FRST log :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-07-2013 01 (ATTENTION: FRST version is 10 days old)
Ran by Sony (administrator) on 05-08-2013 04:14:04
Running from C:\Users\Sony\Desktop\New Folder\tech support
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Smadsoft) C:\Program Files\Smadav\SMΔRTP.exe
(Somoto) C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
() C:\Windows\system32\PSIService.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2285232 2013-08-02] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [SMΔRT-Protection] - C:\Program Files\Smadav\SMΔRTP.exe [1568768 2013-07-25] (Smadsoft)
HKCU\...\Run: [SDP] - C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2013-07-22] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2013-07-22] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_06682830.lnk
ShortcutTarget: _uninst_06682830.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_06682830.bat ()
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_51412271.lnk
ShortcutTarget: _uninst_51412271.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_51412271.bat ()
BootExecute: autocheck autochk * SsiEfr.exeC:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
ProxyServer: cache.itb.ac.id:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://rover.ebay.com/rover/1/711-52013-16445-0/4
http://www.learningcenter.sony.us/assets/itpd/notebooks/promos/software_offers/index.html
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL =
http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKLM - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL =
http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL =
http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU -No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 50.23.239.24 208.67.222.222
FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default
FF Homepage: hxxp://
www.google.com/
FF NetworkProxy: "ftp", "cache.itb.ac.id"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "cache.itb.ac.id"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "cache.itb.ac.id"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1,localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "cache.itb.ac.id"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "cache.itb.ac.id"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\
speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: testpilot - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default\Extensions\
testpilot@labs.mozilla.com.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF HKLM\...\Firefox\Extensions: [
speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\
speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\
speedanalysis@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [
speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\
speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\
speedanalysis@SpeedAnalysis.com
Chrome:
=======
CHR RestoreOnStartup: "sync":{"suppress_start":true},"sync_promo":{"startup_count"
CHR HKLM\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Sony\AppData\Roaming\SpeedanAlysis\speedanalysis.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx
========================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-07-22] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2013-07-22] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-06] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2013-07-22] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2818048 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-29] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-08-02] (AVG Secure Search)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-29] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-29] (Sony Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]
S3 VAIOMediaPlatform-UCLS-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [x]
==================== Drivers (Whitelisted) ====================
R0 06682830; C:\Windows\System32\DRIVERS\06682830.sys [133208 2013-07-22] (Kaspersky Lab ZAO)
R0 65401722; C:\Windows\System32\DRIVERS\65401722.sys [133208 2013-07-04] (Kaspersky Lab ZAO)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-02] (AVG Technologies)
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [26504 2009-05-17] ()
S3 SWNC8U56; C:\Windows\System32\DRIVERS\swnc8u56.sys [177536 2009-01-22] (Sierra Wireless Inc.)
S3 SWUMX56; C:\Windows\System32\DRIVERS\swumx56.sys [145280 2009-01-09] (Sierra Wireless Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments)
S3 catchme; \??\C:\Users\Sony\AppData\Local\Temp\catchme.sys [x]
U3 Eap94xvt; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCTINDIS5; \??\C:\Windows\system32\PCTINDIS5.SYS [x]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [x]
==================== NetSvcs (Whitelisted) ===================
NETSVC: ewuyqixb -> No Registry Path.
NETSVC: esakzap -> No Registry Path.
==================== One Month Created Files and Folders ========
2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-07-30 14:56 - 2013-07-31 15:54 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-27 12:57 - 2013-07-27 13:04 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 00:47 - 2013-07-27 00:48 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-23 14:13 - 2013-07-22 16:15 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-22 14:19 - 2013-07-04 10:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\65401722.sys
2013-07-19 16:38 - 2013-07-19 17:11 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 09:36 - 2013-07-19 10:12 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-16 16:04 - 2013-05-09 10:54 - 00024384 _____ (Softland) C:\Windows\system32\dopdfmn7.dll
2013-07-16 16:04 - 2013-05-09 10:54 - 00021312 _____ (Softland) C:\Windows\system32\dopdfmi7.dll
2013-07-16 16:04 - 2010-11-25 11:41 - 00007549 _____ C:\Windows\system32\dopdf7.ctm
2013-07-09 12:14 - 2013-07-23 14:09 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-09 12:11 - 2013-07-23 14:10 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-07 10:39 - 2013-07-07 11:03 - 00000000 ___SD C:\32788R22FWJFW
==================== One Month Modified Files and Folders =======
2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-05 04:11 - 2006-11-02 20:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 04:11 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 04:11 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 04:08 - 2008-12-01 18:43 - 00806354 _____ C:\Windows\WindowsUpdate.log
2013-08-05 04:08 - 2006-11-02 20:01 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-05 03:56 - 2008-12-01 16:27 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-08-05 03:56 - 2006-11-02 17:33 - 00694964 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 03:45 - 2013-05-20 17:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 01:10 - 2012-04-05 00:40 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-08-04 15:47 - 2012-04-08 16:09 - 00000000 ____D C:\Users\Sony\AppData\Roaming\foobar2000
2013-08-04 15:10 - 2008-12-01 15:41 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Adobe
2013-08-04 15:10 - 2008-02-17 04:10 - 00000000 ____D C:\ProgramData\Adobe
2013-08-04 14:00 - 2012-10-31 13:51 - 00000000 ____D C:\Users\Sony\Documents\My Scans
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-08-02 23:02 - 2009-05-03 21:46 - 00136548 _____ C:\Windows\PFRO.log
2013-08-02 17:16 - 2012-04-08 05:07 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-08-02 17:16 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-08-01 12:55 - 2013-04-18 05:34 - 00000000 ____D C:\IPOT
2013-08-01 12:54 - 2008-12-01 15:38 - 00000000 ___RD C:\Users\Sony\Desktop
2013-08-01 03:22 - 2013-07-01 14:44 - 00000000 ____D C:\Users\Sony\AppData\Roaming\DMCache
2013-07-31 15:54 - 2013-07-30 14:56 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-31 15:09 - 2013-05-06 17:58 - 00005032 _____ C:\Windows\setupact.log
2013-07-27 13:04 - 2013-07-27 12:57 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 11:26 - 2013-04-19 17:47 - 00000000 ____D C:\[Smad-Cage]
2013-07-27 00:48 - 2013-07-27 00:47 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-27 00:44 - 2006-11-02 18:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-27 00:37 - 2013-04-14 15:45 - 00000000 ____D C:\Users\Sony\Desktop\Thesis b Juni
2013-07-25 02:37 - 2013-04-19 17:48 - 00000000 ____D C:\Program Files\Smadav
2013-07-24 12:21 - 2012-04-06 05:53 - 00000000 ____D C:\Users\Sony\Desktop\Pengangkatan cutting Tompaso
2013-07-23 14:10 - 2013-07-09 12:11 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-23 14:09 - 2013-07-09 12:14 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-07-22 16:15 - 2013-07-23 14:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-22 15:53 - 2008-01-21 09:25 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2013-07-22 15:53 - 2008-01-21 09:24 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-22 15:53 - 2008-01-21 09:23 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00014848 _____ (Microsoft Corporation) C:\Windows\hh.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00009216 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2013-07-22 14:53 - 2013-04-04 23:30 - 00000000 ____D C:\Program Files\foobar2000
2013-07-22 14:52 - 2013-06-25 19:06 - 00000000 ____D C:\Program Files\DigXY
2013-07-22 14:52 - 2013-04-04 23:20 - 00000000 ____D C:\Program Files\Kamus2
2013-07-22 14:52 - 2008-12-01 16:26 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 14:52 - 2008-12-01 16:25 - 00000000 ____D C:\Program Files\Winamp
2013-07-22 14:52 - 2008-01-21 09:25 - 00382976 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-22 14:52 - 2008-01-21 09:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 02091520 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-07-22 14:52 - 2006-11-02 19:35 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2013-07-22 14:52 - 2006-11-02 15:55 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2013-07-22 14:52 - 2006-11-02 15:48 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\verclsid.exe
2013-07-22 14:52 - 2006-11-02 15:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\sc.exe
2013-07-22 14:52 - 2006-11-02 14:12 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2013-07-22 14:28 - 2008-02-17 03:08 - 00386560 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.exe
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-19 17:11 - 2013-07-19 16:38 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 16:38 - 2008-12-01 15:38 - 00000000 ____D C:\Users\Sony
2013-07-19 10:12 - 2013-07-19 09:36 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-11 21:53 - 2013-05-01 00:54 - 00000000 ____D C:\Program Files\Opera
2013-07-11 11:37 - 2008-12-01 18:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 12:45 - 2013-04-04 23:28 - 00000000 ____D C:\Users\Sony\Desktop\icon
2013-07-07 11:03 - 2013-07-07 10:39 - 00000000 ___SD C:\32788R22FWJFW
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 2936320 ____A (Microsoft Corporation) 0FD467727F18AB4952FB5153F9070802
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 0034304 ____A (Microsoft Corporation) F19FAE3A056BC242AB2E203ECC1A8951
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-05 03:55
==================== End Of Log ============================