Solved Sirefef.AI and Sirefef.AE warnings keep popping and ESET cannot delete Patched.B.Gen Trojan

Q

quixx

Posts: 24   +0
I have exactly the same problem as mentioned on https://www.techspot.com/community/topics/sirefef-ai-and-ae-and-patched-b-gen-trojans.182121/, I don't know whether it was a coincidence but infection happened during installation or download of an adobe flash player update. When Eset began to popup virus alerts I cancelled the adobe update process , cause I thought the update might be a fraud.

Now , Sirefef.AI and Sirefef.AE keep popping up with ESET Nod; Patched.B.Gen Trojan keeps being alerted to me by ESET and it fails to delete the trojan. ESET spots C:\Windows\System32\services.exe as threatening object for patched.b.gen.

I am running a Windows 7 64bit , .. Since on the forum page mentioned above (https://www.techspot.com/community/topics/sirefef-ai-and-ae-and-patched-b-gen-trojans.182121/ ) there was a warning as "This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system" I hesitate to clear it myself and requesting help. The removal process on that case was pretty long and sophisticated, I was wondering whether a shortcut is available. Thanks in advance.
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

========================================================

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
I downloaded FRST64.exe and saved to usb flash stick. started , got into system recovery. etc. but ı could not launch frst64.exe
In the command prompt the directory was already set as X:\Windows\system32 .. I opened notepad and checked the drive letter .. it was H: . I typed h:\frst64.exe ... which led to an error as : h is not recognized as an internal or external command.


 
At X:\Windows\system32 prompt type:
h:
Press Enter.
Does the command prompt change to:
h:\
 
Same error returned . ..
I also tried to change directory to other drives (C or D) but it does not work. it is stuck to virtual drive X (rescue boot drive ) .
 
Command prompt was stuck to X: driver, may be it was some special settings by VAIO or I don't know. Than, I took risk and tried something different without asking you:
-Using the notepad's file browser I copied FRST64.exe to X: driver root.
-typed "cd.." ENTER and did this 2 times untill X:\Windows\system32> was set to X: root.
- Typed FRST64 as X:\>FRST64 then BINGO here is the log below.

Scan result of Farbar Recovery Scan Tool Version: 25-06-2012
Ran by SYSTEM at 28-06-2012 23:37:25
Running from X:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16395880 2009-11-02] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9636896 2009-12-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-11-02] (Synaptics Incorporated)
HKLM\...\Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup [84744 2009-07-20] (UPEK Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [171520 2010-01-19] (Sun Microsystems, Inc.)
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [2716216 2009-11-16] (ESET)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [166424 2010-05-01] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [390680 2010-05-01] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [410136 2010-05-01] (Intel Corporation)
HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [9569096 2012-03-11] (COMODO)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2010-01-19] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [M-Audio Taskbar Icon] C:\Windows\system32\MAFWTray.exe [x]
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [37888 2010-01-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent [2327552 2009-04-20] (Vodafone)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [213304 2011-11-23] (COMODO)
HKLM-x32\...\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [184120 2011-11-23] (COMODO)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\SONY\...\Run: [ABBYY Screenshot Reader Bonus] [x]
HKU\SONY\...\Run: [im4igtyxv3] C:\Users\SONY\im4igtyxv3.exe [x]
HKU\yasemin\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-01-19] (Google Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
AppInit_DLLs: C:\Windows\system32\guard64.dll
Tcpip\..\Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}: [NameServer]216.52.1.33,24.143.246.29
Lsa: [Notification Packages] scecli
C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\PDFCreator.lnk
ShortcutTarget: PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.exe (pdfforge http://www.pdfforge.org/)

==================== Services (Whitelisted) ======

2 ABBYY.Licensing.PDFTransformer.Classic.3.0; "C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe" -service [759048 2009-05-14] (ABBYY)
3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
2 BcmSqlStartupSvc; "C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [30312 2009-02-20] (Microsoft Corporation)
2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1267000 2011-11-23] (COMODO)
2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [2815496 2012-03-11] (COMODO)
3 EhttpSrv; "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe" [23296 2009-11-16] (ESET)
2 ekrn; "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" [735960 2009-11-16] (ESET)
3 MSSQL$MSSMLBIZ; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [29293408 2010-12-10] (Microsoft Corporation)
4 MSSQLServerADHelper; "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [44384 2010-12-10] (Microsoft Corporation)
2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH)
2 QDLService2kSony; "C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe" [330488 2009-12-03] (QUALCOMM, Inc.)
3 Roxio UPnP Renderer 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [313840 2009-08-31] (Sonic Solutions)
2 Roxio Upnp Server 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" [362992 2009-08-31] (Sonic Solutions)
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" [259192 2011-01-29] (Sony Corporation)
2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2314240 2009-10-01] (Intel Corporation)
2 VAIO Event Service; "C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe" [205168 2010-05-28] (Sony Corporation)
3 VAIO Power Management; "C:\Program Files\Sony\VAIO Power Management\SPMService.exe" [571248 2009-11-30] (Sony Corporation)
3 VCService; "C:\Program Files\Sony\VAIO Care\VCService.exe" [44736 2011-02-14] (Sony Corporation)
2 VMCService; "C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" [9216 2009-04-20] (Vodafone)
2 VSNService; "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" [845312 2010-08-11] (Sony Corporation)
3 VUAgent; "C:\Program Files\Sony\VAIO Update Common\VUAgent.exe" [1256040 2012-01-13] (Sony Corporation)

========================== Drivers (Whitelisted) =============

3 bbcap; C:\Windows\System32\Drivers\bbcap.sys [4608 2010-08-10] (Windows (R) Codename Longhorn DDK provider)
1 cmderd; C:\Windows\System32\Drivers\cmderd.sys [22696 2012-03-11] (COMODO)
1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [577824 2012-03-11] (COMODO)
2 eamon; C:\Windows\System32\Drivers\eamon.sys [145336 2009-11-16] (ESET)
1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [136584 2009-11-16] (ESET)
2 epfwwfpr; C:\Windows\System32\Drivers\epfwwfpr.sys [123200 2009-12-18] (ESET)
3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2011-08-17] (Eugene V. Muzychenko)
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116864 2009-04-09] (Huawei Technologies Co., Ltd.)
3 MAFW; C:\Windows\System32\Drivers\MAFW.sys [231944 2009-07-29] (Avid Technology, Inc.)
3 qcfilterSny2k; C:\Windows\System32\Drivers\qcfilterSny2k.sys [6400 2009-12-03] (QUALCOMM Incorporated)
3 qcusbnetsny2k; C:\Windows\System32\Drivers\qcusbnetsny2k.sys [240640 2009-12-03] (QUALCOMM Incorporated)
3 qcusbsersny2k; C:\Windows\System32\Drivers\qcusbsersny2k.sys [121216 2009-12-03] (QUALCOMM Incorporated)
2 rimspci; C:\Windows\system32\drivers\rimssne64.sys [93696 2009-10-29] (REDC)
2 risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [76800 2009-10-29] (REDC)
0 shpf; C:\Windows\System32\Drivers\shpf.sys [25120 2009-05-28] (Sony Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-22] (Duplex Secure Ltd.)
3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Nokia)
3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-28 23:37 - 2012-06-28 23:37 - 00000000 ____D C:\FRST
2012-06-27 10:13 - 2012-06-27 10:13 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-27 10:13 - 2012-05-04 16:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-26 21:51 - 2012-06-26 21:51 - 00000000 ____D C:\Users\SONY\AppData\Local\COMODO
2012-06-26 21:38 - 2012-06-26 21:39 - 00270024 ____A C:\Windows\Minidump\062712-23368-01.dmp
2012-06-26 19:17 - 2012-06-27 10:18 - 00000000 ____D C:\Users\All Users\CPA_VA
2012-06-26 19:16 - 2012-06-26 19:16 - 00000000 ___HD C:\VritualRoot
2012-06-26 19:16 - 2012-06-26 19:16 - 00000000 ____D C:\Users\Public\Documents\COMODO
2012-06-26 19:13 - 2012-06-28 20:32 - 01474832 ____A C:\Windows\System32\Drivers\sfi.dat
2012-06-26 19:13 - 2012-06-26 21:51 - 00000000 ____D C:\Users\All Users\Comodo
2012-06-26 19:13 - 2012-06-26 19:13 - 00001846 ____A C:\Users\Public\Desktop\COMODO Antivirus.lnk
2012-06-26 19:13 - 2012-06-26 19:13 - 00001045 ____A C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
2012-06-26 19:13 - 2012-06-26 19:13 - 00000000 ____D C:\Program Files\COMODO
2012-06-25 01:11 - 2012-06-25 01:50 - 00000000 ____D C:\sh4ldr
2012-06-25 01:11 - 2012-06-25 01:11 - 00000000 ____D C:\Program Files\Enigma Software Group
2012-06-25 01:10 - 2012-06-25 01:50 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-24 09:39 - 2012-06-24 09:40 - 05645445 ____A C:\Users\SONY\Downloads\Norah Jones - Crazy.mp3
2012-06-23 14:01 - 2012-06-23 15:48 - 00106810 ____A C:\Users\SONY\Desktop\killer brass_5.rns
2012-06-23 13:45 - 2012-06-23 13:54 - 00106804 ____A C:\Users\SONY\Desktop\killer brass_4.rns
2012-06-23 13:32 - 2012-06-23 13:40 - 00106802 ____A C:\Users\SONY\Desktop\killer brass_3.rns
2012-06-23 11:31 - 2012-06-23 11:31 - 00106796 ____A C:\Users\SONY\Desktop\killer brass_2.rns
2012-06-23 11:18 - 2012-06-23 11:27 - 00106796 ____A C:\Users\SONY\Desktop\killer brass_1.rns
2012-06-22 13:32 - 2012-06-02 22:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-22 13:32 - 2012-06-02 22:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-22 13:32 - 2012-06-02 22:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-22 13:32 - 2012-06-02 22:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-22 13:32 - 2012-06-02 22:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-22 13:32 - 2012-06-02 22:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-22 13:32 - 2012-06-02 22:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-22 13:32 - 2012-06-02 12:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-22 13:32 - 2012-06-02 12:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-15 22:00 - 2012-06-15 22:00 - 00000000 ____D C:\Users\SONY\AppData\Local\Macromedia
2012-06-13 19:45 - 2012-05-18 01:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-13 19:45 - 2012-05-18 01:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-13 19:45 - 2012-05-18 01:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-13 19:45 - 2012-05-18 01:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-13 19:45 - 2012-05-18 01:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-13 19:45 - 2012-05-18 01:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-13 19:45 - 2012-05-18 01:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-13 19:45 - 2012-05-18 01:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-13 19:45 - 2012-05-17 22:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-13 19:45 - 2012-05-17 22:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-13 19:45 - 2012-05-17 22:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-13 19:45 - 2012-05-17 22:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-13 19:45 - 2012-05-17 22:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-13 19:45 - 2012-05-17 22:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-13 19:45 - 2012-05-17 22:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-13 19:45 - 2012-05-17 22:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 19:44 - 2012-05-18 02:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-13 19:44 - 2012-05-18 02:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-13 19:44 - 2012-05-18 02:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-13 19:44 - 2012-05-18 01:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-13 19:44 - 2012-05-18 01:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-13 19:44 - 2012-05-18 01:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-13 19:44 - 2012-05-17 23:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-13 19:44 - 2012-05-17 22:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-13 19:44 - 2012-05-17 22:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-13 19:44 - 2012-05-17 22:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-13 19:44 - 2012-05-17 22:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-13 19:44 - 2012-05-17 22:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-13 18:00 - 2012-05-04 11:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-13 18:00 - 2012-05-04 10:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 18:00 - 2012-05-04 10:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 18:00 - 2012-05-01 05:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-13 18:00 - 2012-04-26 05:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 18:00 - 2012-04-26 05:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 18:00 - 2012-04-26 05:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-13 17:59 - 2012-05-15 01:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 17:59 - 2012-04-28 03:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 17:59 - 2012-04-24 05:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 17:59 - 2012-04-24 05:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 17:59 - 2012-04-24 05:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 17:59 - 2012-04-24 04:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-13 17:59 - 2012-04-24 04:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-13 17:59 - 2012-04-24 04:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-13 17:59 - 2012-04-07 12:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-13 17:59 - 2012-04-07 11:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-11 20:00 - 2012-06-11 20:00 - 00011416 ____A C:\Users\SONY\Desktop\deep buzz.fxb
2012-06-06 18:32 - 2012-06-06 18:36 - 28820388 ____A C:\Users\SONY\Downloads\Neil Young _ Crazy Horse_ Oh Susannah.flv
2012-06-06 18:07 - 2012-06-06 18:07 - 00653424 ____A C:\Users\SONY\Desktop\bu ne lan.png
2012-05-30 17:26 - 2012-05-30 17:46 - 128389120 ____A C:\Users\SONY\Downloads\111472.mpg
2012-05-30 17:26 - 2012-05-30 17:42 - 98668544 ____A C:\Users\SONY\Downloads\fractal movie.mpg
2012-05-30 17:22 - 2012-05-30 17:23 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-3.mp4
2012-05-30 17:21 - 2012-05-30 17:21 - 02869959 ____A C:\Users\SONY\Downloads\Fractal_Animations.flv
2012-05-30 17:20 - 2012-05-30 17:20 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-2.mp4
2012-05-30 17:18 - 2012-05-30 17:18 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-1.mp4
2012-05-30 17:07 - 2012-05-30 17:20 - 163556292 ____A C:\Users\SONY\Downloads\Fractal_Animations.mp4

============ 3 Months Modified Files and Folders =============

2012-06-28 23:37 - 2012-06-28 23:37 - 00000000 ____D C:\FRST
2012-06-28 20:32 - 2012-06-26 19:13 - 01474832 ____A C:\Windows\System32\Drivers\sfi.dat
2012-06-28 20:32 - 2010-04-26 15:34 - 01997099 ____A C:\Windows\WindowsUpdate.log
2012-06-28 20:29 - 2009-07-14 04:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-28 20:29 - 2009-07-14 04:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-28 20:28 - 2009-07-14 05:13 - 00799114 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-28 20:22 - 2010-01-19 11:13 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-28 20:21 - 2010-11-07 19:50 - 00213914 ____A C:\Windows\setupact.log
2012-06-28 20:21 - 2010-08-10 09:14 - 00000031 ____A C:\Windows\System32\bbcap.err
2012-06-28 20:21 - 2009-07-14 05:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-28 19:08 - 2010-01-19 11:13 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-27 21:00 - 2010-01-19 11:47 - 00000000 ____D C:\Program Files (x86)\OneClickInternet
2012-06-27 20:59 - 2011-12-17 07:55 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Nokia Suite
2012-06-27 20:59 - 2011-12-17 07:55 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Nokia
2012-06-27 20:59 - 2011-12-17 07:52 - 00000000 ____D C:\Users\SONY\AppData\Local\NokiaAccount
2012-06-27 20:59 - 2011-12-17 07:48 - 00000000 ____D C:\Program Files (x86)\Nokia
2012-06-27 20:57 - 2011-03-15 22:51 - 00000000 ____D C:\Program Files (x86)\FlashGet
2012-06-27 20:43 - 2010-05-01 16:48 - 00000000 ____D C:\Users\SONY\AppData\Roaming\vlc
2012-06-27 10:18 - 2012-06-26 19:17 - 00000000 ____D C:\Users\All Users\CPA_VA
2012-06-27 10:13 - 2012-06-27 10:13 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-27 10:12 - 2012-05-15 13:19 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-27 10:12 - 2012-05-15 13:19 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-27 10:12 - 2010-05-01 12:09 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-27 06:27 - 2011-01-23 13:37 - 00014090 ____A C:\Windows\PFRO.log
2012-06-26 21:51 - 2012-06-26 21:51 - 00000000 ____D C:\Users\SONY\AppData\Local\COMODO
2012-06-26 21:51 - 2012-06-26 19:13 - 00000000 ____D C:\Users\All Users\Comodo
2012-06-26 21:39 - 2012-06-26 21:38 - 00270024 ____A C:\Windows\Minidump\062712-23368-01.dmp
2012-06-26 21:38 - 2010-06-21 22:42 - 00000000 ____D C:\Windows\Minidump
2012-06-26 19:16 - 2012-06-26 19:16 - 00000000 ___HD C:\VritualRoot
2012-06-26 19:16 - 2012-06-26 19:16 - 00000000 ____D C:\Users\Public\Documents\COMODO
2012-06-26 19:13 - 2012-06-26 19:13 - 00001846 ____A C:\Users\Public\Desktop\COMODO Antivirus.lnk
2012-06-26 19:13 - 2012-06-26 19:13 - 00001045 ____A C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
2012-06-26 19:13 - 2012-06-26 19:13 - 00000000 ____D C:\Program Files\COMODO
2012-06-25 01:50 - 2012-06-25 01:11 - 00000000 ____D C:\sh4ldr
2012-06-25 01:50 - 2012-06-25 01:10 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-25 01:11 - 2012-06-25 01:11 - 00000000 ____D C:\Program Files\Enigma Software Group
2012-06-24 23:30 - 2010-04-26 15:35 - 00000000 ____D C:\users\SONY
2012-06-24 09:40 - 2012-06-24 09:39 - 05645445 ____A C:\Users\SONY\Downloads\Norah Jones - Crazy.mp3
2012-06-23 20:04 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2012-06-23 15:48 - 2012-06-23 14:01 - 00106810 ____A C:\Users\SONY\Desktop\killer brass_5.rns
2012-06-23 13:54 - 2012-06-23 13:45 - 00106804 ____A C:\Users\SONY\Desktop\killer brass_4.rns
2012-06-23 13:40 - 2012-06-23 13:32 - 00106802 ____A C:\Users\SONY\Desktop\killer brass_3.rns
2012-06-23 11:31 - 2012-06-23 11:31 - 00106796 ____A C:\Users\SONY\Desktop\killer brass_2.rns
2012-06-23 11:27 - 2012-06-23 11:18 - 00106796 ____A C:\Users\SONY\Desktop\killer brass_1.rns
2012-06-22 12:50 - 2009-07-14 05:08 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-15 22:00 - 2012-06-15 22:00 - 00000000 ____D C:\Users\SONY\AppData\Local\Macromedia
2012-06-15 05:18 - 2012-04-02 18:25 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-15 05:18 - 2011-05-16 19:08 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-13 20:04 - 2009-07-14 04:45 - 00426488 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-13 20:01 - 2010-01-19 11:20 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-13 19:51 - 2010-04-28 20:57 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-11 20:00 - 2012-06-11 20:00 - 00011416 ____A C:\Users\SONY\Desktop\deep buzz.fxb
2012-06-06 18:36 - 2012-06-06 18:32 - 28820388 ____A C:\Users\SONY\Downloads\Neil Young _ Crazy Horse_ Oh Susannah.flv
2012-06-06 18:32 - 2012-05-23 18:37 - 00000000 ____D C:\Users\SONY\Downloads\ali bilge
2012-06-06 18:07 - 2012-06-06 18:07 - 00653424 ____A C:\Users\SONY\Desktop\bu ne lan.png
2012-06-04 11:50 - 2009-12-14 22:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-04 11:21 - 2010-09-04 16:05 - 00001185 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-06-02 22:19 - 2012-06-22 13:32 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 22:19 - 2012-06-22 13:32 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 22:19 - 2012-06-22 13:32 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 22:19 - 2012-06-22 13:32 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 22:19 - 2012-06-22 13:32 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 22:15 - 2012-06-22 13:32 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 22:15 - 2012-06-22 13:32 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 12:19 - 2012-06-22 13:32 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 12:15 - 2012-06-22 13:32 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 22:12 - 2010-06-26 21:18 - 00000000 ____D C:\Users\yasemin\AppData\Roaming\Adobe
2012-06-01 05:40 - 2010-06-02 19:49 - 00734201 ____A C:\test.xml
2012-05-30 17:46 - 2012-05-30 17:26 - 128389120 ____A C:\Users\SONY\Downloads\111472.mpg
2012-05-30 17:42 - 2012-05-30 17:26 - 98668544 ____A C:\Users\SONY\Downloads\fractal movie.mpg
2012-05-30 17:23 - 2012-05-30 17:22 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-3.mp4
2012-05-30 17:21 - 2012-05-30 17:21 - 02869959 ____A C:\Users\SONY\Downloads\Fractal_Animations.flv
2012-05-30 17:20 - 2012-05-30 17:20 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-2.mp4
2012-05-30 17:20 - 2012-05-30 17:07 - 163556292 ____A C:\Users\SONY\Downloads\Fractal_Animations.mp4
2012-05-30 17:18 - 2012-05-30 17:18 - 06127616 ____A C:\Users\SONY\Downloads\Fractal_Animations-1.mp4
2012-05-28 18:20 - 2012-05-28 18:20 - 04799180 ____A C:\Users\SONY\Downloads\olm bak git 2.flv
2012-05-21 18:36 - 2010-09-08 22:41 - 00013312 ____A C:\Users\SONY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-21 18:20 - 2012-05-21 18:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-21 18:20 - 2012-05-21 18:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-20 22:12 - 2012-05-20 22:12 - 01907983 ____A C:\Users\SONY\Desktop\bassorg.mp3
2012-05-20 22:10 - 2012-05-20 22:00 - 21025424 ____A C:\Users\SONY\Desktop\arzbasss Rendered.wav
2012-05-20 19:46 - 2012-05-20 19:46 - 00007457 ____A C:\Users\SONY\Downloads\Bwv_564_Adagio.mid
2012-05-19 21:46 - 2012-05-19 21:46 - 20275422 ____A C:\Users\SONY\Downloads\1205yalandunyaka.mp4
2012-05-19 12:15 - 2012-05-19 12:15 - 00360956 ____A C:\Users\SONY\Downloads\best_blacklist_s3_s60_3_and_5_v_4_00_sw.sisx
2012-05-19 11:27 - 2012-05-19 11:19 - 09841937 ____A C:\Users\SONY\Downloads\Laura-Branigan-A-Self-Control.mp3
2012-05-18 02:47 - 2012-06-13 19:44 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-18 02:16 - 2012-06-13 19:44 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-18 02:06 - 2012-06-13 19:44 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-18 01:59 - 2012-06-13 19:45 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-18 01:59 - 2012-06-13 19:45 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-18 01:58 - 2012-06-13 19:45 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-18 01:58 - 2012-06-13 19:44 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-18 01:56 - 2012-06-13 19:44 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-18 01:55 - 2012-06-13 19:45 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-18 01:55 - 2012-06-13 19:44 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-18 01:54 - 2012-06-13 19:45 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-18 01:51 - 2012-06-13 19:45 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-18 01:51 - 2012-06-13 19:45 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-18 01:47 - 2012-06-13 19:45 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-17 23:11 - 2012-06-13 19:44 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 22:48 - 2012-06-13 19:44 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 22:45 - 2012-06-13 19:44 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 22:36 - 2012-06-13 19:45 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 22:35 - 2012-06-13 19:45 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 22:35 - 2012-06-13 19:44 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 22:33 - 2012-06-13 19:45 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 22:31 - 2012-06-13 19:44 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 22:29 - 2012-06-13 19:45 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 22:29 - 2012-06-13 19:44 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 22:27 - 2012-06-13 19:45 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 22:25 - 2012-06-13 19:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 22:24 - 2012-06-13 19:45 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 22:20 - 2012-06-13 19:45 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-15 17:29 - 2010-06-26 21:18 - 00000000 ____D C:\Users\yasemin\AppData\Local\Google
2012-05-15 16:02 - 2012-05-15 16:02 - 08744608 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2012-05-15 13:18 - 2012-05-15 13:19 - 00476960 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-05-15 13:02 - 2010-06-26 21:13 - 00113056 ____A C:\Users\yasemin\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-15 01:32 - 2012-06-13 17:59 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-13 22:07 - 2012-05-13 22:03 - 06132549 ____A C:\Users\SONY\Downloads\Richard-Cheese-A-Creep.mp3
2012-05-13 16:56 - 2012-05-13 16:44 - 02512607 ____A C:\Users\SONY\Downloads\Bob-marley-A-out-of-space.mp3
2012-05-13 16:56 - 2012-05-13 16:24 - 07180839 ____A C:\Users\SONY\Downloads\The-Prodigy-A-Out-Of-Space.mp3
2012-05-13 10:57 - 2009-07-14 07:47 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-12 22:48 - 2012-05-12 22:47 - 02854660 ____A C:\Users\SONY\Downloads\bach_adagio_bwv_564_prp_112010.mp3
2012-05-12 22:39 - 2012-05-12 22:39 - 00006693 ____A C:\Users\SONY\Downloads\Bwv_564_Adagio.gp3
2012-05-12 22:11 - 2012-04-08 11:02 - 04445154 ____A C:\Users\SONY\Downloads\Tiny-Tim-Tip-toe-Thru-_-The-Tulips-With-Me.mp3
2012-05-08 21:50 - 2012-05-08 21:50 - 00310636 ____A C:\Users\SONY\Desktop\jazz imp.wav.asd
2012-05-08 21:46 - 2012-05-08 21:46 - 00311604 ____A C:\Users\SONY\Desktop\jazz imp.mp3.asd
2012-05-07 22:58 - 2012-05-07 22:55 - 05476646 ____A C:\Users\SONY\Downloads\London-Classical-Players-Roger-Norrington-BrahmsSymphony-No-3-in-F-major-Op-90-III-Poco-allegretto.mp3
2012-05-07 22:56 - 2012-05-07 22:53 - 06052801 ____A C:\Users\SONY\Downloads\Herbert-Von-Karajan-Berlin-Philharmonic-Orchestra-Brahms-Symphony-3-In-F-Op-90-3-Poco-Allegretto.mp3
2012-05-07 22:54 - 2010-05-01 17:26 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Azureus
2012-05-07 17:58 - 2010-01-19 11:12 - 00000000 ____D C:\Users\All Users\Adobe
2012-05-07 17:52 - 2010-04-26 18:34 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Adobe
2012-05-07 17:49 - 2012-05-07 17:49 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-05-07 17:48 - 2010-05-01 15:06 - 00000000 ____D C:\Users\SONY\AppData\Local\Adobe
2012-05-07 17:48 - 2010-01-19 11:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-05-07 17:39 - 2010-04-26 15:35 - 00113056 ____A C:\Users\SONY\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-05 18:09 - 2010-01-19 11:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-05-05 17:03 - 2012-05-05 16:54 - 07469082 ____A C:\Users\SONY\Downloads\Cake-A-I-Will-Survive.mp3
2012-05-04 16:29 - 2012-06-27 10:13 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 16:29 - 2010-04-28 21:19 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-05-04 11:06 - 2012-06-13 18:00 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03 - 2012-06-13 18:00 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 10:03 - 2012-06-13 18:00 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-03 20:10 - 2012-05-03 20:10 - 00000000 ____D C:\Users\SONY\Downloads\USB_-_Virtual_Analog_Vol.3_-_Nord_Lead_1_CD
2012-05-01 05:40 - 2012-06-13 18:00 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-29 15:01 - 2012-04-29 14:29 - 194820392 ____A C:\Users\SONY\Downloads\15Z8I46q_Jodorowsky & Gimenez - The Metabarons - complete - (v1-17).cbr
2012-04-29 14:57 - 2012-04-29 14:27 - 123884945 ____A C:\Users\SONY\Downloads\TwJIB5jw_Jodorowsky & Janjetov - [Before] The Incal - Complete.cbr
2012-04-29 14:25 - 2010-05-01 17:26 - 00000000 ____D C:\Program Files (x86)\Vuze
2012-04-29 11:26 - 2012-04-29 11:26 - 00000000 ____D C:\Users\All Users\Mozilla
2012-04-29 11:26 - 2012-04-29 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-29 11:26 - 2010-05-01 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-04-28 03:55 - 2012-06-13 17:59 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-26 18:26 - 2011-01-18 21:44 - 00000000 ___RD C:\Users\SONY\Desktop\church organ Project
2012-04-26 05:41 - 2012-06-13 18:00 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:41 - 2012-06-13 18:00 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-26 05:34 - 2012-06-13 18:00 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37 - 2012-06-13 17:59 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-24 05:37 - 2012-06-13 17:59 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37 - 2012-06-13 17:59 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-24 04:36 - 2012-06-13 17:59 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-24 04:36 - 2012-06-13 17:59 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-24 04:36 - 2012-06-13 17:59 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-23 10:39 - 2012-04-23 10:39 - 00011416 ____A C:\Users\SONY\Desktop\organ.fxb
2012-04-22 21:48 - 2012-04-22 21:48 - 01538856 ____A C:\Users\SONY\Desktop\organ2 Rendered.mp3
2012-04-21 17:20 - 2012-04-21 17:20 - 00512000 ____A C:\Users\SONY\Downloads\Charles.Darwin.and.the.Tree.of.Life.LAP.www.Warezme.org.part1.rar.part
2012-04-21 11:37 - 2012-04-21 11:33 - 70877240 ____A C:\Users\SONY\Downloads\PART 1_ David Attenborough on Darwin - by Nature Video.mp4
2012-04-19 15:24 - 2011-12-24 10:33 - 00000000 ___RD C:\Users\yasemin\Virtual Machines
2012-04-18 15:53 - 2012-04-18 15:52 - 05546112 ____A C:\Users\SONY\Downloads\Joe-Cocker-A-Summer-In-The-City.mp3
2012-04-15 11:11 - 2010-04-26 18:25 - 00000000 ____D C:\Users\SONY\AppData\Local\Google
2012-04-15 07:39 - 2012-04-14 23:15 - 00033436 ____A C:\Users\SONY\Desktop\killer wobz_.mp3
2012-04-15 07:37 - 2012-04-14 23:16 - 07696675 ____A C:\Users\SONY\Desktop\killer wobzz.mp3
2012-04-14 23:12 - 2012-04-14 22:58 - 33550136 ____A C:\Users\SONY\Desktop\killer wobz.wav
2012-04-14 21:47 - 2012-04-14 21:47 - 02162688 ____A C:\Users\SONY\Desktop\killer wob Rendered.wav
2012-04-10 16:43 - 2012-04-10 16:38 - 05586442 ____A C:\Users\SONY\Desktop\wobbly.mp3
2012-04-09 17:27 - 2012-04-09 17:27 - 00281560 ____A C:\Windows\Minidump\040912-24897-01.dmp
2012-04-08 20:39 - 2011-02-19 10:18 - 00094200 ____A C:\Users\SONY\Desktop\DUBSTEP2.rns
2012-04-07 12:31 - 2012-06-13 17:59 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 11:26 - 2012-06-13 17:59 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-04 18:35 - 2011-06-01 20:43 - 00000000 ____D C:\Users\SONY\AppData\Local\ABBYY
2012-04-04 18:22 - 2012-04-04 18:15 - 00135971 ____A C:\Users\SONY\Desktop\background.pptx
2012-04-03 20:50 - 2012-04-03 20:50 - 00000032 ____A C:\Windows\SysWOW64\w3data.vss
2012-04-03 20:50 - 2012-04-03 20:50 - 00000032 ____A C:\Windows\SysWOW64\msvcsv60.dll
2012-04-03 20:50 - 2012-04-03 20:50 - 00000032 ____A C:\Windows\msocreg32.dat
2012-04-03 20:45 - 2012-04-03 20:42 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2012-04-01 09:23 - 2012-04-01 09:23 - 00000000 ____D C:\Users\SONY\AppData\Local\Apps\2.0
2012-04-01 07:57 - 2010-04-28 21:23 - 00000000 ____D C:\Update
2012-03-31 23:31 - 2012-03-21 20:22 - 02834745 ____A C:\Users\SONY\Downloads\Vaya-Con-Dios-Neh-Nah-a.mp3

ZeroAccess:
C:\Windows\Installer\{90606adb-b9e2-f30b-33c5-be807af1b038}
C:\Windows\Installer\{90606adb-b9e2-f30b-33c5-be807af1b038}\@
C:\Windows\Installer\{90606adb-b9e2-f30b-33c5-be807af1b038}\L
C:\Windows\Installer\{90606adb-b9e2-f30b-33c5-be807af1b038}\U

ZeroAccess:
C:\Users\SONY\AppData\Local\{90606adb-b9e2-f30b-33c5-be807af1b038}
C:\Users\SONY\AppData\Local\{90606adb-b9e2-f30b-33c5-be807af1b038}\@
C:\Users\SONY\AppData\Local\{90606adb-b9e2-f30b-33c5-be807af1b038}\L
C:\Users\SONY\AppData\Local\{90606adb-b9e2-f30b-33c5-be807af1b038}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 3766.88 MB
Available physical RAM: 3136.23 MB
Total Pagefile: 3765.03 MB
Available Pagefile: 3127.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:164.32 GB) (Free:19.1 GB) NTFS
2 Drive d: (data) (Fixed) (Total:122.07 GB) (Free:11.63 GB) NTFS
3 Drive f: (Recovery) (Fixed) (Total:11.6 GB) (Free:0.81 GB) NTFS
5 Drive h: (KINGSTON) (Removable) (Total:7.2 GB) (Free:7.2 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 7389 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 11 GB 1024 KB
Partition 2 Primary 100 MB 11 GB
Partition 3 Primary 164 GB 11 GB
Partition 0 Extended 122 GB 176 GB
Partition 4 Logical 122 GB 176 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F Recovery NTFS Partition 11 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 164 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D data NTFS Partition 122 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7388 MB 31 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H KINGSTON FAT32 Removable 7388 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-28 13:17

======================= End Of Log ==========================
 
Command prompt was stuck to X: driver, may be it was some special settings by VAIO or I don't know. Than, I took risk and tried something different without asking you:
-Using the notepad's file browser I copied FRST64.exe to X: driver root.
-typed "cd.." ENTER and did this 2 times untill X:\Windows\system32> was set to X: root.
- Typed FRST64 as X:\>FRST64 then BINGO here is the log below.
Click to expand...
Good job :)

Now...important!
Since you have FRST located on X drive make sure to copy "fixlist.txt" file listed below to the VERY SAME LOCATION on drive X.

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Next....

Restart normally.

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe
  • Double-click on the Rkill icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 

Attachments

  • fixlist.txt
    262 bytes · Views: 1
>Run FRST/FRST64 and press the Fix button just once and wait.
- DONE - Fixlog.txt is below:

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-06-2012
Ran by SYSTEM at 2012-06-29 09:55:31 Run:1
Running from X:\
==============================================
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored successfully .
C:\Windows\System32\consrv.dll not found.
HKEY_USERS\SONY\Software\Microsoft\Windows\CurrentVersion\Run\\im4igtyxv3 Value deleted successfully.
C:\Windows\Installer\{90606adb-b9e2-f30b-33c5-be807af1b038} moved successfully.
C:\Users\SONY\AppData\Local\{90606adb-b9e2-f30b-33c5-be807af1b038} moved successfully.
==== End of Fixlog ====
 
COMBOFIX result:
-I had to switch to safe mode to run combofix. Although ESET did not seem to function in Task Manager. Combofix gave some warnings to disable ESET. I had problem in disabling ESET in safe mode. I got into "Component Services" in services found Eset Services and disabled it but Combofix still gave the warning. And continued to fix, .

Here are some good and/or bad changes I notices:
1- ESET turned to green - Protection status seems allright
2- ESET fails to update :confused: . It starts to donwload a file sized around 39 mb . When the progress bar reach to %50, progress bar resets.. then donwloaded file size somehow exceeds the expected files size continues to donwload an reach 40 mb and reportes that update is failed. giving the respone as "Error creating file".
3- Password protected "private folder" that encrypts files, disappeared from "My Computer" .
4-Before combofix, Every time I restart Win7 , size of icons on my dektop was being set to a larger size than my personal setting . now I can control their size :)

Longing for your comments on these changes.

- COMBOFIX LOG file is posted below

ComboFix 12-06-28.03 - SONY 29.06.2012 10:38:15.1.4 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1254.90.1033.18.3767.3019 [GMT 3:00]
Running from: c:\users\SONY\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Propellerhead Software\ReCycle
c:\programdata\Propellerhead Software\ReCycle\ReCycle210.dat
c:\users\SONY\AppData\Roaming\.#
c:\users\SONY\AppData\Roaming\Propellerhead Software\ReCycle
c:\users\SONY\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle Preferences File.prf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\msvcsv60.dll
c:\windows\SysWow64\tmp6855.tmp
c:\windows\SysWow64\tmp6901.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-29 )))))))))))))))))))))))))))))))
.
.
2012-06-29 07:45 . 2012-06-29 07:45 -------- d-----w- c:\users\yasemin\AppData\Local\temp
2012-06-29 07:45 . 2012-06-29 07:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-29 07:31 . 2012-06-29 07:31 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A34B111-1FF6-4F28-906B-3206272DFE1F}\offreg.dll
2012-06-28 23:37 . 2012-06-28 23:38 -------- d-----w- C:\FRST
2012-06-27 10:13 . 2012-06-27 10:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-27 10:13 . 2012-06-27 10:13 -------- d-----w- c:\program files (x86)\Oracle
2012-06-26 21:51 . 2012-06-26 21:51 -------- d-----w- c:\users\SONY\AppData\Local\COMODO
2012-06-26 19:17 . 2012-06-27 10:18 -------- d-----w- c:\programdata\CPA_VA
2012-06-26 19:16 . 2012-06-26 19:16 -------- d-----w- C:\VritualRoot
2012-06-26 19:13 . 2012-06-26 21:51 -------- d-----w- c:\programdata\Comodo
2012-06-26 19:13 . 2012-06-26 19:13 -------- d-----w- c:\program files\COMODO
2012-06-25 01:11 . 2012-06-25 01:50 -------- d-----w- C:\sh4ldr
2012-06-25 01:11 . 2012-06-25 01:11 -------- d-----w- c:\program files\Enigma Software Group
2012-06-25 01:10 . 2012-06-25 01:50 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-25 01:09 . 2012-06-25 01:09 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-06-22 13:35 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A34B111-1FF6-4F28-906B-3206272DFE1F}\mpengine.dll
2012-06-22 13:32 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 13:32 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 13:32 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 13:32 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 13:32 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 13:32 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 13:32 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 13:32 . 2012-06-02 12:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 13:32 . 2012-06-02 12:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-15 22:00 . 2012-06-15 22:00 -------- d-----w- c:\users\SONY\AppData\Local\Macromedia
2012-06-13 19:44 . 2012-05-18 02:06 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-13 18:00 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 18:00 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 18:00 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 18:00 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 18:00 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 18:00 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 18:00 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 17:59 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 17:59 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 17:59 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 17:59 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 17:59 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 17:59 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 17:59 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 17:59 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 17:59 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 17:59 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-15 05:18 . 2012-04-02 18:25 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-15 05:18 . 2011-05-16 19:08 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-15 16:02 . 2012-05-15 16:02 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-15 13:18 . 2012-05-15 13:19 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-04 16:29 . 2010-04-28 21:19 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 13:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-17 13:54 175912 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-19 26624]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-03-17 421888]
"M-Audio Taskbar Icon"="c:\windows\system32\MAFWTray.exe" [2009-07-29 252424]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-01-13 37888]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-04-20 2327552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 213304]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 184120]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-5 1081632]
PDFCreator.lnk - c:\program files (x86)\PDFCreator\PDFCreator.exe [2010-5-1 2641920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-11-30 19:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-22 834544]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service;c:\program files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-11-16 735960]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 123200]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 4948992]
R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-03 330488]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
R2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
R3 bbcap;bb_capture_driver;c:\windows\system32\DRIVERS\bbcap.sys [2010-08-10 4608]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2011-08-17 66728]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-11-11 151936]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-05-01 244736]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MAFW;Service for M-Audio FireWire;c:\windows\system32\DRIVERS\mafw.sys [2009-07-29 231944]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-29 129976]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-11-09 84512]
R3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);c:\windows\system32\DRIVERS\qcfilterSny2k.sys [2009-12-03 6400]
R3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);c:\windows\system32\DRIVERS\qcusbnetsny2k.sys [2009-12-03 240640]
R3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);c:\windows\system32\DRIVERS\qcusbserSny2k.sys [2009-12-03 121216]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-16 1255736]
R4 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2012-03-11 22696]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-10-29 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-10-29 76800]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 11:13]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 11:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\SONY\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-07-20 14:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-07-20 14:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-02 16395880]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-07 9636896]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-07-20 84744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-19 171520]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2716216]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-01 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-01 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-01 410136]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.175.39.40 195.175.39.39
TCP: Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}: NameServer = 216.52.1.33,24.143.246.29
TCP: Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}\163636563737: NameServer = 216.52.1.33,24.143.246.29
TCP: Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}\4514D4: NameServer = 216.52.1.33,24.143.246.29
TCP: Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}\4545E454450275966496: NameServer = 216.52.1.33,24.143.246.29
TCP: Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}\5535B423: NameServer = 216.52.1.33,24.143.246.29
DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} - hxxps://sube.garanti.com.tr/lib/JaguarEditControl.CAB
FF - ProfilePath - c:\users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://tip.acibadem.edu.tr/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-ABBYY Screenshot Reader Bonus - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-29 10:48:19
ComboFix-quarantined-files.txt 2012-06-29 07:48
.
Pre-Run: 20.348.633.088 bytes free
Post-Run: 25.719.046.144 bytes free
.
- - End Of File - - F5D876939170B0CD71FC6FCE208402A3
 
Combo log looks good.

If updating Eset is the only issue I suggest you reinstall it.

Next...

Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/products/malwarebytes_free to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

===========================================================

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
I cannot fix the ESET updating problem mentioned above .. I tried both the repair option and reinstallation.. Since I could not fully disable ESET during the Combofix session, that I know from Combofix warnings , it seems that it deeply bashed something about ESET ..
So , would you agree with installing some other antivirus before going through the next steps (I.e. Malwarebytes' Anti-Malware and OTL )
 
- I uninstalled ESET and installed AVAST
- Installed Malwarebytes and performed quick scan log is below

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
SONY :: VAIOME [administrator]

09.07.2012 02:47:06
mbam-log-2012-07-09 (02-47-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273068
Time elapsed: 6 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
OTL search results:


OTL.txt

OTL logfile created on: 09.07.2012 21:32:55 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = G:\anitvir
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041F | Country: Turkey | Language: TRK | Date Format: dd.MM.yyyy

3,68 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 50,46% Memory free
7,36 Gb Paging File | 5,32 Gb Available in Paging File | 72,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,32 Gb Total Space | 22,87 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
Drive G: | 122,07 Gb Total Space | 11,01 Gb Free Space | 9,02% Space Free | Partition Type: NTFS

Computer Name: VAIOME | User Name: SONY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.09 21:29:07 | 000,595,968 | ---- | M] (OldTimer Tools) -- G:\anitvir\OTL.exe
PRC - [2012.07.03 19:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 19:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.03 19:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012.06.28 13:28:57 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.04.04 08:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010.01.19 14:37:25 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010.01.14 01:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2009.12.03 12:27:28 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
PRC - [2009.11.30 22:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.10.03 00:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.10.01 06:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 06:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.08.26 22:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2009.07.29 14:28:40 | 000,252,424 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\SysWOW64\MAFWTray.exe
PRC - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
PRC - [2009.04.20 17:20:40 | 002,327,552 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.04.20 17:20:30 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009.02.20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.12.24 01:26:32 | 002,641,920 | ---- | M] (pdfforge http://www.pdfforge.org/) -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.28 13:28:56 | 000,438,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012.06.28 13:28:54 | 003,972,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012.06.28 13:27:40 | 000,554,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012.06.28 13:27:38 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012.06.28 13:27:29 | 000,140,328 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012.06.28 13:27:28 | 000,262,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012.06.28 13:27:26 | 002,386,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2012.06.28 11:27:26 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
MOD - [2012.06.13 23:10:31 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012.06.13 23:09:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 23:09:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.13 16:23:10 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012.05.13 14:29:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.13 14:29:17 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012.05.13 14:29:16 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.05.13 14:28:27 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012.05.13 14:28:25 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.13 14:28:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.13 14:28:20 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.13 14:28:15 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010.11.05 04:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.07.14 04:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.11 00:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2007.11.28 18:59:42 | 003,702,784 | ---- | M] () -- C:\Program Files (x86)\PDFCreator\GS8.61\gs8.61\Bin\gsdll32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.07.03 19:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.07.03 19:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2009.11.30 22:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009.09.21 19:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2009.09.21 19:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2009.09.05 00:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.17 16:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009.07.14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.04.29 14:26:23 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 08:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.27 11:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.03 12:27:28 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe -- (QDLService2kSony) Qualcomm Gobi 2000 Download Service (Sony)
SRV - [2009.10.03 00:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.10.01 06:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 06:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.08.31 04:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 04:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
SRV - [2009.04.20 17:20:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.02.20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2009.02.06 20:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012.07.03 19:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 19:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 19:21:52 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012.07.03 19:21:52 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012.07.03 19:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 19:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 19:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 19:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.07.03 19:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.06.27 23:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.15 05:12:10 | 000,111,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.08.18 00:14:48 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV:64bit: - [2011.08.17 14:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.08.17 14:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.08.17 13:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 13:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 13:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 13:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 16:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 16:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 16:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 14:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 14:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 12:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.08.10 12:06:44 | 000,004,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bbcap.sys -- (bbcap)
DRV:64bit: - [2010.05.22 14:25:48 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.05.01 15:40:25 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.05.01 15:40:24 | 007,841,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.12.03 11:47:44 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbnetsny2k.sys -- (qcusbnetsny2k) Gobi 2000 USB-NDIS miniport(05C6-9225)
DRV:64bit: - [2009.12.03 11:47:44 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbserSny2k.sys -- (qcusbsersny2k) Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225)
DRV:64bit: - [2009.12.03 11:47:44 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcfilterSny2k.sys -- (qcfilterSny2k) Gobi 2000 USB Composite Device Filter Driver(05C6-9225)
DRV:64bit: - [2009.11.18 23:04:10 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 23:04:09 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 23:04:09 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 23:04:08 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 23:03:38 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.11 05:05:01 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.11.09 23:05:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.09 23:04:24 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.02 04:47:16 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.10.29 23:09:32 | 000,076,800 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.10.29 23:09:23 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.10.02 23:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.17 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.15 15:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.08.19 23:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.29 14:28:24 | 000,231,944 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mafw.sys -- (MAFW)
DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 03:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.28 23:03:08 | 000,025,120 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\shpf.sys -- (shpf)
DRV:64bit: - [2009.05.20 13:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.04.09 13:38:26 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.01.09 17:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008.08.28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes,DefaultScope = {2D5C7F2A-0073-474C-A261-887D46BAA76A}
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{2507BE80-BC22-41F0-9844-A46D1B211FBD}: "URL" = http://uk.shopping.com/?linkin_id=8056359
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{2D5C7F2A-0073-474C-A261-887D46BAA76A}: "URL" = http://www.google.com/search?source...&oe={outputEncoding}&rlz=1I7SVEC_enTR377TR377
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{48BE737F-245D-44F5-9976-6557C5D04FC3}: "URL" = http://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms}
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{5CF88ABD-87E0-43AA-A750-02522B1897C1}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=5A6167EC-2DD6-42F1-ACF5-EF52B9B7C1CA
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\SearchScopes\{807CBE34-F5E4-4FEA-88CC-FC96C888711B}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://tip.acibadem.edu.tr/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: fe_3.6@nokia.com:1.7.56.205
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..network.proxy.autoconfig_url: "http://go.navige.com/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.29 14:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.15 16:19:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.05.01 18:03:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SONY\AppData\Roaming\Mozilla\Extensions
[2012.07.09 02:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\extensions
[2012.04.01 12:32:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.06.03 23:18:38 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011.03.26 21:14:42 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\extensions\engine@conduit.com
[2012.01.04 20:17:04 | 000,002,333 | ---- | M] () -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\searchplugins\askcom.xml
[2010.05.01 21:14:52 | 000,000,903 | ---- | M] () -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\searchplugins\conduit.xml
[2012.07.09 20:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.12.08 16:13:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.05.15 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012.07.09 20:21:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.04.29 14:26:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.14 01:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.16 15:15:37 | 000,001,182 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-tr.xml
[2012.04.29 14:26:22 | 000,002,489 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yandex-tr.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\SONY\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: avast! WebRep = C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\

O1 HOSTS File: ([2012.06.29 10:45:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite\launcher.exe (UPEK Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysWOW64\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} https://sube.garanti.com.tr/lib/JaguarEditControl.CAB (SubClassEditCtrlContainer Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FDE7CA3-1672-45BD-9EFE-F8DA40098E18}: NameServer = 216.52.1.33,24.143.246.29
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\Protector Suite\psqlpwd.dll) - C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.07.09 21:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.07.09 02:45:56 | 000,000,000 | ---D | C] -- C:\Users\SONY\AppData\Roaming\Malwarebytes
[2012.07.09 02:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.09 02:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.09 02:45:44 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.09 02:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.09 02:33:29 | 000,142,128 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012.07.09 02:33:21 | 000,266,776 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012.07.09 02:33:21 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012.07.09 02:33:21 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012.07.09 02:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012.07.09 02:25:53 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.07.09 02:25:53 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.07.09 02:25:50 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.07.09 02:25:48 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.07.09 02:25:48 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.07.09 02:25:48 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.07.09 02:25:47 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.07.09 02:25:33 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.07.09 02:25:33 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.09 02:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.07.09 02:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.07.09 02:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2012.07.09 00:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.07.09 00:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.06.29 10:52:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.06.29 10:35:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.06.29 10:35:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.06.29 10:35:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.06.29 10:09:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.06.29 10:06:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.06.29 10:02:16 | 004,566,027 | R--- | C] (Swearware) -- C:\Users\SONY\Desktop\ComboFix.exe
[2012.06.29 02:37:17 | 000,000,000 | ---D | C] -- C:\FRST
[2012.06.27 13:13:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.06.27 13:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.06.26 22:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012.06.26 22:16:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012.06.25 04:11:06 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.06.25 04:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.06.25 04:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.06.16 01:00:58 | 000,000,000 | ---D | C] -- C:\Users\SONY\AppData\Local\Macromedia
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.09 21:17:49 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 21:17:49 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 21:09:47 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.09 21:09:23 | 000,000,031 | ---- | M] () -- C:\Windows\SysNative\bbcap.err
[2012.07.09 21:09:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.09 21:09:16 | 2962,395,136 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.09 21:08:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.09 02:45:47 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.09 02:33:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.07.09 02:30:14 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012.07.09 02:00:51 | 000,748,971 | ---- | M] () -- C:\test.xml
[2012.07.09 00:53:45 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012.07.03 19:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.07.03 19:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.07.03 19:21:52 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012.07.03 19:21:52 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012.07.03 19:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.07.03 19:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.07.03 19:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.07.03 19:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012.07.03 19:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.07.03 19:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.03 19:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.07.03 19:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.06.29 10:45:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.06.29 10:03:04 | 004,566,027 | R--- | M] (Swearware) -- C:\Users\SONY\Desktop\ComboFix.exe
[2012.06.28 23:28:59 | 000,799,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.28 23:28:59 | 000,668,044 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.28 23:28:59 | 000,127,040 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.27 23:33:54 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012.06.23 18:48:39 | 000,106,810 | ---- | M] () -- C:\Users\SONY\Desktop\killer brass_5.rns
[2012.06.23 16:54:40 | 000,106,804 | ---- | M] () -- C:\Users\SONY\Desktop\killer brass_4.rns
[2012.06.23 16:40:41 | 000,106,802 | ---- | M] () -- C:\Users\SONY\Desktop\killer brass_3.rns
[2012.06.23 14:31:03 | 000,106,796 | ---- | M] () -- C:\Users\SONY\Desktop\killer brass_2.rns
[2012.06.23 14:27:10 | 000,106,796 | ---- | M] () -- C:\Users\SONY\Desktop\killer brass_1.rns
[2012.06.19 23:07:24 | 000,227,673 | ---- | M] () -- C:\Users\SONY\Desktop\MD1206188-bogazicibiomedikal.pdf
[2012.06.13 23:04:43 | 000,426,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.11 23:00:02 | 000,011,416 | ---- | M] () -- C:\Users\SONY\Desktop\deep buzz.fxb
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.09 02:45:47 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.09 02:30:14 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012.07.09 02:25:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.06.29 10:35:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.06.29 10:35:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.06.29 10:35:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.06.29 10:35:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.06.29 10:35:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.06.26 22:13:55 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012.06.23 17:01:13 | 000,106,810 | ---- | C] () -- C:\Users\SONY\Desktop\killer brass_5.rns
[2012.06.23 16:45:59 | 000,106,804 | ---- | C] () -- C:\Users\SONY\Desktop\killer brass_4.rns
[2012.06.23 16:32:57 | 000,106,802 | ---- | C] () -- C:\Users\SONY\Desktop\killer brass_3.rns
[2012.06.23 14:31:02 | 000,106,796 | ---- | C] () -- C:\Users\SONY\Desktop\killer brass_2.rns
[2012.06.23 14:18:04 | 000,106,796 | ---- | C] () -- C:\Users\SONY\Desktop\killer brass_1.rns
[2012.06.19 23:07:28 | 000,227,673 | ---- | C] () -- C:\Users\SONY\Desktop\MD1206188-bogazicibiomedikal.pdf
[2012.06.11 23:00:02 | 000,011,416 | ---- | C] () -- C:\Users\SONY\Desktop\deep buzz.fxb
[2012.04.03 23:50:43 | 000,000,032 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011.12.17 21:02:11 | 000,038,428 | ---- | C] () -- C:\Users\SONY\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011.08.17 23:43:09 | 000,000,008 | RHS- | C] () -- C:\Users\SONY\ntuser.pol
[2011.07.18 23:33:00 | 000,000,000 | ---- | C] () -- C:\Users\SONY\AppData\Local\{4E1B14EE-E1E9-43D7-88ED-F8B51D886C34}
[2011.06.19 21:05:38 | 000,000,346 | ---- | C] () -- C:\Users\SONY\.JavaPowUpload.properties
[2011.04.18 00:04:21 | 000,140,997 | ---- | C] () -- C:\Windows\hphins33.dat.temp
[2011.04.18 00:04:21 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp
[2011.02.27 18:34:34 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.02.23 13:07:17 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2011.02.23 13:07:17 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2011.02.23 13:07:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\serauth2.dll
[2011.02.23 13:07:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\serauth1.dll
[2011.02.23 13:07:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\nsprs.dll
[2011.02.23 13:06:49 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2011.02.23 13:06:49 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.09.13 02:04:01 | 000,170,864 | ---- | C] () -- C:\Windows\hphins33.dat
[2010.09.13 02:04:01 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat
[2010.09.09 01:41:57 | 000,013,312 | ---- | C] () -- C:\Users\SONY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.22 15:00:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.05 00:09:00 | 000,008,751 | ---- | C] () -- C:\Users\SONY\AppData\Local\backup.vtp
[2009.04.09 13:44:42 | 000,108,066 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

========== LOP Check ==========

[2010.05.02 00:08:25 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Ableton
[2010.05.01 21:47:46 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\AnvSoft
[2010.07.02 15:00:49 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Auslogics
[2012.05.08 01:54:43 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Azureus
[2010.12.03 00:20:50 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Blueberry
[2010.05.22 14:33:36 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\DAEMON Tools Lite
[2011.11.11 01:14:09 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Dropbox
[2011.03.16 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\FlashGet
[2010.08.10 09:49:46 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\FreeFLVConverter
[2010.08.10 11:56:28 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\FreeScreenToVideo
[2010.08.16 00:50:34 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Get from YouTube
[2010.05.13 14:49:27 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\GHISLER
[2010.08.16 00:50:28 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Import Audio from Video
[2010.08.10 12:06:57 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\LogSys
[2012.06.27 23:59:21 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Nokia
[2012.06.27 23:59:21 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Nokia Suite
[2011.12.17 21:52:19 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\PC Suite
[2012.06.29 10:44:56 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Propellerhead Software
[2010.05.05 00:08:59 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Protector Suite
[2011.05.21 00:13:23 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Publish Providers
[2011.01.23 16:34:09 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Raptr
[2011.08.14 18:55:21 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Rovio
[2010.05.13 14:52:26 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Scooter Software
[2011.05.21 00:14:11 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Sony
[2011.05.21 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Sony Creative Software
[2010.08.16 00:55:04 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Total Recorder Editor Pro
[2010.09.09 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\SONY\AppData\Roaming\Vodafone
[2011.12.24 13:33:33 | 000,000,000 | ---D | M] -- C:\Users\yasemin\AppData\Roaming\PC Suite
[2010.06.27 00:13:23 | 000,000,000 | ---D | M] -- C:\Users\yasemin\AppData\Roaming\Protector Suite
[2011.12.24 13:34:24 | 000,000,000 | ---D | M] -- C:\Users\yasemin\AppData\Roaming\Vodafone
[2012.06.22 15:50:50 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012.06.29 10:48:20 | 000,027,305 | ---- | M] () -- C:\ComboFix.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007.11.07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007.11.07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007.11.07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012.07.09 21:09:16 | 2962,395,136 | -HS- | M] () -- C:\hiberfil.sys
[2007.11.07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2010.05.22 16:07:10 | 000,000,664 | ---- | M] () -- C:\INSTALL.LOG
[2007.11.07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007.11.07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007.11.07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007.11.07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007.11.07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007.11.07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007.11.07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012.07.09 21:09:21 | 3949,862,912 | -HS- | M] () -- C:\pagefile.sys
[2010.01.19 14:08:24 | 000,002,175 | ---- | M] () -- C:\RHDSetup.log
[2012.07.09 02:00:51 | 000,748,971 | ---- | M] () -- C:\test.xml
[2007.11.07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007.11.07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007.11.07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2009.07.14 08:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 08:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 08:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 08:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009.06.10 23:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2012.07.03 19:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.11.10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009.07.14 07:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011.06.10 21:14:00 | 000,000,221 | -HS- | M] () -- C:\Users\SONY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012.06.29 10:03:04 | 004,566,027 | R--- | M] (Swearware) -- C:\Users\SONY\Desktop\ComboFix.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012.07.09 21:09:47 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.09 21:08:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.09 21:09:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.06.22 15:50:50 | 000,032,620 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009.06.11 00:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2012.01.07 18:41:37 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
[2012.01.07 18:41:37 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
[2011.03.26 20:16:29 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
[2011.03.26 20:16:29 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
[2012.01.07 18:41:37 | 001,056,768 | ---- | M] () -- C:\Windows\SECURITY\Database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2012.02.16 23:51:43 | 000,000,402 | -HS- | M] () -- C:\Users\SONY\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009.04.09 13:44:42 | 000,108,066 | R--- | M] () -- C:\ProgramData\DeviceManager.xml.rc4
[2011.04.18 00:05:51 | 000,000,723 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2011.09.30 21:53:00 | 000,001,492 | ---- | M] () -- C:\ProgramData\ss.ini

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs >

[FONT=Calibri]< End of report [/FONT]
 
Extras.txt

OTL by OldTimer - Version 3.2.53.1 Folder = G:\anitvir
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041F | Country: Turkey | Language: TRK | Date Format: dd.MM.yyyy

3,68 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 50,46% Memory free
7,36 Gb Paging File | 5,32 Gb Available in Paging File | 72,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,32 Gb Total Space | 22,87 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
Drive G: | 122,07 Gb Total Space | 11,01 Gb Free Space | 9,02% Space Free | Partition Type: NTFS

Computer Name: VAIOME | User Name: SONY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{3C33BA1B-D447-41CF-A228-84DD499F6F61}" = M-Audio FireWire Driver 6.0.1 (x64)
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0402-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Bulgarian) 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0406-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Danish) 2007
"{90120000-002A-0408-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Greek) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Finnish) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-041D-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Swedish) 2007
"{90120000-002A-041F-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Turkish) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96178C0A-BAF9-4E49-A2A5-CDE76722105B}" = HP Deskjet D1600 Printer Driver 14.0 Rel. 6
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CB974C3D-D101-4411-8F54-DCDC58DED815}" = Protector Suite 2009
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.4.0
"MatlabR2009b" = MATLAB R2009b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play with PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{127C8955-B5C5-4682-9428-B8243EC4E6AE}" = Remote Play with PlayStation 3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{32FEA42D-3A59-49D9-8A2F-A3E2D8E663DF}" = SPSS SmartViewer 15.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.5
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5844C935-106A-435D-969A-98C7508F982D}" = BB FlashBack 2 Express
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5DD152A8-BFB3-439E-90CD-5C00C2116E23}" = AmpliTube 3
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote Keyboard with PlayStation 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6CA280F4-B354-4167-A262-ABE8347109D2}" = Vocal Rack Trial
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7ED89AE0-5832-4ED3-B29A-099F65295E82}" = Qualcomm Gobi 2000 Package for Sony
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0402-0000-0000000FF1CE}" = Microsoft Office Access MUI (Bulgarian) 2007
"{90120000-0015-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0406-0000-0000000FF1CE}" = Microsoft Office Access MUI (Danish) 2007
"{90120000-0015-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Finnish) 2007
"{90120000-0015-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Swedish) 2007
"{90120000-0015-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041F-0000-0000000FF1CE}" = Microsoft Office Access MUI (Turkish) 2007
"{90120000-0015-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007
"{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0402-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Bulgarian) 2007
"{90120000-0016-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0406-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Danish) 2007
"{90120000-0016-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Finnish) 2007
"{90120000-0016-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007
"{90120000-0016-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041F-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Turkish) 2007
"{90120000-0016-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0402-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Bulgarian) 2007
"{90120000-0018-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Danish) 2007
"{90120000-0018-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Finnish) 2007
"{90120000-0018-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007
"{90120000-0018-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041F-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Turkish) 2007
"{90120000-0018-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0402-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Bulgarian) 2007
"{90120000-0019-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0406-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Danish) 2007
"{90120000-0019-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Finnish) 2007
"{90120000-0019-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Swedish) 2007
"{90120000-0019-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041F-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Turkish) 2007
"{90120000-0019-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007
"{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0402-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Bulgarian) 2007
"{90120000-001A-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0406-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Danish) 2007
"{90120000-001A-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Finnish) 2007
"{90120000-001A-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Swedish) 2007
"{90120000-001A-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041F-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Turkish) 2007
"{90120000-001A-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007
"{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0402-0000-0000000FF1CE}" = Microsoft Office Word MUI (Bulgarian) 2007
"{90120000-001B-0402-0000-0000000FF1CE}_PROHYBRIDR_{F396405D-7270-406B-B59C-CC36095EEFB3}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0406-0000-0000000FF1CE}" = Microsoft Office Word MUI (Danish) 2007
"{90120000-001B-0406-0000-0000000FF1CE}_PROHYBRIDR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Finnish) 2007
"{90120000-001B-040B-0000-0000000FF1CE}_PROHYBRIDR_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007
"{90120000-001B-041D-0000-0000000FF1CE}_PROHYBRIDR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041F-0000-0000000FF1CE}" = Microsoft Office Word MUI (Turkish) 2007
"{90120000-001B-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041F-0000-0000000FF1CE}_PROHYBRIDR_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0402-0000-0000000FF1CE}" = Microsoft Office Proof (Bulgarian) 2007
"{90120000-001F-0402-0000-0000000FF1CE}_PROHYBRIDR_{CB0A77FC-E59E-4418-9C1E-82E486C90EA5}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_PROHYBRIDR_{8F771259-9037-4097-AA88-8613F3BE5627}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROHYBRIDR_{DB0C1C5A-7998-4B95-8BD5-ACACD18B0B53}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007
"{90120000-001F-040B-0000-0000000FF1CE}_PROHYBRIDR_{C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0419-0000-0000000FF1CE}_PROHYBRIDR_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007
"{90120000-001F-041D-0000-0000000FF1CE}_PROHYBRIDR_{4A960AFC-E28F-4233-953F-1903BE859B79}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_ENTERPRISE_{6A61C934-56F9-4AC6-A43B-30E3F9D886F5}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041F-0000-0000000FF1CE}_PROHYBRIDR_{6A61C934-56F9-4AC6-A43B-30E3F9D886F5}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C8246FCF-12F8-4212-BC89-6ED049BA2FB8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0402-1000-0000000FF1CE}_PROHYBRIDR_{F2B19821-E01E-4843-B0AE-99093DB3F308}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0406-1000-0000000FF1CE}_PROHYBRIDR_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0408-1000-0000000FF1CE}_PROHYBRIDR_{58D10C7E-20DE-47F0-BAFA-37A870A625F9}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040B-1000-0000000FF1CE}_PROHYBRIDR_{B001E294-354F-45E2-B1CB-4C3AE5A8D01F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041D-1000-0000000FF1CE}_PROHYBRIDR_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041F-1000-0000000FF1CE}_ENTERPRISE_{8EFDC918-E9A4-43CF-8AE2-95AE63E01DFE}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041F-1000-0000000FF1CE}_PROHYBRIDR_{8EFDC918-E9A4-43CF-8AE2-95AE63E01DFE}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0816-1000-0000000FF1CE}_PROHYBRIDR_{5E03E01D-304F-474D-B85F-06B2C9AE0583}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0402-0000-0000000FF1CE}" = Microsoft Office Proofing (Bulgarian) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0406-0000-0000000FF1CE}" = Microsoft Office Proofing (Danish) 2007
 
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040B-0000-0000000FF1CE}" = Microsoft Office Proofing (Finnish) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007
"{90120000-002C-041F-0000-0000000FF1CE}" = Microsoft Office Proofing (Turkish) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-041F-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Turkish) 2007
"{90120000-0044-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0402-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Bulgarian) 2007
"{90120000-006E-0402-0000-0000000FF1CE}_PROHYBRIDR_{F2B19821-E01E-4843-B0AE-99093DB3F308}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0406-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Danish) 2007
"{90120000-006E-0406-0000-0000000FF1CE}_PROHYBRIDR_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_PROHYBRIDR_{58D10C7E-20DE-47F0-BAFA-37A870A625F9}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Finnish) 2007
"{90120000-006E-040B-0000-0000000FF1CE}_PROHYBRIDR_{B001E294-354F-45E2-B1CB-4C3AE5A8D01F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007
"{90120000-006E-041D-0000-0000000FF1CE}_PROHYBRIDR_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041F-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Turkish) 2007
"{90120000-006E-041F-0000-0000000FF1CE}_ENTERPRISE_{8EFDC918-E9A4-43CF-8AE2-95AE63E01DFE}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041F-0000-0000000FF1CE}_PROHYBRIDR_{8EFDC918-E9A4-43CF-8AE2-95AE63E01DFE}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{5E03E01D-304F-474D-B85F-06B2C9AE0583}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041F-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Turkish) 2007
"{90120000-00A1-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-041F-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Turkish) 2007
"{90120000-00BA-041F-0000-0000000FF1CE}_ENTERPRISE_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A657E90-E2B7-44DE-8929-055948162595}" = SPSS 16.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B178BACA-880B-4D20-85F9-522F7F2DECBE}" = AmpliTube Fender
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B2F671-870B-43A0-8B9D-7DB30CEBD87E}" = DJ_SF_06_D1600_SW_Min
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect Lite
"{E4DCFD0F-7B68-4C44-B208-99027AD1AC69}" = keFIR VST plugin
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E622ECC4-4310-4D7B-B401-159E0C22516A}" = Final Master Trial
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"ACDSee 32" = ACDSee 32
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Any Video Converter_is1" = Any Video Converter 3.0.5
"avast" = avast! Internet Security
"BB FlashBack 2 Express" = BB FlashBack 2 Express
"BeyondCompare3_is1" = Beyond Compare Version 3.0.13
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"E.M. DVD Copy_is1" = E.M. DVD Copy 2.40
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free FLV Converter_is1" = Free FLV Converter V 6.91.0
"GIFMovieGear1" = GIF Movie Gear 2.6
"GoldWave v5.06" = GoldWave v5.06
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"Guitar Pro 5_is1" = Guitar Pro 5.2
"GuitarSpeedTrainer_is1" = GST 2.3.8.4
"Human_Physiology_ESP" = Human Physiology ESP
"iZotope Ozone 3.07" = iZotope Ozone 3.07
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
"Live 6.0.1" = Live 6.0.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MarketingTools" = VAIO Marketing Tools
"Mendeley Desktop" = Mendeley Desktop 1.3.2
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 12.0 (x86 tr)" = Mozilla Firefox 12.0 (x86 tr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"NxSXFadeControlForWinamp" = NxS XFade control v0.7
"OpenAL" = OpenAL
"PDFTools_is1" = PDFTools Version 1.3 (08/26/2007)
"Power Tab Editor 1.7" = Power Tab Editor 1.7
"PROHYBRIDR" = 2007 Microsoft Office system
"Reason4_is1" = Reason 4.0
"ReCycle v2.1" = ReCycle v2.1
"ReValver Mk IIIdotV_is1" = ReValver Mk IIIdotV
"STDU Viewer_is1" = STDU Viewer version 1.5.528.0
"Steinberg WaveLab 5.01b" = Steinberg WaveLab 5.01b
"Totalcmd" = Total Commander (Remove or Repair)
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Waves Diamond Bundle v5.0" = Waves Diamond Bundle v5.0
"Waves Transform Bundle v5.0" = Waves Transform Bundle v5.0
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3605547617-246566502-3984818246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 08.07.2012 18:21:40 | Computer Name = VAIOME | Source = VSS | ID = 12289
Description =

Error - 08.07.2012 18:56:41 | Computer Name = VAIOME | Source = VSS | ID = 12289
Description =

Error - 08.07.2012 19:14:38 | Computer Name = VAIOME | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 08.07.2012 19:35:52 | Computer Name = VAIOME | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 08.07.2012 20:30:07 | Computer Name = VAIOME | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 12.0.0.4493 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 69c Start
Time: 01cd5d65fd829194 Termination Time: 17 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id:

Error - 08.07.2012 20:32:51 | Computer Name = VAIOME | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version:
11.3.300.262, time stamp: 0x4fe20fae Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x04752ce0 Faulting
process id: 0x1164 Faulting application start time: 0x01cd5d6a1e300770 Faulting application
path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe Faulting
module path: unknown Report Id: 9d7c9ad7-c95d-11e1-b27d-0024be66657b

Error - 08.07.2012 20:57:48 | Computer Name = VAIOME | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version:
11.3.300.262, time stamp: 0x4fe20fae Faulting module name: NPSWF32_11_3_300_262.dll,
version: 11.3.300.262, time stamp: 0x4fe21212 Exception code: 0xc0000005 Fault offset:
0x0066d2ff Faulting process id: 0x53c Faulting application start time: 0x01cd5d6aade8e587
Faulting
application path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Faulting
module path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll Report
Id: 1951ad59-c961-11e1-b27d-0024be66657b

Error - 09.07.2012 00:50:04 | Computer Name = VAIOME | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 09.07.2012 13:09:10 | Computer Name = VAIOME | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 09.07.2012 14:10:33 | Computer Name = VAIOME | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

[ OSession Events ]
Error - 13.03.2011 15:01:21 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 07.04.2011 17:51:33 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01.05.2011 16:29:55 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11.05.2011 04:50:06 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.05.2011 18:24:02 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.12.2011 23:56:20 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.12.2011 23:57:39 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 17.12.2011 13:57:49 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 17.12.2011 16:27:16 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.12.2011 14:57:00 | Computer Name = VAIOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 09.07.2012 14:07:53 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 09.07.2012 14:07:53 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 09.07.2012 14:09:35 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 09.07.2012 14:09:36 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 09.07.2012 14:10:07 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Intel(R)
Rapid Storage Technology service to connect.

Error - 09.07.2012 14:10:07 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7000
Description = The Intel(R) Rapid Storage Technology service failed to start due
to the following error: %%1053

Error - 09.07.2012 14:10:15 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the VSNService service.

Error - 09.07.2012 14:10:43 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 09.07.2012 14:11:01 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 09.07.2012 14:11:01 | Computer Name = VAIOME | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891


< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
[2012.01.04 20:17:04 | 000,002,333 | ---- | M] () -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\searchplugins\askcom.xml
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

============================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


3. Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


4. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Broni said:
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
[2012.01.04 20:17:04 | 000,002,333 | ---- | M] () -- C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\searchplugins\askcom.xml
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
Click to expand...


OTL killed some processes.. but reboot was abnormal
It gave blue screen for a while. Only part I could read on the screen was "dumping physical memory" then reboot. In the next Windows- start there was no log file created. I searched for a log file in the folder where OTL is located. Another thing, a folder named _OTL was created including folder MovedFiles a plugin "askcom" was sitting there.

I hesitate to repeat this step , blue screened reboot was really scaring.. would you agree with skipping this step and go through remaining steps?
 
OTL Fix result:

All processes killed
========== OTL ==========
Error: No service named esgiguard was found to stop!
Service\Driver key esgiguard not found.
File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys not found.
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
File C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\9lvqdlxw.default\searchplugins\askcom.xml not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: SONY
->Temp folder emptied: 17038140 bytes
->Temporary Internet Files folder emptied: 42539990 bytes
->Java cache emptied: 20603370 bytes
->FireFox cache emptied: 150734580 bytes
->Google Chrome cache emptied: 52308963 bytes
->Flash cache emptied: 69576 bytes

User: yasemin
->Temp folder emptied: 1678325 bytes
->Temporary Internet Files folder emptied: 229067454 bytes
->Java cache emptied: 7795423 bytes
->Google Chrome cache emptied: 271636598 bytes
->Flash cache emptied: 45693 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1713828 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 979426 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 304946 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 760,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: AppData

User: Default

User: Default User

User: Public

User: SONY
->Java cache emptied: 0 bytes

User: yasemin
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: SONY
->Flash cache emptied: 0 bytes

User: yasemin
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.53.1 log created on 07122012_084639

Files\Folders moved on Reboot...
C:\Users\SONY\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\SONY\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...
 
Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
avast! Internet Security
Human Physiology ESP
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
JavaFX 2.1.1
Java(TM) 6 Update 33
Java(TM) 7 Update 5
Out of date Java installed!
Adobe Flash Player11.3.300.262
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````
 
You must log in or register to reply here.

Similar threads

Z
New Android trojan malware can completely take over phones, steal data, record and track...
Replies
5
Views
925
Markoni35
M
Scorpus
  • Locked
AMD talks next-gen Zen 4 CPUs, Ryzen 7000, Socket AM5, and more
2 3 4
Replies
78
Views
31K
Strawman
S
Scorpus
Very Expensive: First reactions on Nvidia's RTX 4090, RTX 4080, DLSS 3 and more
2 3
Replies
58
Views
4K
Avro Arrow
Avro Arrow

Latest posts

Back