1000Core.job
- c:\users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-08 08:58]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2516512843-1580492656-1956549955-1000UA.job
- c:\users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-08 08:58]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all by FlashGet3 - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Make a Screenshot - c:\progra~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL/202
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Odeslat obrzek do zazen &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat strnku do zazen &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stahnou vse FlashGet3 - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Roman\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{84A11D82-2732-40ed-BF71-80F1FAF3807F} - {6BFA42E6-23F8-4ca7-A4E2-680EFB1F6DAE} - c:\progra~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL
Trusted Zone: business24.cz\www
Trusted Zone: servis24.cz\www
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ynsgvwjz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-02-28 21:07; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ynsgvwjz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: !HIDDEN! 2012-07-02 13:14; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-etMonitor - c:\windows\etMon.exe
.
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2516512843-1580492656-1956549955-1000\Software\Microsoft\Internet Explorer\MenuExt\O(u_f3*N}]
@="c:\\Users\\Roman\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-2516512843-1580492656-1956549955-1000\Software\Microsoft\Internet Explorer\MenuExt\O(u_f3*N}hQc]
@="c:\\Users\\Roman\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkov as: 2013-03-30  20:00:31
ComboFix-quarantined-files.txt  2013-03-30 19:00
.
Ped sputnm: Volnch bajt: 58852139008
Po sputn: Volnch bajt: 58669690880
.
- - End Of File - - 38ACBB250184ED558112FD09C97049A6
