Et maintenan les 2 autre:
log.txt:
Logfile of random's system information tool 1.05 (written by random/random)
Run by sky at 2009-01-16 18:03:55
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 2 GB (2%) free of 122 GB
Total RAM: 3069 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:04:19, on 16/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
c:\program files\premieropinion\pmropn.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HDD Health\hddhealth.exe
C:\Users\sky\AppData\Roaming\Google\wincone.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\sky\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\sky.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 67.69.254.243:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: TBSB05288 - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O2 - BHO: adsoftinc browser enhancer - {6BB9ECAB-17C2-7FB6-0055-2002BD63BA8C} - C:\Windows\system32\ugmoqnchtjx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [gsqzqgnfaf] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\ugmoqnchtjx.dll"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl
O4 - HKCU\..\Run: [winsvcon] "C:\Users\sky\AppData\Roaming\Google\wincone.exe" 2
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: p2pmax.lnk = C:\Program Files\p2pmax\p2pmax.exe
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web Korumasi Istatistikleri - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PremierOpinion - VoiceFive Networks, Inc. - C:\Program Files\PremierOpinion\pmservice.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
--
End of file - 13376 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
TBSB05288 Class - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6BB9ECAB-17C2-7FB6-0055-2002BD63BA8C}]
adsoftinc browser enhancer - C:\Windows\system32\ugmoqnchtjx.dll [2008-12-16 386560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-06 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-06 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-05 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll []
{10000000-1000-1000-1000-100000000000} - ECO Bar - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-17 1033512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-04-16 442433]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-06 136600]
"TerraTec Remote Control"=C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe [2006-08-25 1028096]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"gsqzqgnfaf"=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2008-12-10 1230728]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-10-25 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"HDDHealth"=C:\Program Files\HDD Health\hddhealth.exe [2008-06-15 1692672]
"AdobeBridge"= []
"winsvcon"=C:\Users\sky\AppData\Roaming\Google\wincone.exe [2008-12-22 128512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnumanLive]
C:\Users\sky\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [2007-09-28 347648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-07-07 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
p2pmax.lnk - C:\Program Files\p2pmax\p2pmax.exe
ppcb_32.lnk - C:\Program Files\ppcbooster\ppcb_32.exe
runit_32.lnk - C:\Program Files\runit\runit_32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-01-16 18:03:55 ----D---- C:\rsit
2009-01-16 17:56:39 ----A---- C:\tmp.txt
2009-01-16 17:47:50 ----A---- C:\Pass2.cmd
2009-01-16 17:46:30 ----A---- C:\Users\sky\AppData\Roaming\SetValue.bat
2009-01-16 17:46:30 ----A---- C:\Users\sky\AppData\Roaming\GetValue.vbs
2009-01-16 17:45:51 ----A---- C:\Windows\system32\VACFix.exe
2009-01-16 17:45:51 ----A---- C:\Windows\system32\o4Patch.exe
2009-01-16 17:45:51 ----A---- C:\Windows\system32\IEDFix.exe
2009-01-16 17:45:51 ----A---- C:\Windows\system32\IEDFix.C.exe
2009-01-16 17:45:51 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
2009-01-16 17:45:51 ----A---- C:\Windows\system32\404Fix.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\WS2Fix.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\VCCLSID.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\swxcacls.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\swsc.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\swreg.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\SrchSTS.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\Process.exe
2009-01-16 17:45:50 ----A---- C:\Windows\system32\dumphive.exe
2009-01-11 10:29:05 ----A---- C:\rapport.txt
2009-01-10 14:48:45 ----A---- C:\TB.txt
2009-01-10 14:47:43 ----D---- C:\ToolBar SD
2009-01-09 21:15:00 ----D---- C:\Program Files\Trend Micro
2009-01-09 18:39:18 ----D---- C:\Program Files\BoontyGames
2009-01-09 18:32:00 ----D---- C:\ProgramData\BOONTY
2009-01-09 18:31:55 ----D---- C:\Program Files\Common Files\BOONTY Shared
2009-01-09 18:31:46 ----D---- C:\Program Files\1% Indiriliyor
2009-01-09 18:31:01 ----D---- C:\Boonty
2009-01-09 17:31:16 ----D---- C:\Program Files\Audio Data Music CD Burner
2009-01-06 20:24:05 ----D---- C:\PVSW
2009-01-06 20:23:55 ----HD---- C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
2009-01-06 20:23:44 ----A---- C:\Windows\system32\cdintf300.dll
2009-01-06 20:23:43 ----D---- C:\ProgramData\EBP
2009-01-06 20:22:16 ----D---- C:\Program Files\Common Files\EBP
2009-01-06 20:22:14 ----D---- C:\Program Files\EBP
2009-01-06 20:21:56 ----HD---- C:\ProgramData\{D2C2A6F4-499E-4C97-BBB7-1F91CA87F749}
2009-01-02 13:04:44 ----D---- C:\Program Files\AviSynth 2.5
2009-01-02 13:04:41 ----D---- C:\Program Files\Red Kawa
2009-01-02 13:04:00 ----D---- C:\OpenCandy
2009-01-02 09:19:34 ----D---- C:\Program Files\Zeallsoft
2009-01-01 17:59:48 ----D---- C:\ProgramData\DVD Shrink
2009-01-01 17:59:47 ----D---- C:\Program Files\DVD Shrink
2008-12-30 02:25:43 ----A---- C:\Windows\system32\GEARAspi.dll
2008-12-30 02:24:28 ----D---- C:\Program Files\iPod
2008-12-30 02:24:25 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-30 02:24:25 ----D---- C:\Program Files\iTunes
2008-12-30 01:52:00 ----D---- C:\Program Files\Bonjour
2008-12-30 01:50:04 ----D---- C:\ProgramData\Apple Computer
2008-12-30 01:48:58 ----D---- C:\Program Files\Apple Software Update
2008-12-30 01:47:23 ----D---- C:\Program Files\Common Files\Apple
2008-12-30 01:47:22 ----D---- C:\ProgramData\Apple
2008-12-28 00:25:40 ----A---- C:\Windows\system32\DBCLIENT.DLL
2008-12-28 00:25:37 ----D---- C:\Program Files\Common Files\Borland Shared
2008-12-28 00:18:23 ----D---- C:\Program Files\micro application
2008-12-22 21:34:42 ----D---- C:\ProgramData\TEMP
2008-12-22 21:34:02 ----A---- C:\Windows\system32\ztvunrar36.dll
2008-12-22 21:34:02 ----A---- C:\Windows\system32\ztvunace26.dll
2008-12-22 21:34:02 ----A---- C:\Windows\system32\ztvcabinet.dll
2008-12-22 21:34:02 ----A---- C:\Windows\system32\UNRAR3.dll
2008-12-22 21:34:02 ----A---- C:\Windows\system32\unacev2.dll
2008-12-22 21:34:00 ----D---- C:\Users\sky\AppData\Roaming\Simply Super Software
2008-12-22 21:34:00 ----D---- C:\ProgramData\Simply Super Software
2008-12-22 21:34:00 ----D---- C:\Program Files\Trojan Remover
2008-12-20 11:46:55 ----A---- C:\Windows\pn8.exe
2008-12-20 11:46:52 ----D---- C:\Program Files\runit
2008-12-20 11:46:51 ----A---- C:\Windows\hw5305.exe
2008-12-20 11:46:49 ----D---- C:\Program Files\IEToolbar
2008-12-20 11:46:47 ----A---- C:\Windows\ykgee3362.exe
2008-12-20 11:46:44 ----D---- C:\Program Files\ppcbooster
2008-12-20 11:46:44 ----A---- C:\Windows\gncyq5.exe
2008-12-20 11:44:46 ----D---- C:\Program Files\p2pmax
2008-12-20 11:44:45 ----A---- C:\Windows\c20232.exe
2008-12-20 11:44:03 ----A---- C:\Windows\system32\cont_adsoftinc-remove.exe
2008-12-20 11:43:51 ----A---- C:\Windows\system32\xqdpraytlupvduba.exe
2008-12-20 11:43:48 ----A---- C:\Windows\nohh06760.exe
2008-12-20 11:43:42 ----A---- C:\kdiue732.txt
2008-12-18 16:23:24 ----A---- C:\Windows\system32\mshtml.dll
2008-12-17 18:55:15 ----D---- C:\ProgramData\WindowsSearch
======List of files/folders modified in the last 1 months======
2009-01-16 18:04:05 ----D---- C:\Windows\Temp
2009-01-16 18:02:20 ----D---- C:\Windows\System32
2009-01-16 18:02:20 ----D---- C:\Windows\inf
2009-01-16 18:02:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-16 17:58:39 ----D---- C:\Windows
2009-01-16 17:58:31 ----D---- C:\ProgramData\Kaspersky Lab
2009-01-16 17:57:51 ----D---- C:\Users\sky\AppData\Roaming\Google
2009-01-16 17:56:33 ----D---- C:\Program Files\Google
2009-01-16 17:49:07 ----SD---- C:\Windows\Downloaded Program Files
2009-01-15 12:22:30 ----D---- C:\Windows\winsxs
2009-01-15 12:12:51 ----D---- C:\Windows\system32\catroot
2009-01-15 12:12:46 ----D---- C:\Program Files\Windows Mail
2009-01-15 12:12:30 ----D---- C:\Windows\system32\drivers
2009-01-15 12:06:52 ----SHD---- C:\System Volume Information
2009-01-14 20:52:40 ----D---- C:\Users\sky\AppData\Roaming\temp
2009-01-11 20:30:21 ----D---- C:\Windows\Prefetch
2009-01-10 15:06:19 ----D---- C:\Windows\system32\Tasks
2009-01-10 02:35:28 ----A---- C:\Windows\system32\mrt.exe
2009-01-09 21:15:00 ----RD---- C:\Program Files
2009-01-09 20:59:34 ----D---- C:\Windows\system32\catroot2
2009-01-09 18:32:00 ----HD---- C:\ProgramData
2009-01-09 18:31:55 ----D---- C:\Program Files\Common Files
2009-01-06 20:24:23 ----SHD---- C:\Windows\Installer
2008-12-30 02:25:43 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-30 01:51:29 ----D---- C:\Program Files\Internet Explorer
2008-12-30 01:51:28 ----D---- C:\Program Files\QuickTime
2008-12-22 13:00:24 ----D---- C:\Users\sky\AppData\Roaming\Download Manager
2008-12-22 13:00:24 ----D---- C:\Users\sky\AppData\Roaming\DigitalPersona
2008-12-22 13:00:24 ----D---- C:\Users\sky\AppData\Roaming\CyberLink
2008-12-22 13:00:23 ----D---- C:\Users\sky\AppData\Roaming\codeblocks
2008-12-22 13:00:23 ----D---- C:\Users\sky\AppData\Roaming\Canneverbe_Limited
2008-12-22 13:00:23 ----D---- C:\Users\sky\AppData\Roaming\Anuman Interactive
2008-12-22 13:00:23 ----D---- C:\Users\sky\AppData\Roaming\Adobe
2008-12-20 19:32:45 ----D---- C:\ProgramData\FLEXnet
2008-12-20 13:35:52 ----D---- C:\Users\sky\AppData\Roaming\LimeWire
2008-12-20 11:44:03 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-09-26 112144]
R1 KLIF;KLIF; C:\Windows\system32\DRIVERS\klif.sys [2008-09-03 127768]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2007-04-04 20760]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-07-07 56108]
R1 WINIO;WINIO; \??\C:\Program Files\IRAI\AUTOMGEN8\winio.sys [2002-03-01 4944]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 BthEnum;Bluetooth Numaralandirici Hizmeti; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
R3 BthPan;Bluetooth Aygiti (Kisisel Alan Agi); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Bluetooth Radyo USB Sürücüsü; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 CmBatt;Microsoft ACPI Denetim Yöntemi Pil Sürücüsü; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;High Definition Audio Hizmeti için Microsoft 1.1 UAA Islev Sürücüsü; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 RFCOMM;Bluetooth Aygiti (RFCOMM Protokolü TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-04-16 379904]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-17 196784]
R3 usbvideo;USB Video Aygiti (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Bluetooth Baglanti Noktasi Sürücüsü; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 Dot4;MS IEEE-1284.4 Sürücüsü; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;IEEE-1284.4 için Yazdirma Sinifi Sürücü; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Çekirdek DRM Ses Çözücüsü; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Akis Hizmet Proxy'si; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Akis Saat Proxy'si; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Akis Kalite Yöneticisi Proxy'si; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Akis T/Alicidan-Aliciya Dönüstürücü; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\Windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 USB28xxBGA;Cinergy EM28xx Capture; C:\Windows\system32\DRIVERS\emBDA.sys [2006-08-17 292096]
S3 USB28xxOEM;Cinergy EM28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2006-08-17 27776]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbscan;USB Tarayici Sürücüsü; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 hpqddsvc;HP CUE AygitBulma Hizmeti; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-12-15 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-12-15 107832]
R2 PremierOpinion;PremierOpinion; C:\Program Files\PremierOpinion\pmservice.exe [2008-04-24 45056]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe [2008-04-16 221239]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2009-01-09 69120]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-15 655624]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-19 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Paylasim Klasörleri USN Günlük Okuyucu hizmeti; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784]
-----------------EOF-----------------
et info.txt:
info.txt logfile of random's system information tool 1.05 2009-01-16 18:04:43
======Uninstall list======
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041F-0000-0000000FF1CE} /uninstall {E599AFDF-22E9-4146-82B5-F6515FB1E3D8}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041F-0000-0000000FF1CE} /uninstall {E599AFDF-22E9-4146-82B5-F6515FB1E3D8}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041F-0000-0000000FF1CE} /uninstall {E599AFDF-22E9-4146-82B5-F6515FB1E3D8}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041F-0000-0000000FF1CE} /uninstall {E0E4AC2D-2A1F-438E-A523-682A6E2252A8}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041F-0000-0000000FF1CE} /uninstall {DD4BF53E-2D96-4352-887A-624D13837D5E}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041F-0000-0000000FF1CE} /uninstall {E599AFDF-22E9-4146-82B5-F6515FB1E3D8}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Agere Systems HDA Modem-->agrsmdel
AMD Driver Support for HP 3D DriverGuard-->MsiExec.exe /X{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}
AOL Araç Çubugu 5.0-->"C:\Program Files\AOL\AOL Araç Çubugu 5.0\uninstall.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x001f
Audio Data Music CD Burner 1.40-->"C:\Program Files\Audio Data Music CD Burner\unins000.exe"
AUTOMGEN V8.011 (c)IRAI-->C:\Program Files\IRAI\AUTOMGEN8\iraisetup.exe /uninstall=5,C:\Program Files\IRAI\AUTOMGEN8
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Catalyst Control Center - Branding-->MsiExec.exe /I{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CEDP Stealer 6.0 for Messenger-->C:\Program Files\CEDP Stealer 6.0 for Messenger\uninstall.exe
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Contextual Platform Adsoftinc-->C:\Windows\system32\cont_adsoftinc-remove.exe
CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Delta Force: Xtreme-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{961C4925-5B53-4127-969D-1CACF2426C05}\setup.exe" -l0x9
DigitalPersona Personal 3.0.1-->MsiExec.exe /I{AE72E414-0935-4AC8-B7D6-12E3039BEC13}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EBP Btrieve 8.6-->"C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}\EBP_Btrieve8.6_SETUP.exe" REMOVE=TRUE MODIFY=FALSE
EBP Btrieve 8.6-->C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}\EBP_Btrieve8.6_SETUP.exe
EBP Paye 13.1-->"C:\ProgramData\{D2C2A6F4-499E-4C97-BBB7-1F91CA87F749}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Paye 13.1-->C:\ProgramData\{D2C2A6F4-499E-4C97-BBB7-1F91CA87F749}\setup.exe
ECO Bar-->regsvr32 /u /s "C:\Program Files\IEToolbar\ECO Bar\ecobar.dll"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Europa Universalis - Rome-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7FD14A8A-FBCC-4442-ACAC-A0E9EC223AED}\setup.exe" -l0x40c
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
First Class Flurry fr-->"C:\Program Files\BoontyGames\First Class Flurry\unins000.exe"
Fun Morph 3.0-->"C:\Program Files\Zeallsoft\Fun Morph\unins000.exe"
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Graffiti Studio 2.0-->"C:\Program Files\Graffiti Studio 2.0\unins000.exe"
HDD Health v3.3 Beta-->"C:\Program Files\HDD Health\unins000.exe"
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{28C3E5E6-5ACA-408D-9A46-089C5334EC97}
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Integrated Module with Bluetooth wireless technology 6.0.1.6200-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files\HP\Digital Imaging\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x001f uninst
HP QuickPlay 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 D2-->MsiExec.exe /I{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0102-->MsiExec.exe /I{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}
HP Wireless Assistant-->MsiExec.exe /I{A5CE7175-080D-49AC-B5A3-E7E3502428F5}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x1f -remove -removeonly
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" -l0x9 -removeonly
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
K-Lite Codec Pack 4.3.1 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
LFP MANAGER 08-->C:\Program Files\EA SPORTS\LFP MANAGER 08\eauninstall.exe
LFP MANAGER 09-->C:\Program Files\EA SPORTS\LFP MANAGER 09\eauninstall.exe
LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
MathPlayer-->C:\Program Files\Design Science\MathPlayer\Setup.exe -u
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Excel MUI (Turkish) 2007-->MsiExec.exe /X{90120000-0016-041F-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Turkish) 2007-->MsiExec.exe /X{90120000-00A1-041F-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Turkish) 2007-->MsiExec.exe /X{90120000-0018-041F-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Turkish) 2007-->MsiExec.exe /X{90120000-001F-041F-0000-0000000FF1CE}
Microsoft Office Proofing (Turkish) 2007-->MsiExec.exe /X{90120000-002C-041F-0000-0000000FF1CE}
Microsoft Office Shared MUI (Turkish) 2007-->MsiExec.exe /X{90120000-006E-041F-0000-0000000FF1CE}
Microsoft Office Word MUI (Turkish) 2007-->MsiExec.exe /X{90120000-001B-041F-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{685B9AFA-1A5B-48FF-A02E-AA6C0029B2FF}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
P2P Max-->"C:\Program Files\p2pmax\p2pmaxu.exe"
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PPC Booster-->"C:\Program Files\ppcbooster\ppcbu_32.exe"
PremierOpinion-->c:\program files\premieropinion\pmropn.exe -bootremove -uninst:PremierOpinion
ProtectSmart Hard Drive Protection-->MsiExec.exe /X{39A7C8F1-E4FE-4A7B-89C3-913F9477C137}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x001f -removeonly
RON Tool Adsoftinc-->C:\Windows\system32\xqdpraytlupvduba.exe
Run It-->"C:\Program Files\runit\runitu_32.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Téléchargeur de Commandos 3 fr-->"C:\Program Files\1% Indiriliyor\unins000.exe"
TerraTec Home Cinema-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0x40c
Trojan Remover 6.7.5-->"C:\Program Files\Trojan Remover\unins000.exe"
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
US Trucks Road Simulator -->C:\Program Files\US Trucks Road Simulator\uninst.exe
Validity Sensors software-->MsiExec.exe /X{567E8236-C414-4888-8211-3D61608D57AE}
VDownloader 0.74-->"C:\Program Files\VDOWNLOADER\unins000.exe"
Videora iPod Converter 4.04-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe
WampServer 2.0-->"c:\wamp\unins000.exe"
Web Boutique 4.0-->"C:\Program Files\micro application\web boutique 4\unins000.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger-->MsiExec.exe /I{CB7D9F91-E82E-450C-B884-3DB9A7099C73}
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
YouTube Downloader App 1.01-->C:\Program Files\Red Kawa\Downloader App\uninstaller.exe
======Security center information======
AV: Kaspersky Anti-Virus
AS: Windows Defender
AS: Kaspersky Anti-Virus
System event log
Computer Name: sky-PC
Event Code: 7036
Message: WinHTTP Web Proxy Otomatik Bulma Hizmeti hizmeti Çalisiyor durumuna girdi.
Record Number: 336777
Source Name: Service Control Manager
Time Written: 20090116170351.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 3
Message: Hizmet baslatildi.
Record Number: 336778
Source Name: Virtual Disk Service
Time Written: 20090116170427.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 7036
Message: Sanal Disk hizmeti Çalisiyor durumuna girdi.
Record Number: 336779
Source Name: Service Control Manager
Time Written: 20090116170427.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 4
Message: Service durduruldu.
Record Number: 336780
Source Name: Virtual Disk Service
Time Written: 20090116170431.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 7036
Message: Sanal Disk hizmeti durduruldu durumuna girdi.
Record Number: 336781
Source Name: Service Control Manager
Time Written: 20090116170432.000000-000
Event Type: Bilgi
User:
Application event log
Computer Name: sky-PC
Event Code: 0
Message: Hizmet basariyla baslatildi.
Record Number: 22914
Source Name: HP Health Check Service
Time Written: 20090116170104.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 1001
Message: WmiApRpl (WmiApRpl) hizmeti için performans sayaçlari basariyla kaldirildi. Kayit Verisi sistem Last Counter ve Last Help kayit defteri girdilerinin yeni degerlerini içerir.
Record Number: 22915
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090116170219.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 1000
Message: WmiApRpl (WmiApRpl) hizmeti için performans sayaçlari basariyla yüklendi. Veri bölümündeki Kayit Verisi bu hizmete atanan yeni dizin degerlerini içerir.
Record Number: 22916
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090116170220.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 1
Message: Windows Güvenlik Merkezi Hizmeti baslatildi.
Record Number: 22917
Source Name: SecurityCenter
Time Written: 20090116170223.000000-000
Event Type: Bilgi
User:
Computer Name: sky-PC
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 22918
Source Name: LightScribeService
Time Written: 20090116170441.000000-000
Event Type: Bilgi
User:
Security event log
Computer Name: sky-PC
Event Code: 4648
Message: Açik kimlik bilgileri kullanilarak oturum açilmaya çalisildi.
Konu:
Güvenlik Kimligi: S-1-5-18
Hesap Adi: SKY-PC$
Hesap Etki Alani: WORKGROUP
Oturum Açma Kimligi: 0x3e7
Oturum Açma GUID'si: {00000000-0000-0000-0000-000000000000}
Kimlik Bilgileri Kullanilan Hesap:
Hesap Adi: SYSTEM
Hesap Etki Alani: NT AUTHORITY
Oturum Açma GUID'si: {00000000-0000-0000-0000-000000000000}
Hedef Sunucu:
Hedef Sunucu Adi: localhost
Ek Bilgi: localhost
Islem Bilgileri:
Islem Kimligi: 0x2e4
Islem Adi: C:\Windows\System32\services.exe
Ag Bilgileri:
Ag Adresi: -
Baglanti Noktasi: -
Bu olay, bir islem açikça bir hesabin kimlik bilgilerini belirterek hesapta oturum açmayi denediginde olusturulur. Bu genellikle zamanlanan görevler gibi toplu islem türü yapilandirmalarda veya RUNAS komutu kullanildiginda olusur.
Record Number: 205286
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090107212941.317977-000
Event Type: Basari Denetle
User:
Computer Name: sky-PC
Event Code: 4624
Message: Bir hesapta basariyla oturum açildi.
Konu:
Güvenlik Kimligi: S-1-5-18
Hesap Adi: SKY-PC$
Hesap Etki Alani: WORKGROUP
Oturum Açma Kimligi: 0x3e7
Oturum Türü: 5
Yeni Oturum:
Güvenlik Kimligi: S-1-5-18
<br
Blog sans pub
