DH Anasayfa
İndirim Kodu
Ara
Popüler
Foruma Git
Hakkımızda
Destek
Mobil Sürüm
Standart Site Görünümü
Bu Konuda
  • Tüm Forumlar
  • İşletim Sistemleri ve Yazılımlar
  • Yazılım Genel
  • Güvenlik Programları
  • Bu Konuda
Arama butonu
Bağlan:
Facebook
Google+
Twitter
Aşağı Git Tüm Forumlar İşletim Sistemleri ve Yazılımlar Yazılım Genel Güvenlik Programları HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+
Bu konudaki kullanıcılar: 2 misafir
9876
Cevap 1234494
Tıklama 0
Öne Çıkarma
Cevap: HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (454. sayfa)
Cevap Yaz
Konuya Özel
M
maketm
14 yıl
Er

arkadaslar benim pc deki sorun
bilgisayar her açilip kapatildiginda internet explorer ve bilgisayarin geçmisi otomatik olarak silinmesi
ve bilgisayarda programlarda çalisirken belirgin bir yavaslama ( programin içinde veya masa üstünde fare bosta dururken fare imlecinin yanina kum saatli imleci bir kaç saniyeligine gelip gidiyor ) 





 
  Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 08:13:34, on 08.12.2009 
  Platform: Windows 2003 SP2 (WinNT 5.02.3790) 
  MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
  Boot mode: Normal 
   
  Running processes: 
  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 
  C:\Program Files (x86)\Java\jre6\bin\jqs.exe 
  C:\Program Files (x86)\PDF Complete\pdfsvc.exe 
  C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe 
  C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe 
  C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\uglmd.exe 
  C:\WINDOWS\RTHDCPL.EXE 
  C:\Program Files\Messenger\msmsgs.exe 
  C:\WINDOWS\SysWOW64\ctfmon.exe 
  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 
  C:\Program Files (x86)\PDF Complete\pdfsty.exe 
  C:\Program Files (x86)\Winamp\winampa.exe 
  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 
  C:\Program Files (x86)\Java\jre6\bin\jusched.exe 
  C:\WINDOWS\system32\XP-D41D8CD9.EXE 
  C:\Program Files (x86)\Internet Explorer\iexplore.exe 
  C:\Program Files (x86)\Internet Explorer\iexplore.exe 
  C:\Program Files (x86)\Internet Explorer\iexplore.exe 
  C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe 
   
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.hp.com 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  O2 - BHO: Adobe PDF Reader Bagi Yardimi - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) 
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll 
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe" 
  O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" 
  O4 - HKLM\..\Run: [XP-D41D8CD9] C:\WINDOWS\SysWow64\XP-D41D8CD9.EXE 
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background 
  O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') 
  O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe 
  O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-D41D8CD9.EXE 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O15 - ESC Trusted Zone:http://runonce.msn.com 
  O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) -http://80.237.209.20/objects/NpFv501.dll 
  O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) 
  O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 
  O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) 
  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 
  O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) 
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 
  O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing) 
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe 
  O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing) 
  O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) 
  O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) 
  O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe 
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing) 
  O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe 
  O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) 
  O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) 
  O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) 
  O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing) 
  O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) 
  O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe 
  O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe 
  O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) 
  O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing) 
  O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) 
   
  -- 
  End of file - 7588 bytes


< Resime gitmek için tıklayın >





< Bu mesaj bu kişi tarafından değiştirildi maketm -- 8 Aralık 2009; 10:30:31 >

S
sato_re
14 yıl
Er

combo fix raporu 
ComboFix 09-11-09.01 - savaş 07.12.2009 9:39.6.2 - NTFSx86  
  Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.446.175 [GMT 2:00]  
  Running from: c:\documents and settings\savaş\Desktop\ComboFix.exe  
  AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}  
   
  WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!  
  .  
  - REDUCED FUNCTIONALITY MODE -  
  .  
   
  ((((((((((((((((((((((((( Files Created from 2009-11-07 to 2009-12-07 )))))))))))))))))))))))))))))))  
  .  
   
  2009-12-06 13:47 . 2009-12-06 13:48 -------- d-----w- c:\program files\mIRC  
  2009-12-04 18:41 . 2009-12-04 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!  
  2009-12-04 17:26 . 2009-12-04 18:44 -------- d-----w- c:\program files\Messenger Plus! Live  
  2009-12-04 14:06 . 2009-12-04 14:10 -------- d-----w- c:\program files\mp3DirectCut  
  2009-11-25 15:38 . 2009-11-25 15:38 -------- d-----w- c:\program files\Shuangs WAV to MP3 Converter  
  2009-11-25 15:34 . 2009-11-25 15:34 295424 ----a-w- c:\windows\system32\bwmedia1.dll  
  2009-11-25 15:34 . 2009-11-25 15:34 150016 ----a-w- c:\windows\system32\bwmedia.dll  
  2009-11-25 15:34 . 2009-11-25 15:34 -------- d-----w- c:\program files\MP3 Wave Converter  
  2009-11-23 14:14 . 2009-12-07 07:17 -------- d-----w- c:\program files\LimeWire  
  2009-11-23 13:53 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll  
  2009-11-18 22:29 . 2009-11-18 23:14 -------- d-----w- c:\program files\GCH Guitar academy  
  2009-11-11 23:26 . 2009-11-11 23:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp  
  2009-11-10 15:28 . 2009-11-10 15:28 -------- d-----w- c:\program files\Dracula Virüs Temizleyici 3.5  
  2009-11-10 13:25 . 2009-11-10 13:25 -------- d-----w- c:\windows\system32\URTTEMP  
  2009-11-10 13:15 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll  
  2009-11-07 21:41 . 2009-11-07 21:41 -------- d-----w- c:\program files\iMesh Applications  
   
  .  
  (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))  
  .  
  2009-12-06 13:47 . 2009-07-04 18:38 -------- d-----w- c:\program files\mIRCTR Script v6.35  
  2009-12-06 08:44 . 2009-09-14 15:53 -------- d-----w- c:\program files\Windows Live Safety Center  
  2009-12-04 13:49 . 2009-12-03 22:53 -------- d-----w- c:\program files\AnMing  
  2009-11-28 21:08 . 2009-06-09 19:16 41 ----a-w- c:\windows\popcinfo.dat  
  2009-11-25 15:31 . 2009-07-25 13:36 -------- d-----w- c:\program files\MP3Gain  
  2009-11-23 14:01 . 2009-02-17 19:58 411368 ----a-w- c:\windows\system32\deploytk.dll  
  2009-11-12 07:59 . 2006-03-02 12:00 89192 ----a-w- c:\windows\system32\perfc01F.dat  
  2009-11-12 07:59 . 2006-03-02 12:00 444072 ----a-w- c:\windows\system32\perfh01F.dat  
  2009-11-10 13:43 . 2009-02-17 17:05 -------- d--h--w- c:\program files\InstallShield Installation Information  
  2009-11-05 15:05 . 2009-11-05 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS  
  2009-11-05 15:02 . 2009-11-05 15:02 -------- d-----w- c:\program files\NOS  
  2009-11-05 12:43 . 2009-11-01 12:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS(2)  
  2009-11-05 12:40 . 2009-11-02 13:45 -------- d-----w- c:\program files\RealDrawPRO4  
  2009-11-05 12:23 . 2009-11-05 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan  
  2009-11-02 22:21 . 2009-09-16 16:22 -------- d-----w- c:\program files\Common Files\Adobe AIR  
  2009-10-31 15:06 . 2009-10-31 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee  
  2009-10-29 18:13 . 2009-10-29 18:13 684 ----a-w- C:\avexport.bat  
  2009-10-28 08:54 . 2009-02-17 21:02 -------- d-----w- c:\program files\Windows Live  
  2009-10-28 08:53 . 2009-09-14 14:17 -------- d-----w- c:\program files\Microsoft Silverlight  
  2009-10-26 20:54 . 2009-10-26 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware  
  2009-10-26 20:53 . 2009-10-26 20:53 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe  
  2009-10-26 20:52 . 2009-10-26 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes  
  2009-10-23 06:53 . 2009-10-23 06:53 -------- d-----w- c:\program files\Trend Micro  
  2009-10-22 21:23 . 2009-10-18 06:05 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8ls  
  2009-10-22 21:22 . 2009-02-17 19:42 -------- d-----w- c:\program files\Google  
  2009-10-22 06:50 . 2009-03-09 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater  
  2009-10-18 04:59 . 2009-02-17 19:56 -------- d-----w- c:\program files\Java  
  2009-10-08 10:03 . 2009-10-08 09:15 286720 ------w- c:\windows\Setup1.exe  
  2009-10-08 10:03 . 2009-10-08 09:15 73216 ----a-w- c:\windows\ST6UNST.EXE  
  2009-10-08 09:05 . 2009-10-08 09:05 -------- d-----w- c:\program files\Shenturk  
  2009-10-08 08:04 . 2009-10-06 12:49 -------- d-----w- c:\program files\GCH Guitar academy(2)  
  2009-10-08 08:04 . 2009-10-08 08:04 -------- d-----w- c:\program files\Webteh  
  2009-10-08 08:04 . 2009-10-06 13:27 -------- d-----w- c:\program files\BS_Player  
  2009-10-03 09:00 . 2009-10-03 09:00 2560 ----a-w- c:\windows\_MSRSTRT.EXE  
  2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS  
  2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS  
  2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS  
  2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS  
  2009-09-16 12:53 . 2009-09-16 07:37 8192 ----a-w- C:\mtwb.dat  
  2009-09-11 14:18 . 2009-09-11 14:18 136192 ----a-w- c:\windows\system32\SETA4.tmp  
  2009-09-11 14:18 . 2006-03-02 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll  
  2009-09-10 12:54 . 2009-10-26 20:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys  
  2009-09-10 12:53 . 2009-10-26 20:52 19160 ----a-w- c:\windows\system32\drivers\mbam.sys  
  .  
   
  ((((((((((((((((((((((((((((( SnapShot_2009-10-28_22.36.59 )))))))))))))))))))))))))))))))))))))))))  
  .  
  + 2009-12-07 07:16 . 2009-12-07 07:16 16384 c:\windows\temp\Perflib_Perfdata_61c.dat  
  + 2009-11-10 13:15 . 2005-12-05 16:07 61136 c:\windows\system32\xinput9_1_0.dll  
  + 2009-11-10 13:16 . 2007-04-04 16:53 81768 c:\windows\system32\xinput1_3.dll  
  + 2009-11-10 13:15 . 2006-07-28 07:30 62744 c:\windows\system32\xinput1_2.dll  
  + 2009-11-10 13:15 . 2006-03-31 10:39 62672 c:\windows\system32\xinput1_1.dll  
  + 2009-11-10 13:16 . 2008-03-05 14:00 25608 c:\windows\system32\X3DAudio1_3.dll  
  + 2009-11-10 13:16 . 2007-10-22 01:37 17928 c:\windows\system32\X3DAudio1_2.dll  
  + 2009-11-10 13:15 . 2007-03-05 10:42 15128 c:\windows\system32\x3daudio1_1.dll  
  + 2009-11-10 13:15 . 2006-02-03 06:41 14032 c:\windows\system32\x3daudio1_0.dll  
  + 2003-02-21 03:16 . 2003-02-21 03:16 49152 c:\windows\system32\URTTEMP\regtlib.exe  
  - 2008-04-14 16:00 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe  
  + 2008-04-14 16:00 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe  
  - 2009-02-17 20:11 . 2008-07-08 13:22 17272 c:\windows\system32\spmsg.dll  
  + 2009-02-17 20:11 . 2009-05-26 11:43 17272 c:\windows\system32\spmsg.dll  
  + 2009-12-03 22:53 . 2006-12-21 13:47 81920 c:\windows\system32\qcpsdk.dll  
  + 2006-03-02 12:00 . 2009-11-12 07:59 77810 c:\windows\system32\perfc009.dat  
  + 2009-10-23 03:32 . 2009-10-23 03:32 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll  
  - 2009-03-23 10:30 . 2009-03-23 10:30 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll  
  - 2009-03-23 10:30 . 2009-03-23 10:30 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe  
  - 2009-03-23 10:30 . 2009-03-23 10:30 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe  
  - 2009-03-23 10:30 . 2009-03-23 10:30 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll  
  + 2009-11-13 14:22 . 2009-11-13 14:22 89101 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe  
  + 2009-05-30 14:18 . 2009-11-06 05:24 87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe  
  - 2009-04-28 10:23 . 2009-04-28 10:23 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll  
  + 2009-10-29 05:27 . 2009-10-29 05:27 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll  
  + 2009-10-29 04:55 . 2009-10-29 04:55 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll  
  + 2009-12-03 22:53 . 2006-12-24 05:36 73728 c:\windows\system32\a1.dll  
  + 2008-03-23 19:03 . 2008-03-23 19:03 46096 c:\windows\Microsoft.NET\Framework\v3.5\tr\MSBuild.resources.exe  
  + 2008-03-21 13:56 . 2008-03-21 13:56 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\DeleteTemp.exe  
  + 2008-03-23 18:58 . 2008-03-23 18:58 28302 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\baseline.dat  
  + 2007-10-15 12:16 . 2007-10-15 12:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\WsatConfig.resources.dll  
  + 2007-10-15 12:16 . 2007-10-15 12:16 10240 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\SMSvcHost.resources.dll  
  + 2007-10-15 12:16 . 2007-10-15 12:16 24576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ServiceModelReg.resources.dll  
  + 2007-10-15 12:16 . 2007-10-15 12:16 36864 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ComSvcConfig.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Services.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Mobile.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 16384 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Transactions.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.ServiceProcess.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Security.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Serialization.Formatters.Soap.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Remoting.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Messaging.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Management.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.EnterpriseServices.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.Protocols.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.data.sqlxml.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.Install.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\sysglobl.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 86016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\ShFusRes.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 20480 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Regasm.Resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\MSBuild.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.VisualBasic.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.JScript.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Utilities.Resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Engine.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\caspol.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regsql.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 76800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_rc.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\041F\mscorsecr.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 19968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\alinkui.dll  
  + 2004-07-15 00:11 . 2004-07-15 00:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll  
  + 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe  
  + 2004-07-15 12:28 . 2004-07-15 12:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll  
  + 2004-07-14 22:35 . 2004-07-14 22:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll  
  + 2003-02-21 05:26 . 2003-02-21 05:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll  
  + 2003-02-21 05:26 . 2003-02-21 05:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\PerfCounter.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsn.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\CORPerfMonExt.dll  
  + 2003-02-21 05:25 . 2003-02-21 05:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe  
  + 2004-07-15 12:28 . 2004-07-15 12:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll  
  + 2003-02-21 05:25 . 2003-02-21 05:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe  
  + 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe  
  + 2003-02-20 16:43 . 2003-02-20 16:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll  
  + 2003-02-20 17:18 . 2003-02-20 17:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll  
  + 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll  
  + 2004-07-14 22:33 . 2004-07-14 22:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll  
  + 2003-02-20 17:06 . 2003-02-20 17:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll  
  + 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll  
  + 2004-07-14 22:32 . 2004-07-14 22:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe  
  + 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe  
  + 2003-02-21 05:25 . 2003-02-21 05:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe  
  + 2003-02-21 05:24 . 2003-02-21 05:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll  
  + 2003-02-20 17:22 . 2003-02-20 17:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe  
  + 2004-07-15 12:31 . 2004-07-15 12:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll  
  + 2003-10-08 12:30 . 2003-10-08 12:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe  
  + 2003-02-21 02:12 . 2003-02-21 02:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe  
  + 2003-02-21 05:24 . 2003-02-21 05:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll  
  + 2004-07-15 09:23 . 2004-07-15 09:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe  
  + 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe  
  + 2003-02-21 05:24 . 2003-02-21 05:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe  
  + 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe  
  + 2004-07-14 23:49 . 2004-07-14 23:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe  
  + 2004-07-14 23:49 . 2004-07-14 23:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe  
  + 2003-02-20 17:19 . 2003-02-20 17:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll  
  + 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll  
  + 2003-02-21 03:00 . 2003-02-21 03:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll  
  + 2003-02-21 01:55 . 2003-02-21 01:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll  
  + 2003-02-21 00:59 . 2003-02-21 00:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll  
  + 2008-03-23 18:29 . 2008-03-23 18:29 51200 c:\windows\Installer\31afc9.msp  
  + 2008-03-23 18:32 . 2008-03-23 18:32 25088 c:\windows\Installer\31afc6.msp  
  + 2009-11-23 13:51 . 2009-11-23 13:51 81408 c:\windows\Installer\31afb3.msi  
  + 2009-10-31 08:47 . 2009-10-31 08:47 22528 c:\windows\Installer\1db54d.msi  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe  
  + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ARPPRODUCTICON.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe  
  + 2009-11-13 07:41 . 2009-11-13 07:41 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_47ff15a6\System.Drawing.Design.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_906020bd\CustomMarshalers.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 81920 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsBase.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 10240 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 42040 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 81920 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Services.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 16384 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_tr_b77a5c561934e089\System.Transactions.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_tr_31bf3856ad364e35\System.Speech.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 66616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_tr_31bf3856ad364e35\System.ServiceModel.Web.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Security.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 90112 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_tr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 11264 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_tr_b77a5c561934e089\System.Runtime.Remoting.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 16384 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_tr_31bf3856ad364e35\System.Printing.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_tr_b03f5f7f11d50a3a\System.Net.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Messaging.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 13312 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Management.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 20480 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_tr_b77a5c561934e089\System.Management.Instrumentation.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 10752 c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_tr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_tr_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_tr_b77a5c561934e089\system.data.sqlxml.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.Linq.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 57344 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_tr_b77a5c561934e089\System.Core.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_tr_b03f5f7f11d50a3a\sysglobl.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_tr_31bf3856ad364e35\ReachFramework.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationBuildTasks.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 65536 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll  
  + 2009-11-05 23:21 . 2009-05-26 11:43 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll  
  + 2009-11-05 23:21 . 2009-05-26 11:43 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 6656 c:\windows\system32\mui\041F\mscorees.dll  
  + 2003-02-20 16:43 . 2003-02-20 16:43 4096 c:\windows\system32\mui\0409\mscoreer.dll  
  + 2009-10-29 05:29 . 2009-10-29 05:29 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll  
  - 2009-04-28 10:26 . 2009-04-28 10:26 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.Design.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\JSC.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\InstallUtil.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regbrowsers.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_compiler.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.Data.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 4608 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\CvtResUI.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll  
  + 2003-02-21 05:25 . 2003-02-21 05:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll  
  + 2003-02-21 05:25 . 2003-02-21 05:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll  
  + 2004-07-15 12:31 . 2004-07-15 12:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll  
  + 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe  
  + 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll  
  - 2009-02-17 19:23 . 2009-10-16 09:37 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe  
  + 2009-11-23 13:52 . 2009-11-23 13:52 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationTypes.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationProvider.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 9216 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClient.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Xml.Linq.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 5632 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_tr_b77a5c561934e089\SMDiagnostics.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 8704 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll  
  + 2009-11-10 13:16 . 2008-03-05 14:03 479752 c:\windows\system32\XAudio2_0.dll  
  + 2009-11-10 13:16 . 2008-03-05 14:03 238088 c:\windows\system32\xactengine3_0.dll  
  + 2009-11-10 13:16 . 2007-07-19 22:57 267112 c:\windows\system32\xactengine2_9.dll  
  + 2009-11-10 13:16 . 2007-06-20 18:46 266088 c:\windows\system32\xactengine2_8.dll  
  + 2009-11-10 13:16 . 2007-04-04 16:55 261480 c:\windows\system32\xactengine2_7.dll  
  + 2009-11-10 13:15 . 2007-01-24 13:27 255848 c:\windows\system32\xactengine2_6.dll  
  + 2009-11-10 13:15 . 2006-12-08 10:02 251672 c:\windows\system32\xactengine2_5.dll  
  + 2009-11-10 13:15 . 2006-09-28 14:05 237848 c:\windows\system32\xactengine2_4.dll  
  + 2009-11-10 13:15 . 2006-07-28 07:30 236824 c:\windows\system32\xactengine2_3.dll  
  + 2009-11-10 13:15 . 2006-05-31 05:24 230168 c:\windows\system32\xactengine2_2.dll  
  + 2009-11-10 13:16 . 2007-10-22 01:39 267272 c:\windows\system32\xactengine2_10.dll  
  + 2009-11-10 13:15 . 2006-03-31 10:39 229584 c:\windows\system32\xactengine2_1.dll  
  + 2009-11-10 13:15 . 2006-02-03 06:42 230096 c:\windows\system32\xactengine2_0.dll  
  + 2009-12-03 22:53 . 2005-04-15 11:22 303104 c:\windows\system32\qscl.dll  
  + 2006-03-02 12:00 . 2009-11-12 07:59 456746 c:\windows\system32\perfh009.dat  
  + 2009-12-03 22:53 . 2002-12-02 09:11 290816 c:\windows\system32\NCTWMAFile.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:09 282624 c:\windows\system32\NCTAudioVisualization.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:08 339968 c:\windows\system32\NCTAudioTransform.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioRecord.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioPlayer.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:05 892928 c:\windows\system32\NCTAudioInformation.dll  
  + 2009-12-03 22:53 . 2002-12-02 09:03 327680 c:\windows\system32\NCTAudioGrabber.dll  
  + 2009-12-03 22:53 . 2002-09-04 13:17 503808 c:\windows\system32\NCTAudioEditor.dll  
  + 2002-01-18 19:56 . 2002-01-18 19:56 217088 c:\windows\system32\mp3enc.dll  
  - 2009-03-23 10:30 . 2009-03-23 10:30 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll  
  - 2009-03-23 10:30 . 2009-03-23 10:30 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll  
  - 2009-05-13 08:57 . 2009-05-13 08:57 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll  
  - 2009-03-23 10:30 . 2009-03-23 10:30 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll  
  + 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe  
  + 2009-12-03 22:53 . 2002-09-06 09:36 233472 c:\windows\system32\lame_enc.dll  
  + 2009-11-23 14:01 . 2009-11-23 14:01 149280 c:\windows\system32\javaws.exe  
  + 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\javaw.exe  
  + 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\java.exe  
  + 2009-02-17 18:40 . 2009-11-11 16:57 185816 c:\windows\system32\FNTCACHE.DAT  
  + 2009-11-10 13:16 . 2008-02-05 21:07 462864 c:\windows\system32\d3dx10_37.dll  
  + 2009-11-10 13:16 . 2007-10-02 07:56 444776 c:\windows\system32\d3dx10_36.dll  
  + 2009-11-10 13:16 . 2007-07-19 16:14 444776 c:\windows\system32\d3dx10_35.dll  
  + 2009-11-10 13:16 . 2007-05-16 14:45 443752 c:\windows\system32\d3dx10_34.dll  
  + 2009-11-10 13:16 . 2007-03-15 14:57 443752 c:\windows\system32\d3dx10_33.dll  
  + 2009-12-03 22:53 . 2007-03-25 18:46 212992 c:\windows\system32\amrdec.dll  
  + 2009-12-03 22:53 . 2007-09-14 08:40 336896 c:\windows\system32\ammppg.dll  
  + 2009-10-29 04:55 . 2009-10-29 04:55 132472 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL  
  + 2009-10-29 05:27 . 2009-10-29 05:27 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe  
  - 2009-04-28 10:24 . 2009-04-28 10:24 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe  
  + 2009-10-29 05:43 . 2009-10-29 05:43 464312 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1152602.exe  
  + 2009-07-31 13:40 . 2009-07-31 13:40 538040 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe  
  + 2009-04-29 10:28 . 2009-04-29 10:28 546232 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe  
  - 2009-04-28 10:26 . 2009-04-28 10:26 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll  
  + 2009-10-29 05:29 . 2009-10-29 05:29 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll  
  + 2009-10-29 05:28 . 2009-10-29 05:28 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll  
  - 2009-04-28 10:24 . 2009-04-28 10:24 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll  
  + 2009-10-29 04:55 . 2009-10-29 04:55 713216 c:\windows\system32\Adobe\Shockwave 11\gi.dll  
  + 2009-10-29 05:26 . 2009-10-29 05:26 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll  
  + 2009-10-29 05:44 . 2009-10-29 05:44 210360 c:\windows\system32\Adobe\Director\SwDir.dll  
  + 2009-10-29 05:28 . 2009-10-29 05:28 131072 c:\windows\system32\Adobe\Director\np32dsw.dll  
  - 2009-04-28 10:25 . 2009-04-28 10:25 131072 c:\windows\system32\Adobe\Director\np32dsw.dll  
  + 2008-03-23 19:03 . 2008-03-23 19:03 151552 c:\windows\Microsoft.NET\Framework\v3.5\tr\Microsoft.Build.Tasks.v3.5.resources.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 982008 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapUI.dll  
  + 2008-03-23 18:39 . 2008-03-23 18:39 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapRes.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 687104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsscenario.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 411136 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsbasereqs.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 627712 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs70uimgr.dll  
  + 2008-03-23 19:08 . 2008-03-23 19:08 432128 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.msi  
  + 2008-03-23 18:39 . 2008-03-23 18:39 119808 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setupres.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setup.exe  
  + 2008-03-21 14:59 . 2008-03-21 14:59 183296 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\RebootStub.exe  
  + 2008-03-21 13:56 . 2008-03-21 13:56 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\HtmlLite.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 276472 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\dlmgr.dll  
  + 2008-03-23 19:03 . 2008-03-23 19:03 237048 c:\windows\Microsoft.NET\Framework\v3.5\1055\vbc7ui.dll  
  + 2008-03-23 19:03 . 2008-03-23 19:03 173056 c:\windows\Microsoft.NET\Framework\v3.5\1055\cscompui.dll  
  + 2006-10-27 16:02 . 2006-10-27 16:02 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\tr\PresentationUI.resources.dll  
  + 2007-10-15 12:16 . 2007-10-15 12:16 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\infocard.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 155648 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.xml.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 417792 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Windows.Forms.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 598016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 200704 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 524288 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Design.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 385024 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Deployment.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 335872 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.OracleClient.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 347136 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorrc.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorlib.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 135168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Tasks.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnetmmcext.resources.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 211968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\Vsavb7rtUI.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 185856 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\vbc7ui.dll  
  + 2007-10-26 01:18 . 2007-10-26 01:18 139776 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\cscompui.dll  
  + 2004-07-15 09:23 . 2004-07-15 09:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe  
  + 2004-07-15 12:31 . 2004-07-15 12:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll  
  + 2004-07-15 12:31 . 2004-07-15 12:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll  
  + 2004-07-15 12:31 . 2004-07-15 12:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll  
  + 2004-07-15 12:31 . 2004-07-15 12:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll  
  + 2004-07-15 12:31 . 2004-07-15 12:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll  
  + 2004-07-14 22:35 . 2004-07-14 22:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll  
  + 2003-02-20 17:09 . 2003-02-20 17:09 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll  
  + 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\msvcr71.dll  
  + 2003-02-20 17:06 . 2003-02-20 17:06 311296 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorjit.dll  
  + 2003-02-20 17:06 . 2003-02-20 17:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\fusion.dll  
  + 2003-02-20 17:19 . 2003-02-20 17:19 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\aspnet_isapi.dll  
  + 2004-08-10 14:20 . 2004-08-10 14:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe  
  + 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll  
  + 2004-07-14 22:33 . 2004-07-14 22:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll  
  + 2003-02-20 16:43 . 2003-02-20 16:43 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll  
  + 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll  
  + 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll  
  + 2004-07-14 22:32 . 2004-07-14 22:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll  
  + 2004-07-15 12:28 . 2004-07-15 12:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll  
  + 2004-07-14 22:35 . 2004-07-14 22:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe  
  + 2004-07-14 22:24 . 2004-07-14 22:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll  
  + 2003-02-20 17:16 . 2003-02-20 17:16 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll  
  + 2003-02-21 08:21 . 2003-02-21 08:21 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll  
  + 2004-07-15 09:23 . 2004-07-15 09:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll  
  + 2002-07-29 09:11 . 2002-07-29 09:11 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll  
  + 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll  
  + 2003-02-21 03:04 . 2003-02-21 03:04 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll  
  + 2003-02-21 01:02 . 2003-02-21 01:02 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll  
  + 2009-11-10 13:15 . 2006-03-31 09:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2006-02-03 05:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-12-05 15:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-09-28 12:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-07-22 15:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-05-26 13:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-03-18 15:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-02-05 17:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll  
  + 2009-11-10 13:15 . 2005-03-18 14:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 428032 c:\windows\Installer\31afd2.msi  
  + 2008-03-23 18:22 . 2008-03-23 18:22 120320 c:\windows\Installer\31afcc.msp  
  + 2008-03-23 18:13 . 2008-03-23 18:13 117760 c:\windows\Installer\31afcb.msp  
  + 2008-03-23 18:27 . 2008-03-23 18:27 305664 c:\windows\Installer\31afca.msp  
  + 2008-03-23 18:16 . 2008-03-23 18:16 710144 c:\windows\Installer\31afc8.msp  
  + 2008-03-23 18:19 . 2008-03-23 18:19 163840 c:\windows\Installer\31afc7.msp  
  + 2008-03-23 18:02 . 2008-03-23 18:02 352768 c:\windows\Installer\31afb8.msp  
  + 2008-03-23 17:52 . 2008-03-23 17:52 247296 c:\windows\Installer\31afb7.msp  
  + 2008-03-23 18:05 . 2008-03-23 18:05 473600 c:\windows\Installer\31afb6.msp  
  + 2008-03-23 17:58 . 2008-03-23 17:58 708608 c:\windows\Installer\31afb5.msp  
  + 2008-03-23 17:55 . 2008-03-23 17:55 352256 c:\windows\Installer\31afb4.msp  
  - 2009-02-17 19:23 . 2009-10-16 09:37 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe  
  + 2009-02-17 19:23 . 2009-11-12 08:09 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe  
  - 2009-02-17 19:23 . 2009-10-16 09:37 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe  
  + 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll  
  + 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe  
  + 2009-11-27 12:43 . 2007-01-09 06:19 110592 c:\windows\Downloaded Program Files\PURtr-tr.dll  
  + 2006-11-20 09:04 . 2006-11-20 09:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll  
  + 2009-08-19 09:55 . 2009-08-19 09:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll  
  + 2009-11-13 12:55 . 2009-11-13 12:55 160488 c:\windows\Downloaded Program Files\contactx.dll  
  + 2009-09-09 00:37 . 2009-10-14 20:32 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll  
  - 2009-09-09 00:37 . 2009-09-09 00:37 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d5b7d18c\System.Drawing.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f35b7d11\System.Drawing.Design.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_79129eb3\CustomMarshalers.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 155648 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_tr_b77a5c561934e089\System.xml.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 111672 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_tr_31bf3856ad364e35\System.WorkflowServices.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 316480 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 189496 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Activities.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 417792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_tr_b77a5c561934e089\System.Windows.Forms.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 598016 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 647168 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 450560 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 200704 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_tr_b77a5c561934e089\system.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 524288 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Design.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 385024 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Deployment.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 335872 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.OracleClient.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationUI.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 237568 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationFramework.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 106496 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationCore.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 299008 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_tr_b77a5c561934e089\mscorlib.resources.dll  
  + 2009-11-23 13:52 . 2009-11-23 13:52 151552 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 135168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll  
  + 2009-11-23 13:51 . 2009-11-23 13:51 315392 c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_tr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 573440 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 372736 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 303104 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 720896 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll  
  + 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll  
  + 2009-11-05 23:21 . 2009-05-26 11:43 756600 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe  
  + 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe  
  + 2006-03-02 12:00 . 2009-08-14 15:12 1850624 c:\windows\system32\win32k.sys  
  + 2009-08-27 07:25 . 2009-11-05 12:46 5643840 c:\windows\system32\Restore\rstrlog.dat  
  + 2009-12-03 22:53 . 2002-12-02 09:02 1703936 c:\windows\system32\NCTAudioFile.dll  
  + 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\msxml6.dll  
  + 2006-03-02 12:00 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll  
  - 2006-03-02 12:00 . 2009-08-29 07:27 3598336 c:\windows\system32\mshtml.dll  
  + 2006-03-02 12:00 . 2009-10-21 04:07 3598336 c:\windows\system32\mshtml.dll  
  + 2009-10-23 03:32 . 2009-10-23 03:32 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll  
  - 2009-05-13 08:57 . 2009-05-13 08:57 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll  
  + 2009-02-17 19:16 . 2009-08-14 15:12 1850624 c:\windows\system32\dllcache\win32k.sys  
  + 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\dllcache\msxml6.dll  
  + 2009-02-17 17:48 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll  
  - 2009-02-17 19:13 . 2009-08-29 07:27 3598336 c:\windows\system32\dllcache\mshtml.dll  
  + 2009-02-17 19:13 . 2009-10-21 04:07 3598336 c:\windows\system32\dllcache\mshtml.dll  
  + 2009-11-10 13:16 . 2008-03-05 13:56 3786760 c:\windows\system32\D3DX9_37.dll  
  + 2009-11-10 13:16 . 2007-10-12 13:14 3734536 c:\windows\system32\d3dx9_36.dll  
  + 2009-11-10 13:16 . 2007-07-19 16:14 3727720 c:\windows\system32\d3dx9_35.dll  
  + 2009-11-10 13:16 . 2007-05-16 14:45 3497832 c:\windows\system32\d3dx9_34.dll  
  + 2009-11-10 13:15 . 2006-09-28 14:05 2414360 c:\windows\system32\d3dx9_31.dll  
  + 2009-11-10 13:15 . 2006-03-31 10:40 2388176 c:\windows\system32\d3dx9_30.dll  
  + 2009-11-10 13:15 . 2006-02-03 06:43 2332368 c:\windows\system32\d3dx9_29.dll  
  + 2009-11-10 13:15 . 2005-12-05 16:09 2323664 c:\windows\system32\d3dx9_28.dll  
  + 2009-11-10 13:15 . 2005-07-22 17:59 2319568 c:\windows\system32\d3dx9_27.dll  
  + 2009-11-10 13:15 . 2005-05-26 13:34 2297552 c:\windows\system32\d3dx9_26.dll  
  + 2009-11-10 13:15 . 2005-03-18 15:19 2337488 c:\windows\system32\d3dx9_25.dll  
  + 2009-11-10 13:14 . 2005-02-05 17:45 2222800 c:\windows\system32\d3dx9_24.dll  
  + 2009-11-10 13:16 . 2008-03-05 13:56 1420824 c:\windows\system32\D3DCompiler_37.dll  
  + 2009-11-10 13:16 . 2007-10-12 13:14 1374232 c:\windows\system32\D3DCompiler_36.dll  
  + 2009-11-10 13:16 . 2007-07-19 16:14 1358192 c:\windows\system32\D3DCompiler_35.dll  
  + 2009-11-10 13:16 . 2007-05-16 14:45 1124720 c:\windows\system32\D3DCompiler_34.dll  
  + 2009-11-10 13:16 . 2007-03-12 14:42 1123696 c:\windows\system32\D3DCompiler_33.dll  
  + 2009-10-29 05:01 . 2009-10-29 05:01 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll  
  - 2009-04-28 10:00 . 2009-04-28 10:00 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll  
  + 2009-10-29 04:55 . 2009-10-29 04:55 1886320 c:\windows\system32\Adobe\Shockwave 11\gt.exe  
  - 2009-04-28 10:04 . 2009-04-28 10:04 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll  
  + 2009-10-29 05:05 . 2009-10-29 05:05 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 1045504 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 1361920 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\SITSetup.dll  
  + 2008-03-21 13:56 . 2008-03-21 13:56 1059328 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\gencomp.dll  
  + 2004-07-15 06:15 . 2004-07-15 06:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll  
  + 2004-07-15 12:29 . 2004-07-15 12:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll  
  + 2004-07-15 12:32 . 2004-07-15 12:32 2052096 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll  
  + 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll  
  + 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll  
  + 2004-07-15 12:29 . 2004-07-15 12:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll  
  + 2004-07-15 12:32 . 2004-07-15 12:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll  
  + 2003-02-20 17:08 . 2003-02-20 17:08 2482176 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorwks.dll  
  + 2003-02-20 17:07 . 2003-02-20 17:07 2494464 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsvr.dll  
  + 2003-02-21 05:26 . 2003-02-21 05:26 2088960 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorlib.dll  
  + 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll  
  + 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll  
  + 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll  
  + 2003-02-21 05:25 . 2003-02-21 05:25 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll  
  + 2009-11-10 13:15 . 2004-12-01 13:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2004-09-29 10:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 3443712 c:\windows\Installer\a71901.msi  
  + 2009-10-22 10:46 . 2009-10-22 10:46 6821888 c:\windows\Installer\42c83.msp  
  + 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\42c6d.msp  
  + 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\42c57.msp  
  + 2009-11-23 14:00 . 2009-11-23 14:00 1757696 c:\windows\Installer\31b23f.msi  
  + 2009-11-23 13:52 . 2009-11-23 13:52 1048064 c:\windows\Installer\31afc5.msi  
  + 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\21388a3.msp  
  + 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\21388a1.msp  
  + 2009-11-27 12:35 . 2009-11-27 12:35 1258496 c:\windows\Installer\1201d61.msi  
  + 2009-11-05 23:21 . 2009-08-29 07:27 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll  
  + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.4\FP_AX_CAB_INSTALLER.exe  
  + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.3\FP_AX_CAB_INSTALLER.exe  
  + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.2\FP_AX_CAB_INSTALLER.exe  
  + 2009-11-13 07:41 . 2009-11-13 07:41 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_cea8607c\System.dll  
  + 2009-11-13 00:42 . 2009-11-13 00:42 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_37973a7b\System.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_84335e91\System.Xml.dll  
  + 2009-11-13 07:42 . 2009-11-13 07:42 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_52c18cdd\System.Xml.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_febac606\System.Windows.Forms.dll  
  + 2009-11-13 07:42 . 2009-11-13 07:42 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6d823986\System.Windows.Forms.dll  
  + 2009-11-13 07:42 . 2009-11-13 07:42 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7fe6b7fa\System.Drawing.dll  
  + 2009-11-13 07:42 . 2009-11-13 07:42 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c86e3259\System.Design.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4957ea81\System.Design.dll  
  + 2009-11-13 07:41 . 2009-11-13 07:41 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_759347a8\mscorlib.dll  
  + 2009-11-13 07:42 . 2009-11-13 07:42 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4110eb1c\mscorlib.dll  
  + 2009-11-13 00:42 . 2009-11-13 00:42 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll  
  + 2009-11-13 00:42 . 2009-11-13 00:42 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll  
  + 2009-11-12 08:00 . 2009-11-12 08:00 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll  
  + 2009-11-10 13:25 . 2009-11-10 13:25 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-11-10 13:15 . 2009-11-10 13:15 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll  
  + 2009-10-21 04:05 . 2009-10-21 04:05 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll  
  + 2009-02-17 20:21 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe  
  + 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp  
  + 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\638a31.msp  
  + 2009-11-12 00:50 . 2009-11-12 00:50 19210240 c:\windows\Installer\4e641d.msp  
  + 2009-11-12 07:56 . 2009-11-12 07:56 19210240 c:\windows\Installer\42c43.msp  
  + 2009-11-23 13:56 . 2009-11-23 13:56 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll  
  - 2009-10-16 09:45 . 2009-10-16 09:45 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll  
  .  
  -- Snapshot reset to current date --  
  .  
  ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))  
  .  
  .  
  *Note* empty entries & legit default entries are not shown  
  REGEDIT4  
   
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]  
  "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]  
  "Google Update"="c:\documents and settings\savaş\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-21 206832]  
  "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408]  
  "minihava"="c:\program files\Shenturk\Mini Hava\minihava.exe" [2009-09-16 399360]  
  "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1768960]  
   
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]  
  "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]  
  "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]  
  "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]  
  "RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2004-10-11 659456]  
  "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-06 1920512]  
  "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 393216]  
  "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-14 413696]  
  "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-16 122368]  
  "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1590608]  
  "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-23 227104]  
  "VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 229376]  
  "VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-11-01 233472]  
  "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 753664]  
   
  c:\documents and settings\savaŸ\Start Menu\Programlar\BaŸlang‡\  
  LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 585728]  
   
  c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\  
  AirTies ADSL Hizmet Program.lnk - c:\program files\AirTies\ADSL Hizmet Program\AirTies_util3.exe [2009-6-8 2452992]  
   
  [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]  
  "DisableTaskMgr"= 1 (0x1)  
  "DisableRegistryTools"= 1 (0x1)  
   
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]  
  "AntiVirusOverride"=dword:00000001  
  "FirewallOverride"=dword:00000001  
   
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]  
  "AntiVirusOverride"=dword:00000001  
  "AntiVirusDisableNotify"=dword:00000001  
  "FirewallDisableNotify"=dword:00000001  
  "FirewallOverride"=dword:00000001  
  "UpdatesDisableNotify"=dword:00000001  
  "UacDisableNotify"=dword:00000001  
   
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]  
  "EnableFirewall"= 0 (0x0)  
   
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]  
  "%windir%\\system32\\sessmgr.exe"=  
  "c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=  
  "c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=  
  "c:\\WINDOWS\\system32\\VTTimer.exe"=  
  "c:\\Program Files\\VIA\\RAID\\raid_tool.exe"=  
  "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=  
  "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=  
  "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=  
  "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=  
  "c:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe"=  
  "c:\\Program Files\\Messenger\\msmsgs.exe"=  
  "c:\\Program Files\\LimeWire\\LimeWire.exe"=  
  "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=  
  "c:\\WINDOWS\\system32\\VTtrayp.exe"=  
  "c:\\WINDOWS\\system32\\ntvdm.exe"=  
  "c:\\WINDOWS\\system32\\wuauclt.exe"=  
  "c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=  
  "c:\\WINDOWS\\SOUNDMAN.EXE"=  
  "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=  
  "c:\\Program Files\\Google\\Picasa3\\Picasa3.exe"=  
  "c:\\Program Files\\AirTies\\ADSL Hizmet Programı\\AirTies_util3.exe"=  
  "c:\\Program Files\\Java\\jre6\\bin\\jucheck.exe"=  
  "c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=  
  "c:\\Program Files\\Shenturk\\Mini Hava\\minihava.exe"=  
  "c:\\Program Files\\Java\\jre6\\bin\\jqs.exe"=  
  "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\1.2.183.7\\GoogleCrashHandler.exe"=  
  "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=  
  "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=  
  "c:\\Program Files\\Google\\Update\\1.2.183.13\\GoogleCrashHandler.exe"=  
  "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=  
  "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=  
  "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=  
   
  R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17.02.2009 23:10 55152]  
  R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nlpjtn.sys --> c:\windows\system32\drivers\nlpjtn.sys [?]  
  S2 gupdate1c9a08f6ed5a052;Google Güncelleme Hizmeti (gupdate1c9a08f6ed5a052);c:\program files\Google\Update\GoogleUpdate.exe [09.03.2009 10:16 309232]  
  S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]  
  S3 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [28.05.2009 15:41 254512]  
  S3 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [28.05.2009 15:41 362544]  
  S3 fsssvc;Windows Live Aile Koruması;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 533360]  
  S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [02.03.2006 14:00 14336]  
  S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [28.05.2009 15:41 274808]  
  S3 PAC7302;PC VGA Camer@ Plus;c:\windows\system32\drivers\PAC7302.SYS [10.09.2007 08:50 457984]  
  S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [28.05.2009 15:41 309296]  
   
  --- Other Services/Drivers In Memory ---  
   
  *Deregistered* - mbr  
   
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]  
  getPlusHelper REG_MULTI_SZ getPlusHelper  
   
  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{680d34aa-4d47-11de-84ed-001617c51a41}]  
  \sHeLl\AutOpLaY\cOMmand - I:\btqujj.pif  
  \sHeLl\AutoRun\command - I:\btqujj.pif  
  \sHeLl\expLore\ComMaNd - I:\btqujj.pif  
  \sHeLl\oPEn\comMand - I:\btqujj.pif  
   
  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad6f7405-fd14-11dd-830f-001617c51a41}]  
  \shElL\AUtopLAy\CoMmaNd - I:\qlvnbu.cmd  
  \shElL\AutoRun\command - I:\qlvnbu.cmd  
  \shElL\eXplORe\COmmAnd - I:\qlvnbu.cmd  
  \shElL\opEN\CoMMAnD - I:\qlvnbu.cmd  
  .  
  Contents of the 'Scheduled Tasks' folder  
   
  2009-12-07 c:\windows\Tasks\Google Software Updater.job  
  - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-17 10:47]  
   
  2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job  
  - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]  
   
  2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job  
  - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]  
   
  2009-11-29 c:\windows\Tasks\User_Feed_Synchronization-{BE3A2D03-C47A-4D18-B84E-A24C4BA9D84D}.job  
  - c:\windows\system32\msfeedssync.exe [2007-08-13 16:36]  
  .  
  .  
  ------- Supplementary Scan -------  
  .  
  uStart Page = hxxp://www.google.com/  
  uDefault_Search_URL = hxxp://www.google.com/ie  
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s  
  DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll  
  .  
   
  **************************************************************************  
   
  catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net  
  Rootkit scan 2009-12-07 09:42  
  Windows 5.1.2600 Service Pack 3 NTFS  
   
  scanning hidden processes ...  
   
  scanning hidden autostart entries ...  
   
  scanning hidden files ...  
   
  scan completed successfully  
  hidden files: 0  
   
  **************************************************************************  
   
  [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]  
  "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"  
  .  
  --------------------- LOCKED REGISTRY KEYS ---------------------  
   
  [HKEY_USERS\S-1-5-21-796845957-1004336348-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]  
  @Allowed: (Read) (RestrictedCode)  
  @Allowed: (Read) (RestrictedCode)  
  .  
  --------------------- DLLs Loaded Under Running Processes ---------------------  
   
  - - - - - - - > 'explorer.exe'(444)  
  c:\windows\system32\WININET.dll  
  c:\progra~1\WINDOW~2\wmpband.dll  
  c:\windows\system32\WPDShServiceObj.dll  
  c:\windows\system32\PortableDeviceTypes.dll  
  c:\windows\system32\PortableDeviceApi.dll  
  .  
  Completion time: 2009-12-07 9:46  
  ComboFix-quarantined-files.txt 2009-12-07 07:46  
  ComboFix2.txt 2009-10-28 22:40  
  ComboFix3.txt 2009-10-25 12:11  
   
  Pre-Run: 49.990.991.872 bayt boş  
  Post-Run: 50.216.026.112 bayt boş  
   
  - - End Of File - - 44445DFF0469C0F5C5E430D2896491C8


Bu mesaja 2 cevap geldi.
B
byrmlbrbr
14 yıl
Teğmen

Benim sorun PC nin 5 katı kadar artık geç açılması.....Hazırda beklemeye alması kapanmasından daha uzun sürüyor.....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59:29, on 08.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\AvaFind\AvaFind.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Yedek D\Prog\serhan program dvd\anti virüs\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [AvaFind] "C:\Program Files\AvaFind\AvaFind.exe" /minimized
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - S-1-5-18 Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - Startup: AutorunsDisabled
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247544337328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247544298750
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

--
End of file - 4855 bytes


Bu mesaja 1 cevap geldi.
S
sato_re
14 yıl
Er

yukarıdaki combo fixten sonraki Malwarebytes raporu (antivirüs yükleniyor ama çalıştırmıyor ve sürekli msnden ve internet bağlantılarından atıyor görev yöneticisi combofixten sonra açıyor ama çok kısa bi süre sonra tekrar devre dışı oluyor 


Malwarebytes' Anti-Malware 1.42  
  Veritabanı sürümü: 3289  
  Windows 5.1.2600 Service Pack 3  
  Internet Explorer 7.0.5730.13  
   
  07.12.2009 10:46:26  
  mbam-log-2009-12-07 (10-46-26).txt  
   
  Tarama biçimi: Gelişmiş Tarama (C:\|)  
  Taranan öğeler: 151080  
  Geçen süre: 39 minute(s), 49 second(s)  
   
  Etkilenmiş Hafıza İşlemleri: 1  
  Etkilenmiş Hafıza Modülleri: 0  
  Etkilenmiş Kayıt Anahtarları: 1  
  Etkilenmiş Kayıt Değerleri: 0  
  Etkilenmiş Kayıt Verisi Öğeleri: 3  
  Etkilenmiş Klasörler: 0  
  Etkilenmiş Dosyalar: 1  
   
  Etkilenmiş Hafıza İşlemleri:  
  C:\WINDOWS\temp\wingxwtks.exe (Worm.Spambot) -> Unloaded process successfully.  
   
  Etkilenmiş Hafıza Modülleri:  
  (Herhangi bir tehlikeli öğe bulunmadı)  
   
  Etkilenmiş Kayıt Anahtarları:  
  HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.  
   
  Etkilenmiş Kayıt Değerleri:  
  (Herhangi bir tehlikeli öğe bulunmadı)  
   
  Etkilenmiş Kayıt Verisi Öğeleri:  
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.  
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.  
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.  
   
  Etkilenmiş Klasörler:  
  (Herhangi bir tehlikeli öğe bulunmadı)  
   
  Etkilenmiş Dosyalar:  
  C:\WINDOWS\temp\wingxwtks.exe (Worm.Spambot) -> Quarantined and deleted successfully.



A
atakan22m
14 yıl
Çavuş

bunu türklermi yapdı


Bu mesaja 2 cevap geldi.
S
ShaDoW_17
14 yıl
Binbaşı

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 10:54:37, on 09.12.2009 
  Platform: Windows XP SP3 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
  Boot mode: Normal 
   
  Running processes: 
  C:\WINDOWS\System32\smss.exe 
  C:\WINDOWS\system32\csrss.exe 
  C:\WINDOWS\system32\winlogon.exe 
  C:\WINDOWS\system32\services.exe 
  C:\WINDOWS\system32\lsass.exe 
  C:\WINDOWS\system32\nvsvc32.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\System32\svchost.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\spoolsv.exe 
  C:\WINDOWS\Explorer.EXE 
  C:\WINDOWS\RTHDCPL.EXE 
  C:\WINDOWS\system32\RUNDLL32.EXE 
  C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe 
  C:\Program Files\USB Disk Security\USBGuard.exe 
  C:\Program Files\Java\jre6\bin\jusched.exe 
  C:\Program Files\Canon\MyPrinter\BJMyPrt.exe 
  C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe 
  C:\AKINSOFT\CafePlusFilter1\cafeplusfilter.exe 
  C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe 
  C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe 
  C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe 
  C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe 
  C:\WINDOWS\system32\rundll32.exe 
  C:\WINDOWS\VM303_STI.EXE 
  C:\WINDOWS\system32\ctfmon.exe 
  C:\Program Files\Internet Download Manager\IDMan.exe 
  C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 
  C:\Program Files\Messenger\msmsgs.exe 
  C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe 
  C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe 
  C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\AKINSOFT\CafePlusFilter1\cafeplusfilterinject.exe 
  C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe 
  C:\Program Files\Java\jre6\bin\jqs.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\wdfmgr.exe 
  C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe 
  C:\WINDOWS\System32\alg.exe 
  C:\WINDOWS\system32\wbem\wmiapsrv.exe 
  C:\Program Files\Internet Download Manager\IEMonitor.exe 
  C:\AKINSOFT\CafePlus9\Server\CafePlus.exe 
  C:\Program Files\Java\jre6\bin\jucheck.exe 
  C:\Program Files\Winamp\winamp.exe 
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files\Windows Live\Contacts\wlcomm.exe 
  C:\Program Files\Mozilla Firefox\firefox.exe 
  C:\Documents and Settings\Yusuf\Belgelerim\Downloads\Programs\HiJackThis.exe 
  C:\WINDOWS\system32\wbem\wmiprvse.exe 
   
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE 
  O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE 
  O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install 
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit 
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice 
  O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe 
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" 
  O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon 
  O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon 
  O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe 
  O4 - HKLM\..\Run: [AKINSOFT CafeFilter] C:\AKINSOFT\CafePlusFilter1\cafeplusfilter.exe 
  O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe 
  O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe 
  O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" 
  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent 
  O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) 
  O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot 
  O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" 
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background 
  O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\190.62\english\PhysX_9.09.0814_SystemSoftware.exe" 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - Startup: 8AA5A0.lnk = C:\WINDOWS\system32\9FC1E3\8AA5A0.EXE 
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 
  O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm 
  O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm 
  O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL 
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab 
  O17 - HKLM\System\CCS\Services\Tcpip\..\{72049E20-219F-4E95-8C76-594FEDAC64D8}: NameServer = 208.67.222.222,208.67.220.220 
  O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe 
  O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe 
  O23 - Service: CafePlusFilterServiceMain - Unknown owner - C:\AKINSOFT\CafePlusFilter1\cafeplusfilterinject.exe 
  O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe 
  O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe 
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe 
  O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe 
  O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe 
   
  -- 
  End of file - 10022 bytes




Log raporu yukarıdaki gibi yaşadığım sıkıntı ise resimdeki gibi..
Resimdeki hatayı verince NOd 32 bişey siliyor fakat sözde siliyor Bi kaç haftadır böyle.

Teşekkür ederim.

< Resime gitmek için tıklayın >


Bu mesaja 1 cevap geldi.
Z
zaladin
14 yıl
Yüzbaşı

Serji usta rica etsem bi kontrol eder misin son günlerde kendiliğinden donmalar oluyor pc'de .. teşekkürler şimdiden..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:43, on 09.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\AYHAN\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - (no file)
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CDNSCacheObj Object - {376892AE-1825-4E5F-9F85-23F9640051CC} - C:\WINDOWS\XviDplg.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URL ko&ntrolü - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) -http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) -https://www.isbank.com.tr/Internet/lib/JaguarEdit4ISBv27.CAB
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} -http://165.91.110.101:2010/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB244DC6-1E2A-4CCF-87DA-245BAF55C1C5}: NameServer = 4.2.2.5,4.2.2.1
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 7425 bytes


Bu mesaja 3 cevap geldi.
P
Peerless
14 yıl
Yarbay

böyle güzel bir konu için öncelikle teşekkür ederim gerçekten çok emek gerektiren bir durum.

gelelim sorunuma imzamdaki bilgisayarım açılış ve kapanışta acayip yavaşladı.özellikle kapatmaya çalısırken uzun süre beklemek durumunda kalıyorumorjinal kis 2010 ile virüs taraması disk temizleme ve disk birleştirme yapmış olmama rağmen bu sorun devam ediyor.bu konuda yardımcı olursanız çok sevinirim

hijack raporum:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:20:43, on 09.12.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\Desktop\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\PeeRLeSS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/212
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FF7EF29-8C34-46CB-8B0D-868DCF22917B}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8740 bytes



P
Peerless
14 yıl
Yarbay

böyle güzel bir konu için öncelikle teşekkür ederim gerçekten çok emek gerektiren bir durum.

gelelim sorunuma imzamdaki bilgisayarım açılış ve kapanışta acayip yavaşladı.özellikle kapatmaya çalısırken uzun süre beklemek durumunda kalıyorumorjinal kis 2010 ile virüs taraması disk temizleme ve disk birleştirme yapmış olmama rağmen bu sorun devam ediyor.bu konuda yardımcı olursanız çok sevinirim

hijack raporum:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:20:43, on 09.12.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PeeRLeSS\Desktop\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\PeeRLeSS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/212
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FF7EF29-8C34-46CB-8B0D-868DCF22917B}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8740 bytes



B
brindarim
14 yıl
Er

ya benim de bir sorunum var iki günden beri deli edecek.nod32 i kuruyorum son anda sorun çıkarıyor tam bitmiyor şöyle bir uyarı veriyor 'Eset Service'(ekrn) hizmeti başlarken hata oluştu.Sistem hizmetlerini başlatmak için yeterli ayrıcalığınızın olduğunu doğrulayın. nod32 eski versiyondur diye kaçtane virüs programı varsa hepsini yükledim ayrı ayrı ama hiçbiri çalışmadı hep hata veriyor ve en sonunda combofix ile tarattım şöyle bir not defterinde detaylar çıktı.ne anlama geliyor ve düzeltilmesi için ne yapmam gerekiyor.ve tabi bunların hepsinden önce format attım bunları yaptım.


ComboFix 09-12-08.07 - ORCAALABAND 09.12.2009 17:20:39.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1254.90.1055.18.480.231 [GMT 2:00]
Running from: c:\combofix\ComboFix.exe
Command switches used :: ComboFix
AV: 3.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\rasadhlp.dll
c:\windows\Help\kfdtk.chm
c:\windows\system32\ieuinit.inf
c:\windows\system32\msssc.dll
c:\windows\system32\scrrntr.dll
D:\1di1w.exe
D:\nds0q.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3360PR
-------\Service_asc3360pr


((((((((((((((((((((((((( Files Created from 2009-11-09 to 2009-12-09 )))))))))))))))))))))))))))))))
.

2009-12-08 19:49 . 2009-12-08 20:32 -------- d-----w- c:\program files\Kaspersky Lab
2009-12-08 19:23 . 2009-12-08 19:22 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2009-12-08 19:23 . 2009-12-08 19:22 298104 ----a-w- c:\windows\system32\imon.dll
2009-12-08 19:23 . 2009-12-08 19:22 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2009-12-08 19:22 . 2009-12-08 20:42 -------- d-----w- c:\program files\ESET
2009-12-08 16:48 . 2009-12-08 16:48 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\Nokia Multimedia Player
2009-12-08 14:24 . 2009-12-08 14:24 -------- d-----w- c:\documents and settings\ORCAALABAND\Local Settings\Application Data\Adobe
2009-12-08 11:50 . 2009-12-08 11:50 42560 ----a-w- c:\documents and settings\ORCAALABAND\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-08 11:19 . 2009-12-08 11:19 -------- d-s---w- c:\documents and settings\ORCAALABAND\UserData
2009-12-08 11:06 . 2009-12-08 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-12-08 11:01 . 2009-12-08 11:01 15240 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
2009-12-08 10:51 . 2009-12-08 10:53 -------- d-----w- c:\program files\MSN Messenger
2009-12-08 10:49 . 2009-12-08 10:50 -------- d-----w- c:\documents and settings\ORCAALABAND\Contacts
2009-12-08 10:49 . 2009-12-08 10:49 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-08 10:35 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-08 10:32 . 2009-12-08 10:32 -------- d-----w- c:\program files\MobiMB Mobile Media Browser
2009-12-08 10:29 . 2009-12-08 10:29 181680 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2009-12-08 10:29 . 2009-12-09 15:25 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\DMCache
2009-12-08 10:29 . 2009-12-08 14:45 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\IDM
2009-12-08 10:29 . 2009-12-08 14:49 -------- d-----w- c:\program files\Internet Download Manager
2009-12-08 10:25 . 2005-07-02 14:33 520192 ----a-w- c:\windows\system32\AVmmfecd.exe
2009-12-08 10:25 . 2004-06-02 12:23 380928 ----a-w- c:\windows\system32\AVawbdcd.exe
2009-12-08 10:25 . 2004-06-02 12:18 438272 ----a-w- c:\windows\system32\AVawbecd.exe
2009-12-08 10:25 . 2004-01-08 09:38 208896 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-08 10:25 . 2002-01-09 09:52 266240 ----a-w- c:\windows\system32\AVamrecd.exe
2009-12-08 10:25 . 2009-12-08 10:27 -------- d-----w- c:\program files\MRConverter
2009-12-08 10:23 . 2009-12-08 10:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-08 10:21 . 2009-12-08 10:21 -------- d-----w- c:\program files\ImTOO
2009-12-08 10:17 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2009-12-08 10:17 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-12-08 10:16 . 2009-12-08 10:16 -------- d-----w- c:\program files\Microsoft.NET
2009-12-08 10:15 . 2009-12-08 10:16 -------- d-----w- c:\windows\SHELLNEW
2009-12-08 10:10 . 2009-12-08 10:10 -------- d-----r- C:\MSOCache
2009-12-08 10:07 . 2009-12-08 10:07 -------- d-----w- c:\documents and settings\ORCAALABAND\Bluetooth Software
2009-12-08 10:05 . 2004-08-03 22:37 274176 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2009-12-08 10:05 . 2004-08-03 22:37 274176 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-12-08 10:05 . 2004-08-03 21:10 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2009-12-08 10:05 . 2004-08-03 21:10 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-09 14:17 . 2009-12-08 08:30 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-09 12:20 . 2009-12-08 10:36 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\Winamp
2009-12-08 10:38 . 2009-12-08 10:36 -------- d-----w- c:\program files\Winamp
2009-12-08 10:35 . 2009-12-08 09:52 -------- d-----w- c:\program files\TuneUp Utilities 2007
2009-12-08 10:32 . 2009-12-08 09:34 -------- d-----w- c:\program files\Common Files\LogoManager
2009-12-08 10:07 . 2001-11-22 12:00 45966 ----a-w- c:\windows\system32\perfc01F.dat
2009-12-08 10:07 . 2001-11-22 12:00 300636 ----a-w- c:\windows\system32\perfh01F.dat
2009-12-08 10:06 . 2009-12-08 10:06 -------- d-----w- c:\program files\WIDCOMM
2009-12-08 09:58 . 2009-12-08 09:58 -------- d-----w- c:\program files\Ahead
2009-12-08 09:58 . 2009-12-08 09:58 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\TuneUp Software
2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-08 09:40 . 2009-12-08 09:40 -------- d-----w- c:\program files\Total Video Converter
2009-12-08 09:30 . 2009-12-08 09:30 -------- d-----w- c:\program files\Photodex Presenter
2009-12-08 09:30 . 2009-12-08 09:30 122880 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\Mozilla\Plugins\npPxPlay.dll
2009-12-08 09:30 . 2009-12-08 09:30 -------- d-----w- c:\program files\Photodex
2009-12-08 09:24 . 2009-12-08 08:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-08 09:24 . 2009-12-08 09:23 -------- d-----w- c:\program files\Nokia
2009-12-08 09:23 . 2009-12-08 09:23 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-08 09:23 . 2009-12-08 09:23 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-08 09:22 . 2009-12-08 08:51 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-08 09:19 . 2009-12-08 09:15 -------- d-----w- c:\program files\WebEye
2009-12-08 09:09 . 2009-12-08 09:09 -------- d-----w- c:\program files\SiSLan
2009-12-08 09:06 . 2009-12-08 09:06 -------- d-----w- c:\program files\Analog Devices
2009-12-08 08:52 . 2009-12-08 08:51 -------- d-----w- c:\program files\SiS VGA Utilities V3.57a
2009-12-08 08:31 . 2009-12-08 08:31 -------- d-----w- c:\program files\microsoft frontpage
2009-12-08 08:27 . 2009-12-08 08:27 21736 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-12-08 2741680]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2006-01-24 7163904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2004-02-27 241664]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 180224]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 229376]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 109424]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 1009016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 107520]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-10-1 565309]
Utility Tray.lnk - c:\windows\system32\sistray.exe [2009-12-8 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\VİRÜS PROGRAMI BİLGİSAYARDA\\HACI VERDİ\\WINRAR\\WinRAR[1].v3.71.1.0\\setup.exe"=
"c:\\WINDOWS\\system32\\keyhook.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\NeroCheck.exe"=
"c:\\PROGRA~1\\COMMON~1\\PCSuite\\DATALA~1\\DATALA~1.EXE"=
"c:\\Program Files\\Photodex\\ProShowGold\\ScsiAccess.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe"=
"c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"=
"c:\\WINDOWS\\system32\\dumprep.exe"=
"c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [08.12.2009 21:23 15424]
S2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASC3360PR

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
IE: Bütün linkleri IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm
IE: FLV video içeriğini IDM ile indir - c:\program files\Internet Download Manager\IEGetVL.htm
IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm
IE: Microsoft Excel'e Gö&nder - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\windows\system32\imon.dll
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
MSConfigStartUp-nod32kui - c:\program files\Eset\nod32kui.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-09 17:25
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(572)
c:\windows\system32\imon.dll

- - - - - - - > 'explorer.exe'(1576)
c:\program files\Internet Download Manager\idmmkb.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
c:\windows\system32\rundll32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2009-12-09 17:28:10 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-09 15:28

Pre-Run: 15.784.017.920 bayt boş
Post-Run: 15.774.797.824 bayt boş

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=BIEH3B /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=BIEH3B-BAK

- - End Of File - - 7D0A3F558EED812ED537F63ED790D6CD


Bu mesaja 1 cevap geldi.
S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: furi544

Combofix raporum ...

The Avenger adlı programı masaüstünüze indirin.

http://www.buraksonmez.com/dosyalar/avenger.exe

1. Aşağıda renkli yazılmış olan yazıların tamamını seçip CTRL+C basın ve kopyalayın. 

Drivers to disable: 
  tcpsr 
   
  Drivers to delete: 
  tcpsr


2. Program ikonunun üzerine çift tıklayarak programı çalıştırın.

* Load Script altında Paste from Clipboard seçin.
* Execute butonuna basın.
* Program soru sorarsa Evet tıklayın.

3. Bilgisayarınız yeniden başlayacak. (2 kez yeniden başlayabilir) Daha sonra bir takım işlemler yapılacaktır.
4. Tarama işlemi bittikten sonra C:\avenger.txt olarak bir log dosyası yaratılacaktır. (Yedekleriniz C:\avenger\backup.zip dizininde olacaktır.)
5. C:\avenger.txt dosyasını mesajınıza ekleyerek bize gönderin.

Malwarebytes Antimalware adlı programı indirin.

http://www.buraksonmez.com/dosyalar/mbam-setup.exe

* Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
* Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
* Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
* Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
* Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
* Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
* Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
* Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.



S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: kilic.zafer

işletim sistemim vista ultimate. windows defender birden uyarı verdi "C:\Windows\system32\CSUNINST.EXE Bu program istenmeyen bir davranış sergiliyor olabilir. " ne yapmam gerek tarama işlemi sonuçları aşağıda. yardımcı olabilirseniz çok sevinirim. pc hızında yavaşlamada oluyor.

* HijackThis adlı programı açın.
* Do a system scan only seçeneğine tıklayın.
* Aşağıdaki satırları işaretleyin. 

 
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
  O1 - Hosts: ::1 localhost 
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL 
  O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Sobee.ICFLauncherIE.Launcher - {95a0101d-f8f8-4063-9545-0edd223b7819} - mscoree.dll (file missing) 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll  
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"  
  O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"  
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"  
  O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 
  O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll 
  O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL 
  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


* CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

ComboFix adlı programı masaüstünüze indirin.

http://www.buraksonmez.com/dosyalar/ComboFix.exe

1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.





< Bu mesaj bu kişi tarafından değiştirildi serji -- 10 Aralık 2009; 20:23:13 >
Bu mesaja 1 cevap geldi.
S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: mehmet35h

benim de surekli internetim donuyor usb modem ve ethernet modemle denedim bu surekli oluyor ikisnde ne yapmalıyım 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.vestel.com.tr 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.vestel.com.tr 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll 
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll  
  O4 - HKLM\..\Run: [VMSnap3] C:\Windows\VMSnap3.EXE 
  O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.EXE 
  O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) 
  O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h 
  O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h


ComboFix adlı programı masaüstünüze indirin.

http://www.buraksonmez.com/dosyalar/ComboFix.exe

1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.



S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: sae1230

mrb benim anasayfam benim haberim olmadan direkara.com olarak değişmiş doğal olarak bende ne yaptııysam bu anasayfayı google olarak değiştiremedim bana bir yardım edin ltf ,

* HijackThis adlı programı açın.
* Do a system scan only seçeneğine tıklayın.
* Aşağıdaki satırları işaretleyin. 

 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.direkara.com 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll 
  O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll  
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" 
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe  
  O4 - HKCU\..\Run: [lsas] "C:\Program Files\Common Files\sysapp\lsas.exe" 
  O4 - HKCU\..\Run: [sorfum] "C:\Documents and Settings\Bilgisayarım\Local Settings\Application Data\sysapp\sorfum.exe" 
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE 
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll 
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll


* CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

ComboFix adlı programı masaüstünüze indirin.

http://www.buraksonmez.com/dosyalar/ComboFix.exe

1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


quote:

Orijinalden alıntı: 1881-193∞

Çok teşekkürler
İşime yaradı vallahi

Rica ederim.





< Bu mesaj bu kişi tarafından değiştirildi serji -- 10 Aralık 2009; 20:22:53 >

S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: bozcaadalı

Ne yapmam gerek yardımcı olursanız sevinirim teşekkürler.

Malwarebytes Antimalware adlı programı indirin.

http://www.buraksonmez.com/dosyalar/mbam-setup.exe

* Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
* Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
* Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
* Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
* Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
* Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
* Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
* Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.


quote:

Orijinalden alıntı: djinn_inc

Tekrar istemiş olduğunuz combofix logunu aşağıya ekledim.

Malwarebytes Antimalware adlı programı indirin.

http://www.buraksonmez.com/dosyalar/mbam-setup.exe

* Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
* Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
* Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
* Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
* Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
* Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
* Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
* Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.



S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: tcebeci

Combofix+Mbam 3-4 zararlı bulup sildi. Son Combofix loguna bakarsan sevinirim.

bir sey gozume carpmadi. Bir de antivirusle taratmak iyi olacaktir.


quote:

Orijinalden alıntı: tuncerdyr21

Birkaç gündür pc ufak uygulamalarda bile donabiliyo Yardımcı olursanız sevinirim 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
  O1 - Hosts: ::1 localhost  
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll  
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"  
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" 
  O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"  
  O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll 
  O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL



S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: - c1gerSuZ -

Öncelikle konu çok faydalı çünkü buradaki bazı sorunları kendi başına çözmeye çalışanların başı çok ağrıyor , emeğine sağlık.

Sorunum son 2 haftadır internette ve bilgisayarda acayip yavaşlama oldu..Facebookda bazı videolarım beyaz görünüyo ama oynat diyince sorun yok normal oynatıyor..Bazı forumlarda yazılar ekranın sağına kayıyor ve ufak grafiklerdede hatalar oluyor göstermiyor..Sebebini anlayamadım bir türlü.Google chrome kullanıyordum sorunsuz şimdi sürekli shock wawe çöktü diyor kapatıyor hatalar oluşuyor ..Firefoxdada var benzeri hatalar yani tarayıcıdan değil..İnternet te download hızım 900 lere ulaşırken bunların sebebi nedir çözemedim..Bazı videolarda başta takılıyor biraz aslında video hemen doluyor ama oynatırken tıkanabiliyor.AVG ile tarattım bi kaç ufak şey buldu temizledim.Bilgisiyarı temizde kullanıyorum ama işte.Her neyse bi bakarsan; 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar  
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll  
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll  
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"  
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"  
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


ComboFix adlı programı masaüstünüze indirin.

http://www.buraksonmez.com/dosyalar/ComboFix.exe

1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.



S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: PHI

Arkadaşlar bu logları "code" tagının içinde verseniz daha iyi olmaz mı? Bu şekilde sayfalar aşırı uzuyor.

Code için örnek
Böylelikle hem sayfa bşuna uzamıyor hem daha iyi görünüyor.

PHI Antivirus programi ile taratir misin simdi? Combofix'te bir problem goremedim. MBAM temizlemis birazini zaten.


quote:

Orijinalden alıntı: jackosman

@PHI ; Kesinlikle katılıyorum.

@serji ; Bu arkadaşımın logu; msnden virüs yemiş herkese fotoyla ilgili link gönderiyor...Loglara bakarsan sevinirim.Ayrıca yavaşlık ta söz konusu...

Logları vermeden önce güncel Eset Smart Security 4 ile tarattım 6 adet zararlı dosya buldu ve temizledi...

HiJack This logu
Zahmet veriyoruz sana ama.... Bir gözatarsan iyi olur.Kolay gelsin,iyi çalışmalar.

Tamamdir bunlar disinda hic bir sorun gozukmuyor. Hala sorun devam ediyor mu? 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" 
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background 
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL 
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


Bu mesaja 1 cevap geldi.
S
serji
14 yıl
Yarbay
Konu Sahibi

quote:

Orijinalden alıntı: ArchEnemy
Tek sorunum Windows Live Messenger 2009da bazen benim iletilerim gitmiyor bazende başkalarının iletisi gelmiyor.. Düşündüğüm şey internetin çok kısa bir süreliğine kopması veya sinyal zayıflaması ama tam olarak çözemedim yardıma ihtiyacım var..

Sorun internetten kaynaklaniyor olabilir. Cunku burada ona sebep olacak bir sey goremedim. 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) 
  O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe



quote:

Orijinalden alıntı: spawn_19

İyi geceler benim laptopta internet explorer normalden geç açılıyor ve internette acaip yavaşlamalar oluyor,başka bir bilgisayar örneğin facebooku benimkiden baya hızlı açıyor,aşağıya logu gönderdim,yardımcı olursanız çok minnetar kalırım. 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O1 - Hosts: ::1 localhost 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 
  O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 
  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe 
  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe



S
serji
14 yıl
Yarbay
Konu Sahibi

Orijinalden alıntı: jackosman

Cevabı yazarken , yukarıda taglar var ." Code " butonuna basın 
[/quote] arasına logları yapıştırın . Bu kadar basit  
  [/quote] 
   
  [quote]Orijinalden alıntı:  PHI 
  Yukarıdaki örnek mesajlardan birini alıntı yaparak da görebilirsiniz. 
  jackosman'ın anlattığı şekilde düzenlerseniz çok iyi olur. 
  [/quote] 
  Teşekkürler. Fazla vaktim olmadığı için bu aralar foruma giremiyorum ama bu şekilde yapılırsa daha düzenli olur. 
   
   
  [quote]Orijinalden alıntı:  maketm 
   
  arkadaslar benim pc deki sorun  
  bilgisayar her açilip kapatildiginda internet explorer ve bilgisayarin geçmisi otomatik olarak silinmesi  
  ve bilgisayarda programlarda çalisirken belirgin bir yavaslama ( programin içinde veya masa üstünde fare bosta dururken fare imlecinin yanina kum saatli imleci bir kaç saniyeligine gelip gidiyor )  
  [/quote] 
      * HijackThis adlı programı açın. 
      * Do a system scan only seçeneğine tıklayın. 
      * Aşağıdaki satırları işaretleyin. 
   
  
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.hp.com 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  O2 - BHO: Adobe PDF Reader Bagi Yardimi - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) 
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll 
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe" 
  O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" 
  O4 - HKLM\..\Run: [XP-D41D8CD9] C:\WINDOWS\SysWow64\XP-D41D8CD9.EXE 
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background 
  O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe 
  O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-D41D8CD9.EXE 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
 
   
      * CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın. 
   
  ComboFix adlı programı masaüstünüze indirin. 
   
 http://www.buraksonmez.com/dosyalar/ComboFix.exe 
   
  1. Tüm açık pencerelerinizi ve programlarınızı kapatın. 
  2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın. 
  3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin. 
  4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın. 
  5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır. 
  6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir. 
  7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur. 
  8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz. 
  9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.                		
            

        


        


        

                
        

        
        






    



                                


                        

                    


                

                

                
                

                    
                    
                        Donanım Sponsoru: incehesap.com
                    
                    

                    Yüklenme süresi: 3,463