ComboFix 11-09-09.01 - Concept Z 09.09.2011 10:11:49.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1254.90.1055.18.4094.1968 [GMT 3:00]
Running from: c:\users\Concept Z\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-08-09 to 2011-09-09 )))))))))))))))))))))))))))))))
.
.
2011-09-09 07:13 . 2011-09-09 07:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-07 13:06 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2011-09-07 13:06 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-09-07 13:06 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-09-07 13:06 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-09-07 13:04 . 2011-09-07 13:04 -------- d-----w- c:\program files\Common Files\ChaosGroup
2011-09-07 13:04 . 2011-09-07 13:04 -------- d-----w- c:\program files\Chaos Group
2011-09-07 11:48 . 2010-01-05 21:39 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-09-07 11:48 . 2009-12-03 14:27 74272 ----a-w- c:\windows\system32\RtNicprop64.DLL
2011-09-07 11:42 . 2011-09-07 11:42 -------- d-----w- C:\EXA
2011-09-07 11:26 . 2011-09-07 11:26 -------- d-----w- C:\extensions
2011-09-07 11:26 . 2011-09-07 11:26 -------- d-----w- c:\users\Public\Conduit
2011-09-07 11:26 . 2011-09-07 11:26 -------- d-----w- c:\program files (x86)\Conduit
2011-09-07 11:26 . 2011-09-07 11:26 -------- d-----w- c:\program files (x86)\uTorrent
2011-09-07 11:10 . 2011-09-07 11:10 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-09-07 11:10 . 2011-09-07 11:10 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-09-07 11:10 . 2011-09-07 11:10 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-09-07 11:06 . 2011-09-07 11:06 871408 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-09-07 11:03 . 2011-09-07 12:46 -------- d-----w- c:\programdata\Microsoft Help
2011-09-07 10:57 . 2011-09-07 10:58 -------- d-----w- c:\program files (x86)\AutoCAD 2008
2011-09-07 10:54 . 2011-09-07 10:57 -------- d-----w- c:\windows\system32\appmgmt
2011-09-07 10:24 . 2011-09-07 11:38 -------- d-----w- c:\programdata\FLEXnet
2011-09-07 09:48 . 2011-09-07 09:48 -------- d-----w- c:\windows\SysWow64\spool
2011-09-07 09:47 . 2011-09-07 12:24 -------- d-----w- c:\program files\Common Files\Adobe
2011-09-07 09:26 . 2011-09-07 12:24 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-09-07 09:20 . 2011-09-07 09:20 -------- d-----w- c:\program files\Turbo Squid Tentacles
2011-09-07 09:19 . 2011-09-07 09:19 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-09-07 09:19 . 2011-09-07 09:19 -------- d-----w- c:\program files\Autodesk
2011-09-07 09:18 . 2011-09-07 09:18 -------- d-----w- c:\windows\SysWow64\Macromed
2011-09-07 09:18 . 2011-09-07 09:18 -------- d-----w- c:\program files (x86)\Turbo Squid Tentacles
2011-09-07 09:18 . 2011-09-07 09:18 -------- d-----w- c:\program files (x86)\Microsoft WSE
2011-09-07 09:07 . 2011-09-07 09:07 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-07 09:06 . 2011-05-02 11:27 118104 ----a-w- c:\windows\system32\R4EEA64A.dll
2011-09-07 09:03 . 2011-09-07 09:03 -------- d-----w- c:\program files (x86)\Realtek
2011-09-07 09:00 . 2011-09-07 09:00 -------- d-----w- c:\program files\Realtek
2011-09-07 08:59 . 2011-09-07 09:07 -------- d--h--w- c:\program files (x86)\Temp
2011-09-07 08:59 . 2011-08-31 16:12 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-09-07 08:54 . 2011-09-07 08:02 -------- d-----w- c:\windows\Panther
2011-09-07 08:44 . 2011-09-07 08:44 -------- d-----w- c:\programdata\ATI
2011-09-07 08:43 . 2011-09-07 08:43 0 ----a-w- c:\windows\ativpsrm.bin
2011-09-07 08:42 . 2011-09-07 08:42 -------- d-----w- c:\program files (x86)\AMD APP
2011-09-07 08:42 . 2011-09-07 08:42 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-09-07 08:42 . 2011-09-07 08:42 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-09-07 08:41 . 2011-09-07 08:41 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-09-07 08:41 . 2011-09-07 12:46 -------- d-sh--w- c:\windows\Installer
2011-09-07 08:41 . 2011-09-07 08:41 -------- d-----w- c:\program files\ATI Technologies
2011-09-07 08:41 . 2011-09-07 08:41 -------- d-----w- c:\program files\ATI
2011-09-07 08:40 . 2011-09-07 08:40 -------- d-----w- C:\ATI
2011-09-07 08:29 . 2011-08-16 05:48 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E1ECC014-0E97-47D8-9FA5-1CD320DBFDD8}\mpengine.dll
2011-09-07 08:29 . 2011-05-24 16:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-09-07 08:26 . 2011-09-07 08:26 -------- d-----w- c:\programdata\PCPitstop
2011-09-07 08:26 . 2011-09-07 08:26 -------- d-----w- c:\program files (x86)\PCPitstop
2011-09-07 08:02 . 2011-09-07 08:02 -------- d-----w- c:\users\Concept Z
2011-09-07 08:02 . 2011-09-07 08:02 -------- d-----w- C:\Recovery
2011-09-07 08:02 . 2011-09-07 08:02 -------- d-sh--we c:\users\Default\Belgelerim
2011-09-07 08:02 . 2011-09-07 08:02 -------- d-sh--we c:\programdata\Sık Kullanılanlar
2011-09-07 08:02 . 2011-09-07 08:02 -------- d-sh--we c:\programdata\Belgeler
2011-08-24 17:19 . 2011-08-24 17:19 56320 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 17:18 . 2011-08-24 17:18 13601280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-08-24 17:17 . 2011-08-24 17:17 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-28 22:23 . 2011-07-28 22:23 9980416 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-28 22:09 . 2011-07-28 22:09 23921664 ----a-w- c:\windows\system32\atio6axx.dll
2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-07-28 21:39 . 2011-07-28 21:39 852992 ----a-w- c:\windows\system32\aticfx64.dll
2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-28 21:36 . 2011-07-28 21:36 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-28 21:35 . 2011-07-28 21:35 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-28 21:34 . 2011-07-28 21:34 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-07-28 21:34 . 2011-07-28 21:34 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-28 21:33 . 2011-07-28 21:33 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-28 21:33 . 2011-07-28 21:33 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-07-28 21:20 . 2011-07-28 21:20 4943360 ----a-w- c:\windows\system32\atidxx64.dll
2011-07-28 21:12 . 2011-07-28 21:12 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-07-28 21:11 . 2011-07-28 21:11 3871744 ----a-w- c:\windows\system32\atiumd6a.dll
2011-07-28 21:11 . 2011-07-28 21:11 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-07-28 21:11 . 2011-07-28 21:11 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-07-28 21:10 . 2011-07-28 21:10 9644544 ----a-w- c:\windows\system32\aticaldd64.dll
2011-07-28 21:09 . 2011-07-28 21:09 4256768 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-07-28 21:02 . 2011-07-28 21:02 5399040 ----a-w- c:\windows\system32\atiumd64.dll
2011-07-28 21:01 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-07-28 20:54 . 2011-07-28 20:54 378368 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-07-28 20:54 . 2011-07-28 20:54 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 309248 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-28 20:53 . 2011-07-28 20:53 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-28 20:53 . 2011-07-28 20:53 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-28 20:51 . 2011-07-28 20:51 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-07-28 20:51 . 2011-07-28 20:51 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-07-28 14:49 . 2011-07-28 14:49 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-28 14:48 . 2011-07-28 14:48 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 14:48 . 2011-07-28 14:48 16552960 ----a-w- c:\windows\system32\amdocl64.dll
2011-06-16 00:34 . 2011-06-16 00:34 79872 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-06-16 00:34 . 2011-06-16 00:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 00:34 . 2011-06-16 00:34 2117632 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-06-16 00:34 . 2011-06-16 00:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"ConduitHelper"="c:\users\Public\Conduit\ConduitHelper\ConduitHelper.exe" [2011-08-31 274216]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2009-06-26 85504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-09 65536]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Sürücüsü;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4222267233-96404632-3710641365-1000Core.job
- c:\users\Concept Z\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-07 08:24]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4222267233-96404632-3710641365-1000UA.job
- c:\users\Concept Z\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-07 08:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 195.175.39.40 195.175.39.39
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9b.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
.
**************************************************************************
.
Completion time: 2011-09-09 10:16:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-09 07:16
ComboFix2.txt 2011-09-09 06:47
.
Pre-Run: 130.890.215.424 bayt boş
Post-Run: 130.721.439.744 bayt boş
.
- - End Of File - - 8D10F2BB1B47228B435F0CCA02C349FD