ComboFix 13-04-18.02 - Burak 18.04.2013  16:21:51.3.8 - x64 
  Microsoft Windows 7 Home Premium   6.1.7601.1.1254.90.1055.18.8094.5906 [GMT 3:00] 
  Running from: c:\users\Burak\Downloads\Programs\ComboFix.exe 
  AV: Kaspersky Anti-Virus *Disabled/Outdated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} 
  AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} 
  SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} 
  SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} 
  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} 
  . 
  . 
  (((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  c:\users\Burak\AppData\Roaming\GetValue.vbs 
  c:\windows\SysWow64\404Fix.exe 
  c:\windows\SysWow64\Agent.OMZ.Fix.exe 
  c:\windows\SysWow64\dumphive.exe 
  c:\windows\SysWow64\IEDFix.C.exe 
  c:\windows\SysWow64\IEDFix.exe 
  c:\windows\SysWow64\o4Patch.exe 
  c:\windows\SysWow64\Process.exe 
  c:\windows\SysWow64\SrchSTS.exe 
  c:\windows\SysWow64\tmp.reg 
  c:\windows\SysWow64\VACFix.exe 
  c:\windows\SysWow64\VCCLSID.exe 
  c:\windows\SysWow64\WS2Fix.exe 
  . 
  . 
  (((((((((((((((((((((((((   Files Created from 2013-03-18 to 2013-04-18  ))))))))))))))))))))))))))))))) 
  . 
  . 
  2013-04-18 13:31 . 2013-04-18 13:31	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp 
  2013-04-18 13:31 . 2013-04-18 13:31	--------	d-----w-	c:\users\Default\AppData\Local\temp 
  2013-04-18 13:05 . 2013-04-18 13:05	--------	d-----w-	c:\windows\SysWow64\SmitfraudFix 
  2013-04-18 11:23 . 2013-04-18 13:07	35	----a-w-	c:\users\Burak\AppData\Roaming\SetValue.bat 
  2013-04-17 15:21 . 2012-07-11 14:09	64856	----a-w-	c:\windows\system32\klfphc.dll 
  2013-04-17 15:20 . 2013-04-17 15:20	--------	d-----w-	c:\windows\ELAMBKUP 
  2013-04-17 15:20 . 2013-04-18 13:11	--------	d-----w-	c:\programdata\Kaspersky Lab 
  2013-04-17 15:20 . 2013-04-17 15:20	--------	d-----w-	c:\program files (x86)\Kaspersky Lab 
  2013-04-17 15:20 . 2012-08-13 15:24	89432	----a-w-	c:\windows\system32\drivers\klflt.sys 
  2013-04-17 15:20 . 2012-08-13 15:24	611160	----a-w-	c:\windows\system32\drivers\klif.sys 
  2013-04-16 18:42 . 2013-04-16 18:42	--------	d-----w-	c:\program files (x86)\Password Protection Manager 
  2013-04-16 09:22 . 2013-04-16 09:22	68672	----a-w-	c:\windows\system32\TurboShell_105.dll 
  2013-04-16 09:22 . 2013-04-16 09:22	32320	----a-w-	c:\windows\system32\drivers\FNETTBOH_305.SYS 
  2013-04-16 09:22 . 2013-04-16 09:22	--------	d-----w-	c:\users\Burak\AppData\Roaming\FNET 
  2013-04-16 09:22 . 2013-04-16 09:22	--------	d-----w-	c:\programdata\FNET 
  2013-04-16 09:22 . 2013-04-16 09:22	16648	----a-w-	c:\windows\system32\drivers\FNETURPX.SYS 
  2013-04-16 09:21 . 2013-04-16 09:22	--------	d-----w-	c:\program files (x86)\Data Transfer Accelerator 
  2013-04-15 11:54 . 2013-04-15 11:54	--------	d-----w-	c:\users\Burak\AppData\Roaming\Malwarebytes 
  2013-04-15 11:54 . 2013-04-15 11:54	--------	d-----w-	c:\programdata\Malwarebytes 
  2013-04-15 09:28 . 2013-04-15 09:28	--------	d-----w-	c:\users\Burak\AppData\Local\ElevatedDiagnostics 
  2013-04-15 09:19 . 2013-03-19 02:50	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D6416-AD44-4F45-8E90-F55565BCA5B2}\mpengine.dll 
  2013-04-04 09:10 . 2012-07-12 01:18	100728	----a-w-	c:\windows\system32\drivers\NEOFLTR_720_21397.SYS 
  2013-04-04 09:10 . 2013-04-04 09:10	--------	d-----w-	c:\program files (x86)\Juniper Networks 
  2013-04-04 09:09 . 2013-04-04 09:10	--------	d-----w-	c:\users\Burak\AppData\Roaming\Juniper Networks 
  2013-04-04 09:09 . 2013-04-04 09:09	--------	d-----w-	c:\users\Burak\AppData\Local\Juniper Networks 
  2013-04-04 09:04 . 2013-03-19 02:50	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 
  2013-04-04 07:48 . 2012-11-29 14:42	972264	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{84AB78DE-1606-4EF4-B036-AF099E3A9890}\gapaengine.dll 
  2013-04-02 14:09 . 2013-04-02 14:09	4550656	----a-w-	c:\windows\SysWow64\GPhotos.scr 
  2013-03-25 13:56 . 2002-07-17 15:23	45056	----a-w-	c:\windows\SysWow64\WNASPI32.DLL 
  2013-03-25 13:56 . 2002-07-17 15:20	84832	----a-w-	c:\windows\SysWow64\drivers\ASPI32.SYS 
  2013-03-25 13:47 . 2013-03-25 13:47	--------	d-----w-	c:\users\Burak\AppData\Roaming\Free MP3 WMA OGG Converter 
  2013-03-25 13:46 . 2013-03-25 13:55	--------	d-----w-	c:\program files (x86)\Free MP3 WMA OGG Converter 
  2013-03-24 19:06 . 2013-03-24 19:06	--------	d-----w-	c:\users\Burak\AppData\Roaming\ImTOO Software Studio 
  2013-03-24 19:05 . 2013-03-24 19:09	--------	d-----w-	c:\program files (x86)\ImTOO 
  2013-03-22 16:47 . 2013-03-22 16:47	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll 
  2013-03-21 22:59 . 2013-03-21 22:59	--------	d-----w-	c:\users\Burak\AppData\Local\FLT 
  2013-03-21 16:32 . 2013-03-21 16:40	--------	d-----w-	c:\program files (x86)\F1 2012 
  2013-03-20 16:19 . 2013-03-21 16:31	--------	d-----w-	c:\users\Burak\Games 
  2013-03-20 16:03 . 2013-03-20 16:03	--------	d-----w-	c:\users\Burak\AppData\Roaming\{869EE0AC-9F81-4D49-81EA-C21890B3CCC9} 
  2013-03-20 16:03 . 2013-03-20 16:03	--------	d-----w-	c:\users\Burak\AppData\Roaming\{74865409-33C7-4D66-B1BE-5AF1BAA53947} 
  . 
  . 
  . 
  ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  2013-03-18 22:05 . 2013-03-18 22:05	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll 
  2013-03-18 22:05 . 2012-09-12 10:00	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll 
  2013-03-18 16:51 . 2013-03-16 10:44	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll 
  2013-03-18 16:51 . 2013-03-16 10:44	122904	----a-w-	c:\windows\system32\OpenAL32.dll 
  2013-03-18 16:51 . 2013-03-16 10:44	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll 
  2013-03-18 16:51 . 2012-10-25 05:45	466456	----a-w-	c:\windows\system32\wrap_oal.dll 
  2013-03-16 08:44 . 2012-09-04 21:01	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe 
  2013-03-16 08:43 . 2012-09-04 21:01	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl 
  2013-03-12 20:33 . 2012-12-07 14:53	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr 
  2013-03-12 20:33 . 2012-10-28 09:25	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.exe 
  2013-03-11 22:39 . 2012-10-28 09:25	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0 
  2013-02-13 21:30 . 2012-09-04 20:56	70004024	----a-w-	c:\windows\system32\MRT.exe 
  2013-02-10 03:25 . 2013-02-22 19:26	9422672	----a-w-	c:\windows\system32\nvcuda.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	7964680	----a-w-	c:\windows\SysWow64\nvcuda.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	7569184	----a-w-	c:\windows\system32\nvopencl.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	6267240	----a-w-	c:\windows\SysWow64\nvopencl.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	420128	----a-w-	c:\windows\system32\nvEncodeAPI64.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	364832	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	30496	----a-w-	c:\windows\system32\drivers\nvpciflt.sys 
  2013-02-10 03:25 . 2013-02-22 19:26	2911008	----a-w-	c:\windows\system32\nvcuvid.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	2726176	----a-w-	c:\windows\SysWow64\nvcuvid.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	26947360	----a-w-	c:\windows\system32\nvoglv64.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	2350368	----a-w-	c:\windows\system32\nvcuvenc.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	20534560	----a-w-	c:\windows\SysWow64\nvoglv32.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	1990944	----a-w-	c:\windows\SysWow64\nvcuvenc.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	1807136	----a-w-	c:\windows\system32\nvdispco6420294.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	15275744	----a-w-	c:\windows\system32\nvwgf2umx.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	1510176	----a-w-	c:\windows\system32\nvdispgenco6420162.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	12862400	----a-w-	c:\windows\SysWow64\nvwgf2um.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	11040544	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys 
  2013-02-10 03:25 . 2013-02-22 19:26	2528840	----a-w-	c:\windows\SysWow64\nvapi.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	25256736	----a-w-	c:\windows\system32\nvcompiler.dll 
  2013-02-10 03:25 . 2013-02-22 19:26	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll 
  2013-02-10 03:25 . 2012-09-05 14:01	963776	----a-w-	c:\windows\SysWow64\nvumdshim.dll 
  2013-02-10 03:25 . 2012-09-05 14:01	17987192	----a-w-	c:\windows\system32\nvd3dumx.dll 
  2013-02-10 03:25 . 2012-09-05 14:01	15038296	----a-w-	c:\windows\SysWow64\nvd3dum.dll 
  2013-02-10 03:25 . 2012-06-26 01:57	2854344	----a-w-	c:\windows\system32\nvapi64.dll 
  2013-02-10 03:25 . 2012-06-26 01:57	250504	----a-w-	c:\windows\system32\nvinitx.dll 
  2013-02-10 03:25 . 2012-06-26 01:57	205184	----a-w-	c:\windows\SysWow64\nvinit.dll 
  2013-02-10 03:25 . 2012-06-26 01:57	1114144	----a-w-	c:\windows\system32\nvumdshimx.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	6393120	----a-w-	c:\windows\system32\nvcpl.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	3472672	----a-w-	c:\windows\system32\nvsvc64.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	877856	----a-w-	c:\windows\system32\nvvsvc.exe 
  2013-02-10 01:04 . 2012-06-26 01:57	76064	----a-w-	c:\windows\system32\nv3dappshextr.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	63776	----a-w-	c:\windows\system32\nvshext.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	564000	----a-w-	c:\windows\SysWow64\oemdspif.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	2555680	----a-w-	c:\windows\system32\nvsvcr.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	237856	----a-w-	c:\windows\system32\nvmctray.dll 
  2013-02-10 01:04 . 2012-06-26 01:57	1012000	----a-w-	c:\windows\system32\nv3dappshext.dll 
  2013-02-09 13:25 . 2012-06-26 01:57	3035306	----a-w-	c:\windows\system32\nvcoproc.bin 
  2013-02-05 23:04 . 2013-02-05 23:04	42184	----a-w-	c:\windows\system32\drivers\hssdrv6.sys 
  2013-01-30 10:53 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe 
  2013-01-20 13:59 . 2013-01-20 13:59	230320	----a-w-	c:\windows\system32\drivers\MpFilter.sys 
  2013-01-20 13:59 . 2012-03-20 17:44	130008	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys 
  . 
  . 
  (((((((((((((((((((((((((((((((((((((   Reg Loading Points   )))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  *Note* empty entries & legit default entries are not shown  
  REGEDIT4 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 
  2013-01-30 17:30	233288	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] 
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	129272	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] 
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	129272	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] 
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	129272	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll 
  . 
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-26 39408] 
  "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-08-30 3519936] 
  "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-17 802136] 
  "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744] 
  "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104] 
  "KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-12-18 578560] 
  "Facebook Update"="c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-24 138096] 
  "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] 
  "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 
  "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608] 
  "LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776] 
  "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440] 
  "331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864] 
  "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] 
  "Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272] 
  "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488] 
  "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448] 
  "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504] 
  "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-06-26 329056] 
  "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] 
  "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824] 
  "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280] 
  "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] 
  "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776] 
  "Data Transfer Accelerator"="c:\program files (x86)\Data Transfer Accelerator\Data Transfer Accelerator.exe" [2013-04-16 5166856] 
  "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-08-17 218880] 
  . 
  c:\users\Burak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ 
  Dropbox.lnk - c:\users\Burak\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336] 
  . 
  c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ 
  Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-2 1380128] 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] 
  "ConsentPromptBehaviorAdmin"= 5 (0x5) 
  "ConsentPromptBehaviorUser"= 3 (0x3) 
  "EnableUIADesktopToggle"= 0 (0x0) 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] 
  "LoadAppInit_DLLs"=1 (0x1) 
  "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] 
  "mixer4"=wdmaud.drv 
  . 
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] 
  Notification Packages	REG_MULTI_SZ   	scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] 
  @="" 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] 
  @="Service" 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] 
  "DisableMonitoring"=dword:00000001 
  . 
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] 
  R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160] 
  R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] 
  R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584] 
  R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x] 
  R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368] 
  R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2013-04-16 32320] 
  R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200] 
  R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168] 
  R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104] 
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] 
  R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] 
  R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736] 
  R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840] 
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] 
  S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496] 
  S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152] 
  S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-06-26 39008] 
  S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160] 
  S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496] 
  S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2013-04-16 16648] 
  S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-02-05 42184] 
  S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920] 
  S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504] 
  S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104] 
  S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008] 
  S1 NEOFLTR_720_21397;Juniper Networks TDI Filter Driver (NEOFLTR_720_21397);c:\windows\system32\Drivers\NEOFLTR_720_21397.SYS [2012-07-12 100728] 
  S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488] 
  S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968] 
  S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952] 
  S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] 
  S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-02-08 536360] 
  S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2013-02-08 389928] 
  S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592] 
  S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-08-02 158944] 
  S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448] 
  S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560] 
  S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] 
  S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] 
  S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800] 
  S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704] 
  S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-06-26 30816] 
  S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584] 
  S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696] 
  S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976] 
  S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976] 
  S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088] 
  S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 283200] 
  S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056] 
  S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264] 
  S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120] 
  S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760] 
  S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496] 
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656] 
  S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-05-25 29016] 
  S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-07-25 29016] 
  S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216] 
  S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056] 
  S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128] 
  S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-09-11 121416] 
  S3 NisSrv;Microsoft Ağ İnceleme;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] 
  S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] 
  S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] 
  S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] 
  S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] 
  S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] 
  S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-01-03 42328] 
  S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832] 
  . 
  . 
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 
  2013-04-15 09:27	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe 
  . 
  Contents of the 'Scheduled Tasks' folder 
  . 
  2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job 
  - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-04 08:44] 
  . 
  2013-04-18 c:\windows\Tasks\AutoKMS.job 
  - c:\windows\AutoKMS\AutoKMS.exe [2012-12-12 14:28] 
  . 
  2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1170093808-3577676598-1004938600-1002Core.job 
  - c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 21:37] 
  . 
  2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1170093808-3577676598-1004938600-1002UA.job 
  - c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 21:37] 
  . 
  2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job 
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 02:22] 
  . 
  2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job 
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 02:22] 
  . 
  . 
  --------- X64 Entries ----------- 
  . 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] 
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	162552	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] 
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	162552	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] 
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	162552	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] 
  @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" 
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 
  2012-11-13 23:32	162552	----a-w-	c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] 
  @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" 
  [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 
  2012-02-08 00:49	23432	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc] 
  @="{771C7324-DA80-49D3-8017-753B0AF60951}" 
  [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}] 
  2012-06-26 02:21	1508192	----a-w-	c:\windows\System32\IcnOvrly.dll 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] 
  "SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU] 
  "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400] 
  "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712] 
  "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-06-26 789856] 
  "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] 
  "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-26 8079408] 
  "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-26 6200368] 
  "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] 
  "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] 
  "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] 
  "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] 
  "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368] 
  "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
  "AppInit_DLLs"=c:\windows\System32\nvinitx.dll 
  . 
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService 
  FontCache 
  . 
  ------- Supplementary Scan ------- 
  . 
  uStart Page = hxxp://www.google.com.tr/ 
  uLocal Page = c:\windows\system32\blank.htm 
  uDefault_Search_URL = hxxp://www.google.com/ie 
  mStart Page = hxxp://lenovo.msn.com 
  mLocal Page = c:\windows\SysWOW64\blank.htm 
  uInternet Settings,ProxyOverride = *.local 
  uSearchAssistant = hxxp://www.google.com/ie 
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s 
  IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 
  IE: Bütün linkleri IDM ile indir - c:\program files (x86)\Internet Download Manager\IEGetAll.htm 
  IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html 
  IE: IDM ile indir - c:\program files (x86)\Internet Download Manager\IEExt.htm 
  IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 
  IE: OneNote'a G&önder - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 
  TCP: DhcpNameServer = 192.168.1.1 
  TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}: NameServer = 8.8.4.4,8.8.8.8 
  TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\14E64627F6964624572716B6: NameServer = 8.8.4.4,8.8.8.8 
  TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\944424: NameServer = 8.8.4.4,8.8.8.8 
  TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\A5978554C4: NameServer = 8.8.4.4,8.8.8.8 
  TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\C696E6B6379737: NameServer = 8.8.4.4,8.8.8.8 
  FF - ProfilePath - c:\users\Burak\AppData\Roaming\Mozilla\Firefox\Profiles\2hnkzcbe.default\ 
  FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/ 
  FF - user.js: network.cookie.cookieBehavior - 0 
  FF - user.js: privacy.clearOnShutdown.cookies - false 
  FF - user.js: security.warn_viewing_mixed - false 
  FF - user.js: security.warn_viewing_mixed.show_once - false 
  FF - user.js: security.warn_submit_insecure - false 
  FF - user.js: security.warn_submit_insecure.show_once - false 
  . 
  - - - - ORPHANS REMOVED - - - - 
  . 
  Toolbar-Locked - (no file) 
  AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe 
  . 
  . 
  . 
  --------------------- LOCKED REGISTRY KEYS --------------------- 
  . 
  [HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002\Software\SecuROM\License information*] 
  "datasecu"=hex:07,56,77,1c,7c,d5,bc,9a,89,04,b6,7c,eb,41,90,09,d4,22,da,81,3a, 
     a6,72,61,8d,9a,e2,e5,ac,2b,68,d6,16,e8,2f,f4,d7,62,15,a7,3d,52,4e,26,a8,b7,\ 
  "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb 
  . 
  [HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] 
  @Denied: (Full) (Everyone) 
  "scansk"=hex(0):04,e5,92,81,88,ef,ce,d4,4d,ff,b2,53,f6,89,45,4f,3d,42,4d,99,3f, 
     52,42,05,b3,64,f8,23,bd,f9,b0,b1,d4,6b,c3,eb,ca,c4,8d,67,00,00,00,00,00,00,\ 
  . 
  [HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002_Classes\Wow6432Node\CLSID\{cec0ca84-f804-414f-8e0d-6a3a77b48da9}] 
  @Denied: (Full) (Everyone) 
  @Allowed: (Read) (RestrictedCode) 
  "Model"=dword:00000040 
  "Therad"=dword:00000002 
  "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 
     1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="FlashBroker" 
  "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] 
  "Enabled"=dword:00000001 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] 
  @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="IFlashBroker5" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] 
  @="{00020424-0000-0000-C000-000000000046}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  "Version"="1.0" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="FlashBroker" 
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] 
  "Enabled"=dword:00000001 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] 
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] 
  @Denied: (A 2) (Everyone) 
  @="Shockwave Flash Object" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] 
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" 
  "ThreadingModel"="Apartment" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] 
  @="0" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] 
  @="ShockwaveFlash.ShockwaveFlash.11" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] 
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] 
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] 
  @="1.0" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] 
  @="ShockwaveFlash.ShockwaveFlash" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] 
  @Denied: (A 2) (Everyone) 
  @="Macromedia Flash Factory Object" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] 
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" 
  "ThreadingModel"="Apartment" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] 
  @="FlashFactory.FlashFactory.1" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] 
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] 
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] 
  @="1.0" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] 
  @="FlashFactory.FlashFactory" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="IFlashBroker5" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] 
  @="{00020424-0000-0000-C000-000000000046}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  "Version"="1.0" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] 
  @Denied: (A) (Everyone) 
  "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] 
  @Denied: (A) (Everyone) 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] 
  "Key"="ActionsPane3" 
  "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] 
  @Denied: (Full) (Everyone) 
  . 
  Completion time: 2013-04-18  16:33:41 
  ComboFix-quarantined-files.txt  2013-04-18 13:33 
  ComboFix2.txt  2013-04-17 16:57 
  ComboFix3.txt  2013-04-17 16:13 
  . 
  Pre-Run: 241.259.507.712 bayt boş 
  Post-Run: 240.938.700.800 bayt boş 
  . 
  - - End Of File - - 1381780CB7D77141FEA8535B0FD82EA4