Yeni Kayıt
Konudaki Resimler
önceki
|
Hızlı 
Bildirim
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (453. sayfa)
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
45x90 Cm XXL Gaming Oyuncu Mousepad Masa Matı Laptop Altlığı Sümen Su Geçirmez Kaymaz Taban : Amazon.com.tr: Ofis ve Kırtasiye
https://www.amazon.com.tr/dp/B0CN4PPTKR
6 sa. önce paylaşıldı
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
5 Misafir - 5 Masaüstü
Giriş
Mesaj
-
-
benim de surekli internetim donuyor usb modem ve ethernet modemle denedim bu surekli oluyor ikisnde ne yapmalıyım
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:30:33, on 04.12.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Windows\VMSnap3.exe
C:\Windows\Domino.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\windows live safety center\wlschost.EXE
C:\Windows\explorer.exe
K:\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =www.vestel.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =www.vestel.com.tr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 195.8.214.141 dailymotion.com
O1 - Hosts: 195.8.214.142 dailymotion.com
O1 - Hosts: 195.8.214.140www.dailymotion.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 67.228.223.62 mp3hanesi.com
O1 - Hosts: 67.228.223.62 mp3hanesi.net
O1 - Hosts: 67.228.223.62 mp3hanesi.org
O1 - Hosts: 67.228.223.62www.mp3hanesi.com
O1 - Hosts: 67.228.223.62www.mp3hanesi.net
O1 - Hosts: 67.228.223.62www.mp3hanesi.org
O1 - Hosts: 75.126.2.88 forumtr.com
O1 - Hosts: 75.126.2.88www.forumtr.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [VMSnap3] C:\Windows\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.EXE
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "CnxDslTb.exe" "Conexant\AccessRunner ADSL"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) -http://cdn.scan.onecare.live.com/resource/download/scanner/tr-tr/wlscctrl2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0709A458-9919-480E-AACD-051C6731DD1B}: NameServer = 4.2.2.2 4.2.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0709A458-9919-480E-AACD-051C6731DD1B}: NameServer = 4.2.2.2 4.2.2.1
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 10798 bytes
-
mrb benim anasayfam benim haberim olmadan direkara.com olarak değişmiş doğal olarak bende ne yaptııysam bu anasayfayı google olarak değiştiremedim bana bir yardım edin ltf ,
oot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\sysapp\lsas.exe
C:\Documents and Settings\Bilgisayarım\Local Settings\Application Data\sysapp\sorfum.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bilgisayarım\Local Settings\Temporary Internet Files\Content.IE5\KMV9TZV1\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =www.direkara.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [lsas] "C:\Program Files\Common Files\sysapp\lsas.exe"
O4 - HKCU\..\Run: [sorfum] "C:\Documents and Settings\Bilgisayarım\Local Settings\Application Data\sysapp\sorfum.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5622 bytes
-
Selamlar sergi bu aralar bilgisayarımın performansından hiç memnun değilim.Combofix için söylediklerini aynı şekilde uyguladım.Rapor aşağıdadır.İlgilenirsen sevinirim 
[/code]
ComboFix 09-12-03.06 - Admin 04.12.2009 20:02.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1254.90.1055.18.2046.1547 [GMT 2:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Admin\Application Data\Desktopicon\eBayShortcuts.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atIAcmxx.dll
c:\windows\system32\7118402411.CPX
c:\windows\system32\71184024112.CPX
c:\windows\system32\71184024113.CPX
c:\windows\system32\711840241133.CPX
c:\windows\system32\7118402412.CPX
c:\windows\system32\7118402413.CPX
c:\windows\system32\71184024133.CPX
c:\windows\system32\7118402415.CPX
c:\windows\system32\71184024155.CPX
c:\windows\system32\scrrntr.dll
c:\windows\wuasirvy.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_OREANS32
-------\Service_oreans32
((((((((((((((((((((((((( Files Created from 2009-11-04 to 2009-12-04 )))))))))))))))))))))))))))))))
.
2009-12-04 17:39 . 2009-12-04 17:39 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-04 17:38 . 2009-12-04 17:38 -------- d-----w- c:\documents and settings\Admin\Application Data\Malwarebytes
2009-12-04 17:38 . 2009-12-03 14:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 17:38 . 2009-12-04 17:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-04 17:38 . 2009-12-04 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-04 17:38 . 2009-12-03 14:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 13:25 . 2009-11-29 13:25 -------- d-----w- C:\found.000
2009-11-28 00:59 . 2009-11-28 00:59 -------- d-----w- c:\program files\Aspyr
2009-11-26 17:13 . 2009-12-04 16:09 -------- d-----w- c:\program files\WASP IRC
2009-11-20 14:51 . 2009-11-20 14:52 -------- d-----w- c:\documents and settings\Admin\Application Data\Shenturk
2009-11-19 17:15 . 2008-04-13 15:26 36396 ----a-w- c:\documents and settings\Admin\Application Data\BSplayer\AC3 Filter\uninstall.exe
2009-11-19 17:15 . 2007-07-05 01:33 892928 ----a-w- c:\documents and settings\Admin\Application Data\BSplayer\AC3 Filter\iconv.dll
2009-11-19 17:15 . 2007-08-18 07:54 20480 ----a-w- c:\documents and settings\Admin\Application Data\BSplayer\AC3 Filter\ac3config.exe
2009-11-19 17:15 . 2007-08-18 07:53 16384 ----a-w- c:\documents and settings\Admin\Application Data\BSplayer\AC3 Filter\dialog_patch.exe
2009-11-19 17:13 . 2009-11-19 17:13 -------- d-----w- c:\program files\Conduit
2009-11-19 17:13 . 2009-11-19 17:13 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\Conduit
2009-11-19 17:13 . 2009-11-19 17:16 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\BS_Player
2009-11-19 17:13 . 2009-11-19 17:13 -------- d-----w- c:\program files\BS_Player
2009-11-19 17:12 . 2009-11-19 17:16 -------- d-----w- c:\documents and settings\Admin\Application Data\BSplayer
2009-11-19 17:12 . 2009-11-19 17:12 -------- d-----w- c:\documents and settings\Admin\Application Data\BSplayer Pro
2009-11-19 17:12 . 2009-11-19 17:12 -------- d-----w- c:\program files\Webteh
2009-11-19 17:07 . 2009-11-19 17:07 -------- d-----w- c:\program files\Action DVD Player
2009-11-19 14:54 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-11-15 13:21 . 2009-11-15 11:10 34085608 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_tur_web.exe
2009-11-15 13:21 . 2009-11-15 13:21 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-15 13:21 . 2009-11-15 13:21 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-15 13:21 . 2009-11-15 13:21 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-15 13:21 . 2009-11-15 13:21 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-15 13:20 . 2009-11-15 13:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 17:59 . 2009-02-19 12:38 -------- d-----w- c:\documents and settings\Admin\Application Data\DNA
2009-12-04 17:59 . 2009-05-08 18:24 -------- d-----w- c:\documents and settings\Admin\Application Data\uTorrent
2009-12-04 17:55 . 2008-03-19 13:22 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-04 17:54 . 2009-02-19 12:38 -------- d-----w- c:\program files\DNA
2009-12-04 17:40 . 2009-01-27 15:42 -------- d-----w- c:\program files\sXe Injected
2009-12-04 17:32 . 2008-04-08 15:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-04 16:07 . 2008-09-18 15:15 -------- d-s---w- c:\program files\HLSW
2009-11-19 14:56 . 2009-11-15 13:22 -------- d-----w- c:\documents and settings\Admin\Application Data\Nokia
2009-11-19 14:54 . 2009-11-19 14:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-19 14:54 . 2009-11-19 14:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-15 13:22 . 2009-11-15 13:22 -------- d-----w- c:\documents and settings\Admin\Application Data\PC Suite
2009-11-15 13:22 . 2009-11-15 13:22 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-11-15 13:22 . 2009-11-15 13:22 -------- d-----w- c:\program files\DIFX
2009-11-15 13:22 . 2009-11-15 13:22 -------- d-----w- c:\program files\Common Files\PCSuite
2009-11-15 13:22 . 2009-11-15 13:22 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-15 13:22 . 2009-11-15 13:21 -------- d-----w- c:\program files\Nokia
2009-11-15 13:21 . 2009-11-15 13:21 -------- d-----w- c:\program files\PC Connectivity Solution
2009-11-10 13:08 . 2008-06-08 17:19 -------- d-----w- c:\program files\Windows Live
2009-11-04 16:16 . 2008-01-16 21:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-04 16:16 . 2008-01-16 16:14 -------- d-----w- c:\program files\CyberLink
2009-10-30 02:36 . 2009-07-29 09:37 -------- d-----w- c:\program files\VDOWNLOADER
2009-10-15 13:31 . 2009-10-15 13:30 -------- d-----w- c:\program files\MultiProxy
2009-10-10 13:00 . 2009-10-10 13:00 661 ----a-w- c:\windows\unins000.dat
2009-10-10 13:00 . 2002-02-09 23:00 72748 ----a-w- c:\windows\unins000.exe
2009-01-27 20:08 . 2009-01-27 20:08 135 ----a-w- c:\program files\masaüstü.scf
.
------- Sigcheck -------
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2004-08-03 . 6A603809F598332DBEDD535BDBCE313E . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2009-05-20 04:26 429800 ----a-w- c:\program files\kikin\ie_kikin.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 08:18 2215960 ----a-w- c:\program files\BS_Player\tbBS_P.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-07 323392]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-04-30 2329936]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-23 39408]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-11-25 289584]
"Steam"="d:\program files\Steam\Steam.exe" [2009-11-26 1217808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"AtiPTA"="atiptaxx.exe" - c:\windows\system32\atiptaxx.exe [2006-02-22 344064]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-13 692224]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programlar^Başlangıç^Adobe Reader Hızlı Çalıştırma.lnk]
path=c:\documents and settings\All Users\Start Menu\Programlar\Başlangıç\Adobe Reader Hızlı Çalıştırma.lnk
backup=c:\windows\pss\Adobe Reader Hızlı Çalıştırma.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Skype\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"d:\\SIERRA\\Half-Life\\hl.exe"=
"c:\\Program Files\\Gamers.IRC\\mirc.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"d:\\SIERRA\\Half-Life\\hltv.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [05.07.2006 14:46 63352]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 08:21 468224]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21.03.2009 14:40 54752]
R3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32.sys [16.07.2007 11:38 26272]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.10.2008 17:26 717296]
S1 atitray;atitray;\??\c:\program files\Radeon Omega Drivers\v3.8.205\ATI Tray Tools\atitray.sys --> c:\program files\Radeon Omega Drivers\v3.8.205\ATI Tray Tools\atitray.sys [?]
S3 fsssvc;Windows Live Aile Koruması Hizmeti;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864]
S3 sdAuxService;PC Tools Auxiliary Service;d:\program files\Spyware Doctor\pctsAuxs.exe [26.02.2009 19:29 356920]
.
Contents of the 'Scheduled Tasks' folder
2009-12-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-08 18:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {D0BB3ACE-4ED3-4D65-BB86-1A0C6CAF351F} - hxxp://212.175.239.246:81/avaLaunch95.cab
.
- - - - ORPHANS REMOVED - - - -
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe <uninstall>c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
AddRemove-NVIDIA Drivers - c:\windows\system32\NVUNINST.EXE UninstallGUI
AddRemove-Sierra Utilities - c:\program files\Sierra On-Line\sutil32.exe uninstall
AddRemove-Steam App 10 - d:\program files\Steam\steam.exe steam://uninstall/10
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-04 20:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1164)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-12-04 20:08
ComboFix-quarantined-files.txt 2009-12-04 18:08
Pre-Run: 3.516.264.448 bayt boş
Post-Run: 3.480.350.720 bayt boş
- - End Of File - - 860A3DB4F40871B60A954B397A59A04E
< Bu mesaj bu kişi tarafından değiştirildi COLOGNEEE -- 5 Aralık 2009; 17:00:17 >
-
Çok teşekkürler
İşime yaradı vallahi
-
Ne yapmam gerek yardımcı olursanız sevinirim teşekkürler.
ComboFix 09-12-04.02 - Gürhan 05.12.2009 11:16.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1254.90.1055.18.2046.1300 [GMT 2:00]
Running from: c:\users\Gürhan\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\WLSetup
c:\programdata\Microsoft\WLSetup\Logs\2009-09-28_18-33_e1c-ovqq6a47.log
c:\programdata\Microsoft\WLSetup\wlt7558.tmp
.
((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))))
.
2009-12-05 09:25 . 2009-12-05 09:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-05 09:25 . 2009-12-05 09:25 -------- d-----w- c:\users\Elif\AppData\Local\temp
2009-12-05 09:25 . 2009-12-05 09:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-05 09:25 . 2009-12-05 09:25 -------- d-----w- c:\users\Anahid\AppData\Local\temp
2009-12-03 22:10 . 2009-12-03 22:10 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB252.tmp.exe
2009-11-25 10:38 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 06:37 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 06:37 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-19 15:02 . 2009-11-19 15:02 4045528 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-19 14:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-19 14:54 . 2009-11-19 15:02 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-19 14:54 . 2009-11-19 14:54 -------- d-----w- c:\programdata\Malwarebytes
2009-11-19 14:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-18 17:40 . 2009-11-18 17:40 -------- d-----w- c:\program files\Trend Micro
2009-11-18 06:37 . 2009-11-18 06:37 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 06:33 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-18 06:33 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-18 06:33 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-18 06:30 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-18 06:30 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-18 06:30 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-11 07:35 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 07:32 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-07 07:40 . 2009-11-07 07:40 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-06 10:49 . 2009-11-06 11:06 4096 d-----w- c:\program files\Common Files\SolidWorks Shared
2009-11-06 10:49 . 2009-11-06 10:49 -------- d-----w- c:\program files\lang
2009-11-06 10:49 . 2009-11-06 11:10 -------- d-----w- c:\programdata\SolidWorks
2009-11-06 10:49 . 2009-11-06 11:07 4096 d-----w- c:\program files\SolidWorks Corp
2009-11-06 10:49 . 2009-11-06 10:55 4096 d-----w- c:\program files\Browser
2009-11-06 10:48 . 2009-11-06 10:48 -------- d-----w- c:\program files\MSECache
2009-11-06 10:47 . 2009-11-06 10:47 4096 d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-06 10:43 . 2009-11-06 10:43 -------- d-----w- c:\program files\Common Files\SolidWorks Installation Manager
2009-11-06 10:43 . 2009-11-06 10:46 -------- d-----w- c:\windows\SolidWorks
2009-11-05 17:07 . 2009-11-05 17:13 -------- d-----w- c:\windows\Downloaded Installations
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 08:19 . 2009-09-27 14:10 34990 ----a-w- c:\programdata\nvModes.dat
2009-12-05 08:19 . 2009-09-27 10:20 4096 d-----w- c:\programdata\NVIDIA
2009-12-02 11:31 . 2009-10-16 19:40 4096 d-----w- c:\programdata\Test Drive Unlimited
2009-11-27 15:11 . 2009-10-02 14:11 3695616 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-25 22:47 . 2009-10-12 11:59 32768 d-----w- c:\program files\GTR2
2009-11-22 18:36 . 2007-01-05 05:14 598312 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-22 18:36 . 2007-01-05 05:14 120110 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-18 06:37 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 06:37 . 2009-11-18 06:37 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-11 15:37 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 15:29 . 2009-10-05 06:35 8192 d-----w- c:\programdata\Microsoft Help
2009-11-09 15:24 . 2009-10-19 14:42 -------- d-----w- c:\program files\Java
2009-11-09 11:30 . 2009-09-30 18:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-08 09:44 . 2009-09-27 11:16 4096 d-----w- c:\program files\Google
2009-11-06 10:49 . 2009-09-27 14:07 8192 d-----w- c:\program files\AGEIA Technologies
2009-11-05 17:45 . 2009-11-05 17:45 4096 d-----w- c:\program files\iTunes
2009-11-05 17:45 . 2009-11-05 17:45 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-05 17:45 . 2009-11-05 17:41 -------- d-----w- c:\program files\Common Files\Apple
2009-11-05 17:45 . 2009-11-05 17:11 -------- d-----w- c:\program files\iPod
2009-11-05 17:43 . 2009-11-05 17:43 -------- d-----w- c:\program files\Bonjour
2009-11-05 17:43 . 2009-11-05 17:43 4096 d-----w- c:\program files\QuickTime
2009-11-05 17:43 . 2009-11-05 17:22 -------- d-----w- c:\programdata\Apple Computer
2009-11-05 17:42 . 2009-11-05 17:42 4096 d-----w- c:\program files\Apple Software Update
2009-11-05 17:41 . 2009-11-05 17:41 -------- d-----w- c:\programdata\Apple
2009-11-05 17:23 . 2009-09-30 18:15 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-05 17:22 . 2009-11-05 17:22 -------- d-----w- c:\programdata\QuickTime
2009-11-04 17:12 . 2009-10-19 14:40 4096 d-----w- c:\program files\LimeWire
2009-11-02 18:42 . 2009-10-03 08:07 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 19:57 . 2009-09-27 12:00 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-31 19:53 . 2009-10-31 19:53 -------- d-----w- c:\program files\Samsung
2009-10-29 09:22 . 2009-10-29 09:22 56472 ----a-w- c:\users\Elif\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-28 18:58 . 2009-10-28 18:58 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-26 14:19 . 2009-10-26 14:19 -------- d-----w- c:\program files\GameSpy
2009-10-26 14:16 . 2009-10-26 14:16 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-26 14:15 . 2009-10-26 14:15 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-26 14:15 . 2009-10-26 14:15 669184 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-26 14:15 . 2009-10-26 14:15 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-26 14:14 . 2009-10-26 14:14 -------- d-----w- c:\programdata\Media Center Programs
2009-10-26 14:05 . 2009-10-26 14:05 -------- d-----w- c:\program files\Electronic Arts
2009-10-16 14:11 . 2009-10-02 14:10 2353992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-10-16 13:18 . 2009-10-16 13:18 -------- d-----w- c:\program files\Atari
2009-10-15 07:56 . 2009-10-15 07:56 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-14 06:05 . 2009-10-14 06:05 -------- d-----w- c:\program files\Auslogics
2009-10-13 11:46 . 2009-10-13 11:20 4096 d-----w- c:\program files\GTR Evolution
2009-10-13 11:06 . 2009-10-13 11:06 -------- d-----w- c:\programdata\WindowsSearch
2009-10-11 02:17 . 2009-10-19 14:42 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 06:57 . 2009-10-05 06:37 4096 d-----w- c:\program files\Microsoft Works
2009-10-06 18:47 . 2009-10-06 18:47 -------- d-----w- c:\programdata\Trymedia
2009-10-06 18:46 . 2009-10-06 18:44 4096 d-----w- c:\program files\ARCA Remax
2009-10-05 14:25 . 2009-10-05 14:23 53248 ----a-w- c:\windows\PSEXESVC.EXE
2009-10-03 17:09 . 2009-10-03 17:09 61064 ----a-w- c:\users\Anahid\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-02 14:10 . 2009-10-02 14:10 562552 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-10-02 14:10 . 2009-10-02 14:10 566632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-10-02 14:10 . 2009-10-02 14:10 640760 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-10-02 14:10 . 2009-10-02 14:10 520024 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-10-02 14:10 . 2009-10-02 14:10 1028432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-10-01 22:14 . 2009-10-01 21:48 137 ----a-w- c:\windows\system32\winser.bin
2009-10-01 22:04 . 2009-10-01 22:04 113 ----a-w- c:\windows\system32\accwiz.bin
2009-10-01 21:43 . 2009-10-01 21:43 108 ----a-w- c:\windows\system32\dxwizard.bin
2009-10-01 01:02 . 2009-11-18 06:32 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 06:32 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-18 06:32 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 06:32 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 06:32 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 06:32 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 06:32 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 06:32 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 06:32 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 06:32 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 06:32 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 06:32 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-30 18:36 . 2009-09-30 18:36 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2009-09-30 18:15 . 2009-09-27 12:00 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-09-30 15:34 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-30 15:34 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-09-28 17:11 . 2009-09-28 17:11 75928 ----a-w- c:\windows\system32\drivers\ThwSpace.sys
2009-09-27 15:46 . 2009-09-27 15:46 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 15:46 . 2009-09-27 15:46 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-09-27 14:12 . 2009-09-27 14:12 9509832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-09-27 14:12 . 2009-09-27 14:12 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2009-09-27 14:12 3310184 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-09-27 14:12 . 2009-09-27 14:12 2169448 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-09-27 14:12 1997416 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-09-27 14:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-09-27 14:12 170600 ----a-w- c:\windows\system32\nvcod167.dll
2009-09-27 14:12 . 2009-09-27 14:12 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2009-09-27 14:12 11197032 ----a-w- c:\windows\system32\nvoglv32.dll
2009-09-27 14:12 . 2009-03-27 21:03 7614056 ----a-w- c:\windows\system32\nvd3dum.dll
2009-09-27 14:12 . 2009-03-27 21:03 1074280 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 12:00 . 2009-09-27 12:00 315392 ----a-w- c:\windows\HideWin.exe
2009-09-27 10:07 . 2009-09-27 10:07 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-09-27 10:07 . 2009-09-27 10:07 272896 ----a-w- c:\windows\system32\polstore.dll
2009-09-27 10:01 . 2009-09-27 10:01 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-27 10:01 . 2009-09-27 10:01 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-27 10:01 . 2009-09-27 10:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-27 10:01 . 2009-09-27 10:01 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-27 10:01 . 2009-09-27 10:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-27 10:01 . 2009-09-27 10:01 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-27 10:01 . 2009-09-27 10:01 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-27 10:01 . 2009-09-27 10:01 11264 ----a-w- c:\windows\system32\MRINFO.EXE
.
((((((((((((((((((((((((((((( SnapShot@2009-11-19_10.25.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-25 10:38 . 2009-10-29 09:26 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22254_none_17855e4d1ffaeb7e\tzupd.exe
+ 2009-09-27 10:09 . 2009-09-27 10:09 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18132_none_170f60c606cee124\tzupd.exe
+ 2009-11-25 10:38 . 2009-10-29 09:44 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22552_none_159cebd122d663ac\tzupd.exe
+ 2009-09-27 10:09 . 2009-09-27 10:09 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18351_none_15124cd609b9ad64\tzupd.exe
+ 2009-11-25 10:38 . 2009-10-29 09:36 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21150_none_13b482d325b1d628\tzupd.exe
+ 2009-11-25 10:38 . 2009-10-29 09:51 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16947_none_133cdfd80c85988c\tzupd.exe
+ 2009-09-27 10:21 . 2009-12-05 08:20 35240 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-12-05 08:20 52784 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2006-11-02 13:02 . 2009-11-19 10:00 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-12-05 08:19 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-11-19 10:00 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-12-05 08:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-12-05 08:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-11-19 10:00 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-09-30 18:09 . 2009-11-11 09:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-09-30 18:09 . 2009-12-03 11:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-09-30 18:09 . 2009-12-03 11:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-30 18:09 . 2009-11-11 09:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-30 18:09 . 2009-11-11 09:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-30 18:09 . 2009-12-03 11:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-16 08:46 . 2009-10-31 08:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-16 08:46 . 2009-12-05 08:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-16 08:46 . 2009-10-31 08:04 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-16 08:46 . 2009-12-05 08:19 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-16 08:46 . 2009-12-05 08:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-16 08:46 . 2009-10-31 08:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-25 10:37 . 2009-11-25 10:37 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2009-11-25 06:37 . 2009-08-11 16:58 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.22196_none_8a82c317ad5def05\msxml6r.dll
+ 2009-09-27 08:27 . 2009-09-27 08:27 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18087_none_8a04f68294374ca1\msxml6r.dll
+ 2009-11-25 06:37 . 2009-08-11 17:04 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22492_none_88985007b03b3485\msxml6r.dll
+ 2009-09-27 08:27 . 2009-09-27 08:27 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18306_none_887403b096d0fe9e\msxml6r.dll
+ 2009-11-25 06:37 . 2009-08-10 12:51 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.21103_none_87143919b2caf4b4\msxml6r.dll
+ 2009-11-25 06:37 . 2009-08-10 13:05 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16903_none_868ac42c99ad21a8\msxml6r.dll
+ 2009-11-25 06:37 . 2009-08-11 16:58 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.22196_none_8a83076fad5da222\msxml3r.dll
+ 2009-09-27 09:38 . 2009-09-27 09:38 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18087_none_8a053ada9436ffbe\msxml3r.dll
+ 2009-11-25 06:37 . 2009-08-11 17:04 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22492_none_8898945fb03ae7a2\msxml3r.dll
+ 2009-09-27 09:38 . 2009-09-27 09:38 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18306_none_8874480896d0b1bb\msxml3r.dll
+ 2009-11-25 06:37 . 2009-08-10 12:51 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.21103_none_87147d71b2caa7d1\msxml3r.dll
+ 2009-11-25 06:37 . 2009-08-10 13:05 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16903_none_868b088499acd4c5\msxml3r.dll
+ 2009-11-25 10:38 . 2009-10-29 09:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22254_none_17855e4d1ffaeb7e\tzres.dll
+ 2009-11-25 10:38 . 2009-10-29 09:17 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18132_none_170f60c606cee124\tzres.dll
+ 2009-11-25 10:38 . 2009-10-29 09:44 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22552_none_159cebd122d663ac\tzres.dll
+ 2009-11-25 10:38 . 2009-10-29 09:41 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18351_none_15124cd609b9ad64\tzres.dll
+ 2009-11-25 10:38 . 2009-10-29 07:55 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21150_none_13b482d325b1d628\tzres.dll
+ 2009-11-25 10:38 . 2009-10-29 07:59 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16947_none_133cdfd80c85988c\tzres.dll
+ 2009-09-27 07:41 . 2009-12-05 08:20 9166 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3859704966-3601974497-4018524651-1000_UserData.bin
- 2009-11-19 10:00 . 2009-11-19 10:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-05 08:19 . 2009-12-05 08:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-05 08:19 . 2009-12-05 08:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-11-19 10:00 . 2009-11-19 10:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2009-11-18 06:47 595748 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-11-22 18:36 595748 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-11-18 06:47 105078 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-11-22 18:36 105078 c:\windows\System32\perfc009.dat
+ 2009-09-30 15:16 . 2009-12-05 08:19 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-09-30 15:16 . 2009-11-19 10:00 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-11-25 10:37 . 2009-11-25 10:37 429568 c:\windows\Installer\e7bd28.msi
+ 2009-11-25 10:37 . 2009-11-25 10:37 1348432 c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5\msxml4.dll
+ 2009-11-25 06:37 . 2009-08-11 16:58 1401856 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.22196_none_8a82c317ad5def05\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-11 16:44 1401856 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18087_none_8a04f68294374ca1\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-11 15:26 1401344 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22492_none_88985007b03b3485\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-10 11:01 1399296 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18306_none_887403b096d0fe9e\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-10 12:51 1409536 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.21103_none_87143919b2caf4b4\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-10 13:05 1406464 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16903_none_868ac42c99ad21a8\msxml6.dll
+ 2009-11-25 06:37 . 2009-08-11 16:58 1248768 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.22196_none_8a83076fad5da222\msxml3.dll
+ 2009-11-25 06:37 . 2009-08-11 16:44 1248768 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18087_none_8a053ada9436ffbe\msxml3.dll
+ 2009-11-25 06:37 . 2009-08-11 15:25 1257472 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22492_none_8898945fb03ae7a2\msxml3.dll
+ 2009-11-25 06:37 . 2009-08-10 11:00 1257472 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18306_none_8874480896d0b1bb\msxml3.dll
+ 2009-11-25 06:37 . 2009-08-10 12:51 1260032 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.21103_none_87147d71b2caa7d1\msxml3.dll
+ 2009-11-25 06:37 . 2009-08-10 13:05 1260032 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16903_none_868b088499acd4c5\msxml3.dll
+ 2006-11-02 10:22 . 2009-11-25 10:42 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-11-18 11:15 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-20 22:05 . 2009-07-20 22:05 1348432 c:\windows\System32\msxml4.dll
+ 2009-09-30 21:32 . 2009-11-25 10:38 154400346 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-27 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2007-01-03 520192]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]
c:\users\Grhan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):3e,de,14,62,83,45,ca,01
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [02.10.2009 16:11 64160]
R2 SSPORT;SSPORT;c:\windows\System32\drivers\SSPORT.SYS [31.10.2009 21:53 5120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [27.09.2009 16:48 240232]
S2 DFServ;DFServ;c:\program files\Faronics\Deep Freeze\Install C-0\DFServ.exe --> c:\program files\Faronics\Deep Freeze\Install C-0\DFServ.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [07.11.2009 17:32 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [03.07.2009 16:49 1028432]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [09.09.2008 06:01 79144]
S3 FontCache;Windows Yazı Tipi Önbelleği Hizmeti;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [30.09.2009 16:50 21504]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.09.2005 07:01 2799808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2009-11-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:10]
2009-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 15:32]
2009-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 15:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/tr
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: {F711CC09-7C42-46FD-9193-E2A76D99E962} = 208.67.222.222,208.67.220.220
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Ad-Aware - c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
Completion time: 2009-12-05 11:27
ComboFix-quarantined-files.txt 2009-12-05 09:27
ComboFix2.txt 2009-11-22 08:46
ComboFix3.txt 2009-11-19 10:27
ComboFix4.txt 2009-10-05 14:17
Pre-Run: 116.094.558.208 bayt boş
Post-Run: 115.537.670.144 bayt boş
- - End Of File - - 058B03F4B6441876CA8E661CC462A8A2
-
Tekrar istemiş olduğunuz combofix logunu aşağıya ekledim.
quote:
ComboFix 09-12-04.04 - Lupus 05.12.2009 14:33.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.1015.586 [GMT 2:00]
Running from: c:\documents and settings\Lupus\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\com.run
c:\windows\system32\dp1.fne
c:\windows\system32\eAPI.fne
c:\windows\system32\internet.fne
c:\windows\system32\krnln.fnr
c:\windows\system32\og.dll
c:\windows\system32\og.edt
c:\windows\system32\RegEx.fnr
c:\windows\system32\shell.fne
c:\windows\system32\spec.fne
c:\windows\system32\ul.dll
c:\windows\system32\XP-07AAF1A8.EXE
.
((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))))
.
2009-12-05 10:22 . 2009-12-05 10:22 -------- d-----w- c:\documents and settings\Lupus\Local Settings\Application Data\Opera
2009-12-05 09:59 . 2009-12-05 09:59 -------- d-----w- c:\program files\Opera
2009-12-01 14:39 . 2007-02-25 10:06 122880 --sha-r- c:\windows\system32\blat.dll
2009-11-29 21:44 . 2009-11-29 21:44 -------- d-----w- c:\documents and settings\Lupus\Application Data\GRETECH
2009-11-29 21:43 . 2009-11-29 21:43 -------- d-----w- c:\documents and settings\Lupus\Application Data\Media Player Classic
2009-11-29 19:45 . 2008-04-14 07:00 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-11-29 19:45 . 2008-04-14 07:00 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-11-29 17:52 . 2009-12-05 12:22 -------- d-----w- c:\documents and settings\Lupus\Tracing
2009-11-29 17:51 . 2009-11-29 17:51 -------- d-----w- c:\program files\Microsoft
2009-11-29 17:51 . 2009-11-29 17:51 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-29 17:50 . 2009-11-29 17:51 -------- d-----w- c:\program files\Windows Live
2009-11-28 17:55 . 2009-11-28 17:55 -------- d-----w- c:\program files\GRETECH
2009-11-28 17:54 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-28 17:53 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-28 17:53 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-28 17:53 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-28 17:53 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-28 17:53 . 2009-11-28 17:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-28 17:45 . 2009-11-28 17:45 -------- d-----w- c:\program files\Microsoft Works
2009-11-28 17:44 . 2009-11-28 17:44 -------- d-----w- c:\program files\Microsoft.NET
2009-11-28 17:41 . 2009-11-28 17:42 -------- d-----w- c:\windows\SHELLNEW
2009-11-28 17:40 . 2009-11-28 17:40 -------- d-----r- C:\MSOCache
2009-11-28 16:24 . 2009-11-28 16:25 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-28 16:00 . 2009-02-26 12:39 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\InstallShield
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 12:25 . 2009-02-26 13:44 72316 ----a-w- c:\windows\system32\perfc01F.dat
2009-12-05 12:25 . 2009-02-26 13:44 389758 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-29 16:32 . 2009-11-28 16:01 55816 ----a-w- c:\documents and settings\Lupus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-28 17:50 . 2009-02-26 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2007-02-25 10:06 . 2009-12-01 14:39 122880 --sha-r- c:\windows\system32\blat.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-12-05_12.22.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-26 13:44 . 2009-12-05 12:25 62678 c:\windows\system32\perfc009.dat
- 2009-02-26 13:44 . 2009-12-05 09:17 62678 c:\windows\system32\perfc009.dat
+ 2009-02-26 13:44 . 2009-12-05 12:25 401398 c:\windows\system32\perfh009.dat
- 2009-02-26 13:44 . 2009-12-05 09:17 401398 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2006-12-22 10:28 271360 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2006-12-22 10:28 271360 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-01-23 416768]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-12-04 114688]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-12-17 622592]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-09-18 16855040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-2-26 376832]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [26.02.2009 14:40 933504]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Bluetooth Aygıtına Gönder... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Bluetooth'a Gönder - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-XP-07AAF1A8 - c:\windows\system32\XP-07AAF1A8.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-05 14:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-12-05 14:42
ComboFix-quarantined-files.txt 2009-12-05 12:41
ComboFix2.txt 2009-12-05 12:24
Pre-Run: 80.395.571.200 bayt boş
Post-Run: 80.385.892.352 bayt boş
- - End Of File - - 4971717620DE47EE91AE8BBF30479B95
-
quote:
Orijinalden alıntı: djinn_inc
Tekrar istemiş olduğunuz combofix logunu aşağıya ekledim.
quote:
ComboFix 09-12-04.04 - Lupus 05.12.2009 14:33.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.1015.586 [GMT 2:00]
Running from: c:\documents and settings\Lupus\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\com.run
c:\windows\system32\dp1.fne
c:\windows\system32\eAPI.fne
c:\windows\system32\internet.fne
c:\windows\system32\krnln.fnr
c:\windows\system32\og.dll
c:\windows\system32\og.edt
c:\windows\system32\RegEx.fnr
c:\windows\system32\shell.fne
c:\windows\system32\spec.fne
c:\windows\system32\ul.dll
c:\windows\system32\XP-07AAF1A8.EXE
.
((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))))
.
2009-12-05 10:22 . 2009-12-05 10:22 -------- d-----w- c:\documents and settings\Lupus\Local Settings\Application Data\Opera
2009-12-05 09:59 . 2009-12-05 09:59 -------- d-----w- c:\program files\Opera
2009-12-01 14:39 . 2007-02-25 10:06 122880 --sha-r- c:\windows\system32\blat.dll
2009-11-29 21:44 . 2009-11-29 21:44 -------- d-----w- c:\documents and settings\Lupus\Application Data\GRETECH
2009-11-29 21:43 . 2009-11-29 21:43 -------- d-----w- c:\documents and settings\Lupus\Application Data\Media Player Classic
2009-11-29 19:45 . 2008-04-14 07:00 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-11-29 19:45 . 2008-04-14 07:00 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-11-29 17:52 . 2009-12-05 12:22 -------- d-----w- c:\documents and settings\Lupus\Tracing
2009-11-29 17:51 . 2009-11-29 17:51 -------- d-----w- c:\program files\Microsoft
2009-11-29 17:51 . 2009-11-29 17:51 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-29 17:50 . 2009-11-29 17:51 -------- d-----w- c:\program files\Windows Live
2009-11-28 17:55 . 2009-11-28 17:55 -------- d-----w- c:\program files\GRETECH
2009-11-28 17:54 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-28 17:53 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-28 17:53 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-28 17:53 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-28 17:53 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-28 17:53 . 2009-11-28 17:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-28 17:45 . 2009-11-28 17:45 -------- d-----w- c:\program files\Microsoft Works
2009-11-28 17:44 . 2009-11-28 17:44 -------- d-----w- c:\program files\Microsoft.NET
2009-11-28 17:41 . 2009-11-28 17:42 -------- d-----w- c:\windows\SHELLNEW
2009-11-28 17:40 . 2009-11-28 17:40 -------- d-----r- C:\MSOCache
2009-11-28 16:24 . 2009-11-28 16:25 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-28 16:00 . 2009-02-26 12:39 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\InstallShield
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 12:25 . 2009-02-26 13:44 72316 ----a-w- c:\windows\system32\perfc01F.dat
2009-12-05 12:25 . 2009-02-26 13:44 389758 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-29 16:32 . 2009-11-28 16:01 55816 ----a-w- c:\documents and settings\Lupus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-28 17:50 . 2009-02-26 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2007-02-25 10:06 . 2009-12-01 14:39 122880 --sha-r- c:\windows\system32\blat.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-12-05_12.22.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-26 13:44 . 2009-12-05 12:25 62678 c:\windows\system32\perfc009.dat
- 2009-02-26 13:44 . 2009-12-05 09:17 62678 c:\windows\system32\perfc009.dat
+ 2009-02-26 13:44 . 2009-12-05 12:25 401398 c:\windows\system32\perfh009.dat
- 2009-02-26 13:44 . 2009-12-05 09:17 401398 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2006-12-22 10:28 271360 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2006-12-22 10:28 271360 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-01-23 416768]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-12-04 114688]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-12-17 622592]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-09-18 16855040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang�‡\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-2-26 376832]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [26.02.2009 14:40 933504]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Bluetooth Aygıtına Gönder... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Bluetooth'a Gönder - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-XP-07AAF1A8 - c:\windows\system32\XP-07AAF1A8.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-05 14:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-12-05 14:42
ComboFix-quarantined-files.txt 2009-12-05 12:41
ComboFix2.txt 2009-12-05 12:24
Pre-Run: 80.395.571.200 bayt boş
Post-Run: 80.385.892.352 bayt boş
- - End Of File - - 4971717620DE47EE91AE8BBF30479B95
Sağol varol
-
Combofix+Mbam 3-4 zararlı bulup sildi. Son Combofix loguna bakarsan sevinirim.
ComboFix 09-12-05.01 - GTR2 05.12.2009 22:37.6.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1254.90.1055.18.3067.2492 [GMT 2:00]
Running from: c:\users\GTR2\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))))
.
2009-12-05 20:45 . 2009-12-05 20:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-05 20:45 . 2009-12-05 20:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-05 13:52 . 2009-12-05 20:45 4096 d-----w- c:\users\GTR2\AppData\Local\temp
2009-12-05 13:06 . 2009-12-05 13:06 4844296 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-05 01:08 . 2009-12-05 01:08 -------- d-----w- c:\windows\system32\AGEIA
2009-12-05 01:08 . 2009-12-05 01:08 8192 d-----w- c:\program files\AGEIA Technologies
2009-12-05 00:46 . 2009-12-05 00:46 -------- d-----w- c:\users\GTR2\AppData\Local\NVIDIA Corporation
2009-12-04 23:23 . 2009-12-04 23:23 4096 d-----w- C:\Fraps
2009-12-04 19:51 . 2009-11-12 04:14 66664 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2009-12-04 19:51 . 2009-11-12 01:09 57344 ----a-w- c:\windows\system32\nvapo32v.dll
2009-12-04 19:51 . 2009-11-12 01:08 19456 ----a-w- c:\windows\system32\nvhdap32.dll
2009-12-04 19:51 . 2009-11-10 23:15 182888 ----a-w- c:\windows\system32\nvcohda.dll
2009-12-03 21:23 . 2009-12-03 21:23 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2009-11-30 21:02 . 2009-11-30 21:02 -------- d-----w- c:\users\GTR2\AppData\Roaming\FastStone
2009-11-30 21:02 . 2009-11-30 21:02 4096 d-----w- c:\program files\FastStone Capture
2009-11-30 17:31 . 2009-11-30 17:31 -------- d-----w- c:\program files\Trend Micro
2009-11-30 10:52 . 2009-11-30 10:52 -------- d-----w- c:\users\GTR2\AppData\Roaming\Nero
2009-11-30 10:52 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-11-30 10:52 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-11-30 10:52 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-11-30 10:52 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-11-30 10:52 . 2009-11-30 10:52 -------- d-----w- c:\program files\Nero
2009-11-30 10:52 . 2009-11-30 10:52 -------- d-----w- c:\program files\Common Files\Nero
2009-11-30 10:52 . 2009-11-30 10:52 -------- d-----w- c:\programdata\Nero
2009-11-30 10:52 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-11-29 23:27 . 2009-08-28 03:41 155648 ----a-w- c:\windows\system32\nvcod164.dll
2009-11-28 20:45 . 2009-11-28 20:45 -------- d-----w- c:\users\GTR2\AppData\Local\VMLite Workstation
2009-11-28 20:44 . 2009-11-28 20:45 -------- d-----w- c:\users\GTR2\VMLites
2009-11-27 21:08 . 2009-11-27 21:14 -------- d-----w- c:\windows\system32\RTCOM
2009-11-27 19:03 . 2009-11-27 19:03 -------- d-----w- c:\program files\Realtek
2009-11-26 19:37 . 2009-11-26 19:37 -------- d-----w- c:\program files\Common Files\PCSuite
2009-11-26 19:37 . 2009-11-26 19:37 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-26 19:37 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-11-26 19:37 . 2009-11-26 19:37 12288 d-----w- c:\program files\PC Connectivity Solution
2009-11-26 19:37 . 2009-11-26 19:37 33884480 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_tur_web.exe
2009-11-25 01:02 . 2009-11-25 01:02 339776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2009-11-24 18:39 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 18:34 . 2009-11-24 18:34 -------- d-----w- c:\programdata\Zbshareware Lab
2009-11-24 18:33 . 2009-11-24 18:34 4096 d-----w- c:\program files\USB Disk Security
2009-11-23 21:23 . 2009-11-23 23:12 -------- d-----w- c:\users\GTR2\Tracing
2009-11-23 20:41 . 2009-08-05 20:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-11-23 20:41 . 2009-11-23 20:41 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-11-23 20:40 . 2009-11-23 20:40 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-23 20:39 . 2009-11-23 20:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-23 20:39 . 2009-11-23 20:41 4096 d-----w- c:\program files\Windows Live
2009-11-23 19:56 . 2009-11-23 19:56 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-23 19:55 . 2009-11-23 20:39 -------- d-----w- c:\program files\Microsoft
2009-11-23 13:11 . 2009-11-23 13:11 -------- d-----w- C:\BigFishGamesCache
2009-11-23 05:24 . 2009-11-23 05:24 -------- d-----w- c:\users\GTR2\AppData\Roaming\PlayFirst
2009-11-23 05:24 . 2009-11-23 05:24 -------- d-----w- c:\programdata\PlayFirst
2009-11-23 05:24 . 2009-11-23 09:49 4096 d-----w- c:\program files\Diner Dash Hometown Hero
2009-11-23 03:43 . 2009-11-23 03:43 -------- d-----w- c:\programdata\Fugazo
2009-11-23 03:13 . 2009-11-23 03:13 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-11-22 21:08 . 2009-11-22 21:07 920 ----a-w- c:\windows\system32\drivers\RtHdatEx.dat
2009-11-22 21:08 . 2009-11-22 21:07 8 ----a-w- c:\windows\system32\drivers\rtkhdaud.dat
2009-11-22 21:08 . 2009-11-22 21:07 520 ----a-w- c:\windows\system32\drivers\RTEQEX2.dat
2009-11-22 21:08 . 2009-11-22 21:07 520 ----a-w- c:\windows\system32\drivers\RTEQEX1.dat
2009-11-22 21:08 . 2009-11-22 21:07 520 ----a-w- c:\windows\system32\drivers\RTEQEX0.dat
2009-11-22 21:08 . 2009-11-22 21:07 156788 ----a-w- c:\windows\system32\drivers\RtConvEQ.DAT
2009-11-22 21:08 . 2009-11-27 21:08 -------- d--h--w- c:\program files\Temp
2009-11-22 21:08 . 2009-11-22 21:08 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-22 13:13 . 2009-11-23 09:49 4096 d-----w- c:\program files\Cake Mania Main Street
2009-11-22 13:13 . 2009-11-22 13:13 -------- d-----w- c:\program files\ReflexiveArcade
2009-11-22 00:39 . 2009-11-22 00:39 -------- d-----w- c:\program files\Acer
2009-11-21 22:32 . 2009-11-25 21:51 4096 d-----w- c:\program files\EA SPORTS
2009-11-21 22:32 . 2009-11-21 22:32 547 ----a-w- c:\windows\eReg.dat
2009-11-21 20:26 . 2009-11-21 20:26 -------- d-----w- c:\users\GTR2\AppData\Roaming\ABBYY
2009-11-21 20:25 . 2009-11-21 20:25 -------- d-----w- c:\program files\Common Files\ABBYY
2009-11-21 20:25 . 2009-12-05 13:05 163840 d-----w- c:\program files\ABBYY FineReader 9.0
2009-11-21 20:25 . 2009-11-21 20:32 4096 d-----w- c:\users\GTR2\AppData\Local\ABBYY
2009-11-21 20:25 . 2009-11-21 20:32 -------- d-----w- c:\programdata\ABBYY
2009-11-21 20:23 . 2009-11-23 23:38 -------- d-----w- C:\temp
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 03:56 . 2009-11-21 03:56 -------- d-----w- c:\program files\uTorrent
2009-11-21 03:54 . 2009-12-05 20:33 4096 d-----w- c:\users\GTR2\AppData\Roaming\uTorrent
2009-11-20 18:33 . 2009-11-20 18:33 87144 ----a-w- c:\windows\system32\nvhotkey.dll
2009-11-20 18:33 . 2009-11-20 18:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 18:33 . 2009-11-20 18:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 18:33 . 2009-11-20 18:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 18:33 . 2009-11-20 18:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 18:33 . 2009-11-20 18:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 18:33 . 2009-11-20 18:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-19 20:22 . 2009-11-19 21:27 -------- d-----w- c:\programdata\WinZip
2009-11-19 19:15 . 2009-11-19 19:21 4096 d-----w- c:\program files\GTR2
2009-11-18 23:37 . 2009-11-18 23:37 -------- d-----w- c:\program files\MSECache
2009-11-18 18:34 . 2009-11-28 16:50 8192 d-----w- c:\users\GTR2\AppData\Roaming\LimeWire
2009-11-18 18:34 . 2009-11-18 18:34 20480 d-----w- c:\program files\LimeWire
2009-11-17 23:34 . 2009-11-17 23:34 4096 d-----w- c:\program files\SystemRequirementsLab
2009-11-17 23:34 . 2009-11-17 23:34 4096 d-----w- c:\users\GTR2\AppData\Roaming\SystemRequirementsLab
2009-11-17 23:34 . 2009-11-17 23:34 247296 ----a-w- c:\users\GTR2\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll
2009-11-17 23:34 . 2009-11-17 23:34 247296 ----a-w- c:\users\GTR2\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll
2009-11-17 23:34 . 2009-11-17 23:34 247296 ----a-w- c:\users\GTR2\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll
2009-11-17 23:34 . 2009-11-17 23:34 247296 ----a-w- c:\users\GTR2\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll
2009-11-16 22:26 . 2009-11-16 22:26 -------- d-----w- c:\users\GTR2\DoctorWeb
2009-11-16 22:16 . 2009-11-16 22:12 22597512 ----a-w- C:\launch.exe
2009-11-16 02:42 . 2009-11-27 20:08 4096 d-----w- c:\program files\Uninstall Plus v4.1
2009-11-16 02:39 . 2009-11-16 02:39 -------- d-----w- c:\users\GTR2\AppData\Roaming\Win7codecs
2009-11-16 01:46 . 2009-11-21 20:28 -------- d-----w- c:\users\GTR2\AppData\Local\Adobe
2009-11-16 01:46 . 2009-11-21 20:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-15 19:16 . 2009-11-15 19:16 33884480 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_tur.exe
2009-11-15 19:16 . 2009-11-15 19:16 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-15 19:16 . 2009-11-15 19:16 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-15 19:16 . 2009-11-15 19:16 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-15 19:16 . 2009-11-15 19:16 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-15 18:36 . 2009-07-08 14:34 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-11-15 18:35 . 2009-11-15 18:35 -------- d-----w- C:\Intel
2009-11-15 18:35 . 2009-06-04 16:43 330264 ----a-w- c:\windows\system32\drivers\iaStor.sys
2009-11-15 18:35 . 2009-11-15 18:36 -------- d-----w- c:\program files\Intel
2009-11-15 16:07 . 2009-11-15 16:08 -------- d-----w- c:\users\GTR2\AppData\Roaming\PC Suite
2009-11-15 16:07 . 2009-11-15 16:08 4096 d-----w- c:\users\GTR2\AppData\Roaming\Nokia
2009-11-15 16:07 . 2009-11-15 16:08 -------- d-----w- c:\programdata\PC Suite
2009-11-15 16:06 . 2009-11-15 16:07 -------- d-----w- c:\program files\DIFX
2009-11-15 16:06 . 2009-11-26 19:37 4096 dc----w- c:\windows\system32\DRVSTORE
2009-11-15 16:06 . 2009-11-26 19:37 -------- d-----w- c:\program files\Nokia
2009-11-15 16:06 . 2009-10-06 09:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-11-15 16:06 . 2009-10-31 12:53 34085608 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_tur_web.exe
2009-11-15 16:05 . 2009-11-15 16:05 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-15 16:05 . 2009-11-15 16:05 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-15 16:05 . 2009-11-15 16:05 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-15 16:05 . 2009-11-15 16:05 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-15 16:05 . 2009-11-15 19:16 -------- d-----w- c:\programdata\Installations
2009-11-14 23:30 . 2009-11-14 23:30 -------- d-----w- c:\users\GTR2\AppData\Roaming\Malwarebytes
2009-11-14 23:30 . 2009-12-03 14:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-14 23:30 . 2009-12-05 13:06 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-14 23:30 . 2009-12-03 14:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 20:40 . 2009-07-14 08:10 609888 ----a-w- c:\windows\system32\perfh01F.dat
2009-12-05 20:40 . 2009-07-14 08:10 118344 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-17 18:46 . 2009-11-27 21:07 55328 ----a-w- c:\windows\system32\RtkCoInst.dll
2009-11-17 18:46 . 2009-11-27 21:07 346656 ----a-w- c:\windows\system32\RtkApoApi.dll
2009-11-17 18:46 . 2009-11-27 21:07 2795552 ----a-w- c:\windows\system32\RtkAPO.dll
2009-11-17 18:46 . 2009-11-27 21:07 1528864 ----a-w- c:\windows\system32\RtkPgExt.dll
2009-11-17 18:02 . 2009-11-27 21:07 2807392 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2009-11-15 16:08 . 2009-11-15 16:08 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-11-15 16:08 . 2009-11-15 16:08 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-15 16:03 . 2009-11-15 16:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-13 13:16 . 2009-11-27 21:07 73216 ----a-w- c:\windows\system32\RTEEL32A.dll
2009-11-13 13:16 . 2009-11-27 21:07 59392 ----a-w- c:\windows\system32\RTEEG32A.dll
2009-11-13 13:16 . 2009-11-27 21:07 348160 ----a-w- c:\windows\system32\RTEEP32A.dll
2009-11-13 13:16 . 2009-11-27 21:07 165376 ----a-w- c:\windows\system32\RTEED32A.dll
2009-11-11 00:51 . 2009-11-11 00:51 -------- d-sh--we c:\programdata\Sık Kullanılanlar
2009-11-11 00:51 . 2009-11-11 00:51 -------- d-sh--we c:\programdata\Belgeler
2009-11-11 00:47 . 2009-11-11 00:47 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-02 11:48 . 2009-11-27 21:07 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-10-30 16:56 . 2009-11-27 21:07 290816 ----a-w- c:\windows\system32\FMAPO.dll
2009-10-06 09:55 . 2009-10-06 09:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-10-06 09:52 . 2009-10-06 09:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-10-06 09:52 . 2009-10-06 09:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-10-06 09:52 . 2009-10-06 09:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-10-06 09:52 . 2009-10-06 09:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-10-06 09:52 . 2009-10-06 09:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-10-02 04:06 . 2009-11-11 02:02 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-15 17:40 . 2009-09-15 17:40 6114816 ----a-w- c:\windows\system32\drivers\NETw5s32.sys
2009-09-15 17:19 . 2009-09-15 17:19 2756608 ----a-w- c:\windows\system32\NETw5r32.dll
2009-09-15 17:18 . 2009-09-15 17:18 675840 ----a-w- c:\windows\system32\NETw5c32.dll
2009-09-15 11:59 . 2009-09-15 11:59 38248 ----a-w- c:\windows\system32\drivers\nvoclock.sys
2009-09-15 11:59 . 2009-09-15 11:59 162408 ----a-w- c:\windows\system32\nvcoclk.dll
2009-09-07 01:13 . 2009-09-07 01:13 69382 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((( SnapShot_2009-12-05_13.51.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-11 01:48 . 2009-12-05 20:35 29984 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 04:55 . 2009-12-05 13:45 39954 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2009-12-05 20:36 39954 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-11-11 01:12 . 2009-12-05 20:36 10484 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3670235152-447272939-4044406595-1000_UserData.bin
- 2009-11-11 00:50 . 2009-12-03 21:25 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-11 00:50 . 2009-12-05 18:40 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-11 00:50 . 2009-12-03 21:25 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-11 00:50 . 2009-12-05 18:40 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2009-12-05 18:40 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2009-12-03 21:25 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-11 01:04 . 2009-12-05 13:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-11 01:04 . 2009-12-05 20:37 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-11 02:03 . 2009-12-05 02:06 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-11 02:03 . 2009-12-05 19:01 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-11 02:03 . 2009-12-05 02:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-11 02:03 . 2009-12-05 19:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-11 02:03 . 2009-12-05 19:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-11 02:03 . 2009-12-05 02:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2009-11-11 01:04 . 2009-12-05 20:37 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-11 01:04 . 2009-12-05 13:03 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-11 01:04 . 2009-12-05 20:37 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-11 01:04 . 2009-12-05 13:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-05 13:43 . 2009-12-05 13:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-05 20:34 . 2009-12-05 20:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-12-05 13:43 . 2009-12-05 13:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-05 20:34 . 2009-12-05 20:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:05 . 2009-12-05 13:48 607190 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2009-12-05 20:40 607190 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2009-12-05 13:48 103568 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2009-12-05 20:40 103568 c:\windows\System32\perfc009.dat
- 2009-07-14 02:03 . 2009-12-05 01:23 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2009-12-05 20:31 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-11-21 289584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2009-11-24 815104]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-17 8092192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.07.2009 01:52 48128]
R3 NETw5s32;Windows 7 32 Bit için Intel(R) Wireless WiFi Link Bağdaştırıcı Sürücüsü ;c:\windows\System32\drivers\NETw5s32.sys [15.09.2009 19:40 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [04.12.2009 21:51 66664]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\System32\drivers\nvoclock.sys [15.09.2009 13:59 38248]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\System32\drivers\VSTAZL3.SYS [14.07.2009 00:13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\System32\drivers\VSTDPV3.SYS [14.07.2009 00:13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\System32\drivers\VSTCNXT3.SYS [14.07.2009 00:13 661504]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28.03.2007 07:51 43008]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [12.11.2009 01:05 691696]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [23.11.2009 22:41 54632]
S3 fsssvc;Windows Live Aile Koruması Hizmeti;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864]
S3 netw5v32;Windows Vista 32 Bit için Intel(R) Wireless WiFi Link 5000 Serisi Bağdaştırıcı Sürücüsü;c:\windows\System32\drivers\netw5v32.sys [10.06.2009 23:18 4231168]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [27.10.2008 18:03 759072]
S4 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [29.10.2009 20:05 73144]
S4 TunerFreeMCEService;TunerFreeMCEService;c:\program files\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe [28.10.2009 09:03 9216]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
TCP: {00428595-D26E-49E8-89BD-381FC3CB180B} = 4.2.2.3,4.2.2.4
DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} - hxxps://www.isbank.com.tr/Internet/lib/JaguarEdit4ISBv27.CAB
FF - ProfilePath - c:\users\GTR2\AppData\Roaming\Mozilla\Firefox\Profiles\09tz7buf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2009-12-05 22:46
ComboFix-quarantined-files.txt 2009-12-05 20:46
ComboFix2.txt 2009-12-05 13:52
ComboFix3.txt 2009-12-03 21:37
ComboFix4.txt 2009-11-15 00:24
ComboFix5.txt 2009-12-05 20:35
Pre-Run: 105.507.540.992 bayt boş
Post-Run: 105.455.493.120 bayt boş
- - End Of File - - 5F1C91C141A89934FF114B46A623A563
-
Birkaç gündür pc ufak uygulamalarda bile donabiliyo Yardımcı olursanız sevinirim
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:04:00, on 06.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Users\Tuncer\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Tuncer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tuncer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tuncer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tuncer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tuncer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AvkWebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tuncer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) -http://support.euro.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{09AE3FCE-BF68-44C0-A754-C00C8EB79117}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{09AE3FCE-BF68-44C0-A754-C00C8EB79117}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Dosya Sistemi Bekçisi (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
--
End of file - 9302 bytes
-
Öncelikle konu çok faydalı çünkü buradaki bazı sorunları kendi başına çözmeye çalışanların başı çok ağrıyor , emeğine sağlık.
Sorunum son 2 haftadır internette ve bilgisayarda acayip yavaşlama oldu..Facebookda bazı videolarım beyaz görünüyo ama oynat diyince sorun yok normal oynatıyor..Bazı forumlarda yazılar ekranın sağına kayıyor ve ufak grafiklerdede hatalar oluyor göstermiyor..Sebebini anlayamadım bir türlü.Google chrome kullanıyordum sorunsuz şimdi sürekli shock wawe çöktü diyor kapatıyor hatalar oluşuyor ..Firefoxdada var benzeri hatalar yani tarayıcıdan değil..İnternet te download hızım 900 lere ulaşırken bunların sebebi nedir çözemedim..Bazı videolarda başta takılıyor biraz aslında video hemen doluyor ama oynatırken tıkanabiliyor.AVG ile tarattım bi kaç ufak şey buldu temizledim.Bilgisiyarı temizde kullanıyorum ama işte.Her neyse bi bakarsan;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:38, on 12/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Engin\Desktop\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Engin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O8 - Extra context menu item: Açılan son 10 FLV videosunu IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL2.htm
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258297593765
O17 - HKLM\System\CCS\Services\Tcpip\..\{68609155-CD1E-4B08-90B0-505941015DEB}: NameServer = 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{68609155-CD1E-4B08-90B0-505941015DEB}: NameServer = 208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe (file missing)
--
End of file - 7424 bytes
-
Arkadaşlar bu logları "code" tagının içinde verseniz daha iyi olmaz mı? Bu şekilde sayfalar aşırı uzuyor.
Code için örnek
Malwarebytes' Anti-Malware 1.41
Veritabanı sürümü: 3278
Windows 6.1.7600
02.12.2009 20:56:10
mbam-log-2009-12-02 (20-56-10).txt
Tarama biçimi: Gelişmiş Tarama (C:\|D:\|E:\|I:\|)
Taranan öğeler: 454999
Geçen süre: 1 hour(s), 44 minute(s), 52 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 0
Etkilenmiş Kayıt Değerleri: 0
Etkilenmiş Kayıt Verisi Öğeleri: 0
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 14
Etkilenmiş Hafıza İşlemleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Hafıza Modülleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Anahtarları:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Değerleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Verisi Öğeleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Klasörler:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Dosyalar:
C:\Program Files\WinRAR\Patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Cep Arşiv\Nokia\N82 için programlar\Best Crypto v1.0\keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Cep Arşiv\Nokia\N82 için programlar\Handy Calendar\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Program Arşivi\CD-DVD\AnyReader_v3.02.40 Bozuk cd dvd okuma\nfoviewer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Program Arşivi\CD-DVD\Nero\NERO 9.4.13.2d FINAL (Multilanguage)\KEYGEN\KEYGEN.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Program Arşivi\Güvenlik\Malwarebytes\Malwarebytes.Anti-Malware.v1.37.Multilingual.Win2kXP2k3Vista.Incl.Keygen-CRD\keygen\yaya.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
E:\Program Arşivi\Karışık\Product.Key.Explorer\KGN\keygen.exe (Malware.Packer) -> Quarantined and deleted successfully.
E:\Program Arşivi\Karışık\Recover My Files\Cure\KeyMaker.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Program Arşivi\Karışık\Teleport Pro\Teleport.Pro.v1.60.Incl.Keymaker-AGAiN\keymaker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Program Arşivi\Müzik\Winamp\Winamp 5.35 Pro Türkçe\Winamp 5.xx KeyGen.exe (Malware.Packer) -> Quarantined and deleted successfully.
E:\Program Arşivi\Performans\Your uninstaller\Your Uninstaller! PRO 2008 6.2.1331 Multilingual Christmas Edition\Keygen-Pack\Keygen-SND\YourUninstaller2008keygen.#xe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Program Arşivi\Performans\Your uninstaller\yu2008setup\KeyGen\Keygen-SND\YourUninstaller2008keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Program Arşivi\Ses-Video\Oynatıcılar\Power DVD Deluxe 9\CyberLink.PowerDVD.Deluxe.v9.0.1428.Multilingual.Incl.Keymaker\KGN\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Program Arşivi\Sıkıştırma\rar\Keygen.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Böylelikle hem sayfa bşuna uzamıyor hem daha iyi görünüyor.
-
@PHI ; Kesinlikle katılıyorum.
@serji ; Bu arkadaşımın logu; msnden virüs yemiş herkese fotoyla ilgili link gönderiyor...Loglara bakarsan sevinirim.Ayrıca yavaşlık ta söz konusu...
Logları vermeden önce güncel Eset Smart Security 4 ile tarattım 6 adet zararlı dosya buldu ve temizledi...
HiJack This logu
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:17, on 06.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\downloads\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236535293950
O17 - HKLM\System\CCS\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B481F0D-3065-46AD-AA5B-094735CB4165}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CS3\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CS4\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O17 - HKLM\System\CS5\Services\Tcpip\..\{27A1E318-90F5-4D90-80C4-D3514E80E68E}: NameServer = 4.2.2.5,4.2.2.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Atheros Yapılandırma Hizmeti (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 8549 bytes
Combofix logu
ComboFix 09-11-20.02 - Funda Aydoğdu 06.12.2009 17:03.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.1014.548 [GMT 2:00]
Running from: c:\downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\pciide.sys
c:\windows\system32\scrrntr.dll
.
((((((((((((((((((((((((( Files Created from 2009-11-06 to 2009-12-06 )))))))))))))))))))))))))))))))
.
2009-12-06 14:12 . 2009-12-06 14:12 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-06 14:11 . 2009-12-03 14:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-06 14:11 . 2009-12-06 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-06 14:11 . 2009-12-03 14:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-06 14:11 . 2009-12-06 14:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-02 00:37 . 2009-12-02 00:37 -------- d-----w- c:\windows\system32\LogFiles
2009-11-26 21:03 . 2008-04-13 09:46 37888 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
2009-11-26 21:03 . 2008-04-13 09:46 37888 ----a-w- c:\windows\system32\drivers\bthmodem.sys
2009-11-26 19:19 . 2009-06-05 13:43 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-11-26 19:19 . 2009-06-05 13:43 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-11-26 19:19 . 2009-06-05 13:43 112640 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-11-26 19:19 . 2009-06-05 13:43 102656 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2009-11-26 19:19 . 2009-06-05 13:43 102400 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-11-26 19:18 . 2009-11-26 19:19 -------- d-----w- c:\program files\Turkcell Connect
2009-11-26 07:18 . 2008-04-13 09:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-11-26 07:18 . 2008-04-13 09:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-11-23 10:46 . 2009-11-23 10:46 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-23 10:31 . 2009-11-23 10:31 -------- d-----w- c:\program files\Common Files\Skype
2009-11-23 10:31 . 2009-11-23 10:32 -------- d-----r- c:\program files\Skype
2009-11-23 10:31 . 2009-11-23 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-11-16 07:06 . 2009-11-16 07:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 07:06 . 2009-11-16 07:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 07:03 . 2009-11-16 07:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 06:56 . 2009-11-16 06:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-06 14:18 . 2009-03-08 20:01 -------- d-----w- c:\program files\Orbitdownloader
2009-12-06 12:29 . 2009-03-08 17:57 -------- d-----w- c:\program files\ESET
2009-12-06 12:29 . 2009-03-08 17:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-11-29 22:03 . 2008-05-01 12:00 45784 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-29 22:03 . 2008-05-01 12:00 300326 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-05 23:46 . 2009-11-05 23:46 -------- d-----w- c:\program files\Microsoft
2009-11-05 23:45 . 2009-11-05 23:45 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-05 23:45 . 2009-03-08 19:35 -------- d-----w- c:\program files\Windows Live
2009-11-05 23:30 . 2009-11-05 23:30 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-28 21:37 . 2009-10-09 18:46 -------- d-----w- c:\program files\EViews5
2009-10-26 22:09 . 2009-03-31 20:11 -------- d-----w- c:\program files\CollinsCoBuild
2009-10-17 18:13 . 2009-10-17 18:12 -------- d-----w- c:\program files\iTunes
2009-10-17 18:13 . 2009-10-17 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-17 18:12 . 2009-10-17 18:12 -------- d-----w- c:\program files\iPod
2009-10-17 18:12 . 2009-07-01 14:38 -------- d-----w- c:\program files\Common Files\Apple
2009-10-17 18:09 . 2009-10-17 18:09 -------- d-----w- c:\program files\QuickTime
2009-10-17 17:58 . 2009-10-17 17:58 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe
2009-10-14 13:32 . 2009-03-08 18:10 -------- d-----w- c:\program files\Java
2009-10-09 18:46 . 2009-10-09 18:46 47 ---h--r- c:\windows\ghdc.dat
2009-10-09 18:46 . 2009-03-08 17:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-11 14:18 . 2008-05-01 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2004-06-03 10:53 . 2009-10-09 18:52 724 ----a-w- c:\program files\Eviews 5.reg
2004-06-03 07:11 . 2009-10-09 18:52 6598656 ----a-w- c:\program files\EViews5.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-05-01 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-01 15360]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-3-8 1707208]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.03.2009 22:42 643072]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 09:03 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 09:04 735960]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac9623f0-479a-11de-bec5-0016d4f815e2}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
2009-11-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Microsoft Excel'e Gö&nder - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {27A1E318-90F5-4D90-80C4-D3514E80E68E} = 4.2.2.5,4.2.2.3
TCP: {6B481F0D-3065-46AD-AA5B-094735CB4165} = 4.2.2.5,4.2.2.3
FF - ProfilePath - c:\documents and settings\Funda Aydoğdu\Application Data\Mozilla\Firefox\Profiles\rcdsugk5.default\
FF - prefs.js: browser.startup.homepage - www.google.com.tr
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-06 17:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer,http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe >>UNKNOWN [0x873D4BF8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> 0x873d4bf8
\Driver\ACPI -> ACPI.sys @ 0xf761acb8
\Driver\atapi -> atapi.sys @ 0xf7591b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf749abb0
PacketIndicateHandler -> NDIS.sys @ 0xf7489a0d
SendHandler -> NDIS.sys @ 0xf749db40
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3996)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\rundll32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Orbitdownloader\orbitnet.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-12-06 17:10 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-06 15:10
Pre-Run: 19 954 954 240 bayt boş
Post-Run: 19 927 674 880 bayt boş
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 5E5D33BC819071A20ED2E82219696B23
Malware Logu
Malwarebytes' Anti-Malware 1.42
Veritabanı sürümü: 3303
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
06.12.2009 16:54:48
mbam-log-2009-12-06 (16-54-48).txt
Tarama biçimi: Gelişmiş Tarama (C:\|D:\|)
Taranan öğeler: 162214
Geçen süre: 36 minute(s), 51 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 0
Etkilenmiş Kayıt Değerleri: 0
Etkilenmiş Kayıt Verisi Öğeleri: 1
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 1
Etkilenmiş Hafıza İşlemleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Hafıza Modülleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Anahtarları:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Değerleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Verisi Öğeleri:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Etkilenmiş Klasörler:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Dosyalar:
C:\Documents and Settings\Funda Aydoğdu\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
Zahmet veriyoruz sana ama.... Bir gözatarsan iyi olur.Kolay gelsin,iyi çalışmalar.
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:30:18, on 07.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ahmet\Belgelerim\Karşıdan Yüklenenler\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Program Files\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Banner Ad Blocker’a ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web trafiği koruması istatistikleri - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBAE4EDD-DAA5-4FBB-988C-78E02A8F8AC2}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 6077 bytes
Tek sorunum Windows Live Messenger 2009da bazen benim iletilerim gitmiyor bazende başkalarının iletisi gelmiyor.. Düşündüğüm şey internetin çok kısa bir süreliğine kopması veya sinyal zayıflaması ama tam olarak çözemedim yardıma ihtiyacım var..
-
İyi geceler benim laptopta internet explorer normalden geç açılıyor ve internette acaip yavaşlamalar oluyor,başka bir bilgisayar örneğin facebooku benimkiden baya hızlı açıyor,aşağıya logu gönderdim,yardımcı olursanız çok minnetar kalırım.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:04:10, on 07.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\system32\TPSMain.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\VMSnap3.EXE
C:\Program Files\TOSHIBA\Controls\VolumeIndicator.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\windows\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\windows\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\windows\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\system32\TPSBattM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com
O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.96 v14.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.16 v1.lscache5.c.youtube.com
O1 - Hosts: 74.125.99.19 v2.lscache5.c.youtube.com
O1 - Hosts: 74.125.99.22 v3.lscache5.c.youtube.com
O1 - Hosts: 74.125.99.25 v4.lscache5.c.youtube.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang TR
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Toshiba Controls Utility] "C:\Program Files\TOSHIBA\Controls\VolumeIndicator.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) -http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251916262390
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) -https://www.isbank.com.tr/Internet/lib/JaguarEdit4ISBv27.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{53F30CCF-1E2B-42FD-8873-BBC1125786B2}: NameServer = 4.2.2.1,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{9FBF50D1-5497-42F0-9BA7-1E910807893A}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 14528 bytes
-
combofix raporu
ComboFix 09-11-09.01 - savaş 07.12.2009 9:39.6.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.446.175 [GMT 2:00]
Running from: c:\documents and settings\savaş\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((( Files Created from 2009-11-07 to 2009-12-07 )))))))))))))))))))))))))))))))
.
2009-12-06 13:47 . 2009-12-06 13:48 -------- d-----w- c:\program files\mIRC
2009-12-04 18:41 . 2009-12-04 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-12-04 17:26 . 2009-12-04 18:44 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-04 14:06 . 2009-12-04 14:10 -------- d-----w- c:\program files\mp3DirectCut
2009-11-25 15:38 . 2009-11-25 15:38 -------- d-----w- c:\program files\Shuangs WAV to MP3 Converter
2009-11-25 15:34 . 2009-11-25 15:34 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2009-11-25 15:34 . 2009-11-25 15:34 150016 ----a-w- c:\windows\system32\bwmedia.dll
2009-11-25 15:34 . 2009-11-25 15:34 -------- d-----w- c:\program files\MP3 Wave Converter
2009-11-23 14:14 . 2009-12-07 07:17 -------- d-----w- c:\program files\LimeWire
2009-11-23 13:53 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-11-18 22:29 . 2009-11-18 23:14 -------- d-----w- c:\program files\GCH Guitar academy
2009-11-11 23:26 . 2009-11-11 23:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp
2009-11-10 15:28 . 2009-11-10 15:28 -------- d-----w- c:\program files\Dracula Virüs Temizleyici 3.5
2009-11-10 13:25 . 2009-11-10 13:25 -------- d-----w- c:\windows\system32\URTTEMP
2009-11-10 13:15 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2009-11-07 21:41 . 2009-11-07 21:41 -------- d-----w- c:\program files\iMesh Applications
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-06 13:47 . 2009-07-04 18:38 -------- d-----w- c:\program files\mIRCTR Script v6.35
2009-12-06 08:44 . 2009-09-14 15:53 -------- d-----w- c:\program files\Windows Live Safety Center
2009-12-04 13:49 . 2009-12-03 22:53 -------- d-----w- c:\program files\AnMing
2009-11-28 21:08 . 2009-06-09 19:16 41 ----a-w- c:\windows\popcinfo.dat
2009-11-25 15:31 . 2009-07-25 13:36 -------- d-----w- c:\program files\MP3Gain
2009-11-23 14:01 . 2009-02-17 19:58 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-12 07:59 . 2006-03-02 12:00 89192 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-12 07:59 . 2006-03-02 12:00 444072 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-10 13:43 . 2009-02-17 17:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-05 15:05 . 2009-11-05 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-05 15:02 . 2009-11-05 15:02 -------- d-----w- c:\program files\NOS
2009-11-05 12:43 . 2009-11-01 12:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS(2)
2009-11-05 12:40 . 2009-11-02 13:45 -------- d-----w- c:\program files\RealDrawPRO4
2009-11-05 12:23 . 2009-11-05 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-11-02 22:21 . 2009-09-16 16:22 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-31 15:06 . 2009-10-31 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-29 18:13 . 2009-10-29 18:13 684 ----a-w- C:\avexport.bat
2009-10-28 08:54 . 2009-02-17 21:02 -------- d-----w- c:\program files\Windows Live
2009-10-28 08:53 . 2009-09-14 14:17 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-26 20:54 . 2009-10-26 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-26 20:53 . 2009-10-26 20:53 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-10-26 20:52 . 2009-10-26 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-23 06:53 . 2009-10-23 06:53 -------- d-----w- c:\program files\Trend Micro
2009-10-22 21:23 . 2009-10-18 06:05 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8ls
2009-10-22 21:22 . 2009-02-17 19:42 -------- d-----w- c:\program files\Google
2009-10-22 06:50 . 2009-03-09 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-10-18 04:59 . 2009-02-17 19:56 -------- d-----w- c:\program files\Java
2009-10-08 10:03 . 2009-10-08 09:15 286720 ------w- c:\windows\Setup1.exe
2009-10-08 10:03 . 2009-10-08 09:15 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-08 09:05 . 2009-10-08 09:05 -------- d-----w- c:\program files\Shenturk
2009-10-08 08:04 . 2009-10-06 12:49 -------- d-----w- c:\program files\GCH Guitar academy(2)
2009-10-08 08:04 . 2009-10-08 08:04 -------- d-----w- c:\program files\Webteh
2009-10-08 08:04 . 2009-10-06 13:27 -------- d-----w- c:\program files\BS_Player
2009-10-03 09:00 . 2009-10-03 09:00 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS
2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS
2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS
2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS
2009-09-16 12:53 . 2009-09-16 07:37 8192 ----a-w- C:\mtwb.dat
2009-09-11 14:18 . 2009-09-11 14:18 136192 ----a-w- c:\windows\system32\SETA4.tmp
2009-09-11 14:18 . 2006-03-02 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-10-26 20:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-26 20:52 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.
((((((((((((((((((((((((((((( SnapShot_2009-10-28_22.36.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-07 07:16 . 2009-12-07 07:16 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
+ 2009-11-10 13:15 . 2005-12-05 16:07 61136 c:\windows\system32\xinput9_1_0.dll
+ 2009-11-10 13:16 . 2007-04-04 16:53 81768 c:\windows\system32\xinput1_3.dll
+ 2009-11-10 13:15 . 2006-07-28 07:30 62744 c:\windows\system32\xinput1_2.dll
+ 2009-11-10 13:15 . 2006-03-31 10:39 62672 c:\windows\system32\xinput1_1.dll
+ 2009-11-10 13:16 . 2008-03-05 14:00 25608 c:\windows\system32\X3DAudio1_3.dll
+ 2009-11-10 13:16 . 2007-10-22 01:37 17928 c:\windows\system32\X3DAudio1_2.dll
+ 2009-11-10 13:15 . 2007-03-05 10:42 15128 c:\windows\system32\x3daudio1_1.dll
+ 2009-11-10 13:15 . 2006-02-03 06:41 14032 c:\windows\system32\x3daudio1_0.dll
+ 2003-02-21 03:16 . 2003-02-21 03:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
- 2008-04-14 16:00 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 16:00 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
- 2009-02-17 20:11 . 2008-07-08 13:22 17272 c:\windows\system32\spmsg.dll
+ 2009-02-17 20:11 . 2009-05-26 11:43 17272 c:\windows\system32\spmsg.dll
+ 2009-12-03 22:53 . 2006-12-21 13:47 81920 c:\windows\system32\qcpsdk.dll
+ 2006-03-02 12:00 . 2009-11-12 07:59 77810 c:\windows\system32\perfc009.dat
+ 2009-10-23 03:32 . 2009-10-23 03:32 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2009-03-23 10:30 . 2009-03-23 10:30 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
- 2009-03-23 10:30 . 2009-03-23 10:30 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2009-03-23 10:30 . 2009-03-23 10:30 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2009-03-23 10:30 . 2009-03-23 10:30 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2009-11-13 14:22 . 2009-11-13 14:22 89101 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-05-30 14:18 . 2009-11-06 05:24 87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
- 2009-04-28 10:23 . 2009-04-28 10:23 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-10-29 05:27 . 2009-10-29 05:27 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-10-29 04:55 . 2009-10-29 04:55 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2009-12-03 22:53 . 2006-12-24 05:36 73728 c:\windows\system32\a1.dll
+ 2008-03-23 19:03 . 2008-03-23 19:03 46096 c:\windows\Microsoft.NET\Framework\v3.5\tr\MSBuild.resources.exe
+ 2008-03-21 13:56 . 2008-03-21 13:56 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\DeleteTemp.exe
+ 2008-03-23 18:58 . 2008-03-23 18:58 28302 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\baseline.dat
+ 2007-10-15 12:16 . 2007-10-15 12:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\WsatConfig.resources.dll
+ 2007-10-15 12:16 . 2007-10-15 12:16 10240 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\SMSvcHost.resources.dll
+ 2007-10-15 12:16 . 2007-10-15 12:16 24576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ServiceModelReg.resources.dll
+ 2007-10-15 12:16 . 2007-10-15 12:16 36864 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ComSvcConfig.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Services.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Mobile.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 16384 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Transactions.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.ServiceProcess.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Security.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Remoting.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Messaging.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Management.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.EnterpriseServices.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.Protocols.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.data.sqlxml.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.Install.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\sysglobl.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 86016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\ShFusRes.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 20480 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Regasm.Resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\MSBuild.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.VisualBasic.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.JScript.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Utilities.Resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Engine.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\caspol.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regsql.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 76800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_rc.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\041F\mscorsecr.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 19968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\alinkui.dll
+ 2004-07-15 00:11 . 2004-07-15 00:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2004-07-15 12:28 . 2004-07-15 12:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-14 22:35 . 2004-07-14 22:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\PerfCounter.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsn.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\CORPerfMonExt.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
+ 2004-07-15 12:28 . 2004-07-15 12:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
+ 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe
+ 2003-02-20 16:43 . 2003-02-20 16:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll
+ 2003-02-20 17:18 . 2003-02-20 17:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2004-07-14 22:33 . 2004-07-14 22:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2003-02-20 17:06 . 2003-02-20 17:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2004-07-14 22:32 . 2004-07-14 22:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2003-02-21 05:25 . 2003-02-21 05:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-20 17:22 . 2003-02-20 17:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2004-07-15 12:31 . 2004-07-15 12:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-10-08 12:30 . 2003-10-08 12:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2003-02-21 02:12 . 2003-02-21 02:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2004-07-15 09:23 . 2004-07-15 09:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-14 23:49 . 2004-07-14 23:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-14 23:49 . 2004-07-14 23:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2003-02-20 17:19 . 2003-02-20 17:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2003-02-21 03:00 . 2003-02-21 03:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-21 01:55 . 2003-02-21 01:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 00:59 . 2003-02-21 00:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-03-23 18:29 . 2008-03-23 18:29 51200 c:\windows\Installer\31afc9.msp
+ 2008-03-23 18:32 . 2008-03-23 18:32 25088 c:\windows\Installer\31afc6.msp
+ 2009-11-23 13:51 . 2009-11-23 13:51 81408 c:\windows\Installer\31afb3.msi
+ 2009-10-31 08:47 . 2009-10-31 08:47 22528 c:\windows\Installer\1db54d.msi
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ARPPRODUCTICON.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-11-13 07:41 . 2009-11-13 07:41 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_47ff15a6\System.Drawing.Design.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_906020bd\CustomMarshalers.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 81920 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsBase.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 10240 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 42040 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 81920 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Services.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 16384 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_tr_b77a5c561934e089\System.Transactions.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_tr_31bf3856ad364e35\System.Speech.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 66616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_tr_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Security.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 90112 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_tr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 11264 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_tr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 16384 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_tr_31bf3856ad364e35\System.Printing.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_tr_b03f5f7f11d50a3a\System.Net.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Messaging.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 13312 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Management.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 20480 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_tr_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 10752 c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_tr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_tr_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_tr_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 57344 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_tr_b77a5c561934e089\System.Core.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_tr_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_tr_31bf3856ad364e35\ReachFramework.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 65536 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-11-05 23:21 . 2009-05-26 11:43 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll
+ 2009-11-05 23:21 . 2009-05-26 11:43 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 6656 c:\windows\system32\mui\041F\mscorees.dll
+ 2003-02-20 16:43 . 2003-02-20 16:43 4096 c:\windows\system32\mui\0409\mscoreer.dll
+ 2009-10-29 05:29 . 2009-10-29 05:29 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
- 2009-04-28 10:26 . 2009-04-28 10:26 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.Design.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\JSC.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\InstallUtil.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regbrowsers.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_compiler.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 4608 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\CvtResUI.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2004-07-15 12:31 . 2004-07-15 12:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
- 2009-02-17 19:23 . 2009-10-16 09:37 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-11-23 13:52 . 2009-11-23 13:52 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 9216 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Xml.Linq.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 5632 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_tr_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 8704 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-11-10 13:16 . 2008-03-05 14:03 479752 c:\windows\system32\XAudio2_0.dll
+ 2009-11-10 13:16 . 2008-03-05 14:03 238088 c:\windows\system32\xactengine3_0.dll
+ 2009-11-10 13:16 . 2007-07-19 22:57 267112 c:\windows\system32\xactengine2_9.dll
+ 2009-11-10 13:16 . 2007-06-20 18:46 266088 c:\windows\system32\xactengine2_8.dll
+ 2009-11-10 13:16 . 2007-04-04 16:55 261480 c:\windows\system32\xactengine2_7.dll
+ 2009-11-10 13:15 . 2007-01-24 13:27 255848 c:\windows\system32\xactengine2_6.dll
+ 2009-11-10 13:15 . 2006-12-08 10:02 251672 c:\windows\system32\xactengine2_5.dll
+ 2009-11-10 13:15 . 2006-09-28 14:05 237848 c:\windows\system32\xactengine2_4.dll
+ 2009-11-10 13:15 . 2006-07-28 07:30 236824 c:\windows\system32\xactengine2_3.dll
+ 2009-11-10 13:15 . 2006-05-31 05:24 230168 c:\windows\system32\xactengine2_2.dll
+ 2009-11-10 13:16 . 2007-10-22 01:39 267272 c:\windows\system32\xactengine2_10.dll
+ 2009-11-10 13:15 . 2006-03-31 10:39 229584 c:\windows\system32\xactengine2_1.dll
+ 2009-11-10 13:15 . 2006-02-03 06:42 230096 c:\windows\system32\xactengine2_0.dll
+ 2009-12-03 22:53 . 2005-04-15 11:22 303104 c:\windows\system32\qscl.dll
+ 2006-03-02 12:00 . 2009-11-12 07:59 456746 c:\windows\system32\perfh009.dat
+ 2009-12-03 22:53 . 2002-12-02 09:11 290816 c:\windows\system32\NCTWMAFile.dll
+ 2009-12-03 22:53 . 2002-12-02 09:09 282624 c:\windows\system32\NCTAudioVisualization.dll
+ 2009-12-03 22:53 . 2002-12-02 09:08 339968 c:\windows\system32\NCTAudioTransform.dll
+ 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioRecord.dll
+ 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioPlayer.dll
+ 2009-12-03 22:53 . 2002-12-02 09:05 892928 c:\windows\system32\NCTAudioInformation.dll
+ 2009-12-03 22:53 . 2002-12-02 09:03 327680 c:\windows\system32\NCTAudioGrabber.dll
+ 2009-12-03 22:53 . 2002-09-04 13:17 503808 c:\windows\system32\NCTAudioEditor.dll
+ 2002-01-18 19:56 . 2002-01-18 19:56 217088 c:\windows\system32\mp3enc.dll
- 2009-03-23 10:30 . 2009-03-23 10:30 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
- 2009-03-23 10:30 . 2009-03-23 10:30 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
- 2009-05-13 08:57 . 2009-05-13 08:57 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
- 2009-03-23 10:30 . 2009-03-23 10:30 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe
+ 2009-12-03 22:53 . 2002-09-06 09:36 233472 c:\windows\system32\lame_enc.dll
+ 2009-11-23 14:01 . 2009-11-23 14:01 149280 c:\windows\system32\javaws.exe
+ 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\javaw.exe
+ 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\java.exe
+ 2009-02-17 18:40 . 2009-11-11 16:57 185816 c:\windows\system32\FNTCACHE.DAT
+ 2009-11-10 13:16 . 2008-02-05 21:07 462864 c:\windows\system32\d3dx10_37.dll
+ 2009-11-10 13:16 . 2007-10-02 07:56 444776 c:\windows\system32\d3dx10_36.dll
+ 2009-11-10 13:16 . 2007-07-19 16:14 444776 c:\windows\system32\d3dx10_35.dll
+ 2009-11-10 13:16 . 2007-05-16 14:45 443752 c:\windows\system32\d3dx10_34.dll
+ 2009-11-10 13:16 . 2007-03-15 14:57 443752 c:\windows\system32\d3dx10_33.dll
+ 2009-12-03 22:53 . 2007-03-25 18:46 212992 c:\windows\system32\amrdec.dll
+ 2009-12-03 22:53 . 2007-09-14 08:40 336896 c:\windows\system32\ammppg.dll
+ 2009-10-29 04:55 . 2009-10-29 04:55 132472 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2009-10-29 05:27 . 2009-10-29 05:27 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2009-04-28 10:24 . 2009-04-28 10:24 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2009-10-29 05:43 . 2009-10-29 05:43 464312 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1152602.exe
+ 2009-07-31 13:40 . 2009-07-31 13:40 538040 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe
+ 2009-04-29 10:28 . 2009-04-29 10:28 546232 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe
- 2009-04-28 10:26 . 2009-04-28 10:26 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2009-10-29 05:29 . 2009-10-29 05:29 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2009-10-29 05:28 . 2009-10-29 05:28 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
- 2009-04-28 10:24 . 2009-04-28 10:24 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2009-10-29 04:55 . 2009-10-29 04:55 713216 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2009-10-29 05:26 . 2009-10-29 05:26 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2009-10-29 05:44 . 2009-10-29 05:44 210360 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2009-10-29 05:28 . 2009-10-29 05:28 131072 c:\windows\system32\Adobe\Director\np32dsw.dll
- 2009-04-28 10:25 . 2009-04-28 10:25 131072 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2008-03-23 19:03 . 2008-03-23 19:03 151552 c:\windows\Microsoft.NET\Framework\v3.5\tr\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 982008 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapUI.dll
+ 2008-03-23 18:39 . 2008-03-23 18:39 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapRes.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 687104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsscenario.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 411136 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsbasereqs.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 627712 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs70uimgr.dll
+ 2008-03-23 19:08 . 2008-03-23 19:08 432128 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.msi
+ 2008-03-23 18:39 . 2008-03-23 18:39 119808 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setupres.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setup.exe
+ 2008-03-21 14:59 . 2008-03-21 14:59 183296 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\RebootStub.exe
+ 2008-03-21 13:56 . 2008-03-21 13:56 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\HtmlLite.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 276472 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\dlmgr.dll
+ 2008-03-23 19:03 . 2008-03-23 19:03 237048 c:\windows\Microsoft.NET\Framework\v3.5\1055\vbc7ui.dll
+ 2008-03-23 19:03 . 2008-03-23 19:03 173056 c:\windows\Microsoft.NET\Framework\v3.5\1055\cscompui.dll
+ 2006-10-27 16:02 . 2006-10-27 16:02 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\tr\PresentationUI.resources.dll
+ 2007-10-15 12:16 . 2007-10-15 12:16 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\infocard.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 155648 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.xml.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 417792 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Windows.Forms.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 598016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 200704 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 524288 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Design.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 385024 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Deployment.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 335872 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.OracleClient.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 347136 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorrc.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorlib.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 135168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Tasks.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnetmmcext.resources.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 211968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\Vsavb7rtUI.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 185856 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\vbc7ui.dll
+ 2007-10-26 01:18 . 2007-10-26 01:18 139776 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\cscompui.dll
+ 2004-07-15 09:23 . 2004-07-15 09:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 12:31 . 2004-07-15 12:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 12:31 . 2004-07-15 12:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 12:31 . 2004-07-15 12:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 12:31 . 2004-07-15 12:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 12:31 . 2004-07-15 12:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-14 22:35 . 2004-07-14 22:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll
+ 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\msvcr71.dll
+ 2003-02-20 17:06 . 2003-02-20 17:06 311296 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorjit.dll
+ 2003-02-20 17:06 . 2003-02-20 17:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\fusion.dll
+ 2003-02-20 17:19 . 2003-02-20 17:19 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\aspnet_isapi.dll
+ 2004-08-10 14:20 . 2004-08-10 14:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
+ 2004-07-14 22:33 . 2004-07-14 22:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2003-02-20 16:43 . 2003-02-20 16:43 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2004-07-14 22:32 . 2004-07-14 22:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-14 22:35 . 2004-07-14 22:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-14 22:24 . 2004-07-14 22:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-02-20 17:16 . 2003-02-20 17:16 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2003-02-21 08:21 . 2003-02-21 08:21 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2004-07-15 09:23 . 2004-07-15 09:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2002-07-29 09:11 . 2002-07-29 09:11 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-21 03:04 . 2003-02-21 03:04 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 01:02 . 2003-02-21 01:02 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2009-11-10 13:15 . 2006-03-31 09:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2006-02-03 05:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-12-05 15:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-09-28 12:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-07-22 15:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-05-26 13:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-03-18 15:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-02-05 17:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2009-11-10 13:15 . 2005-03-18 14:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 428032 c:\windows\Installer\31afd2.msi
+ 2008-03-23 18:22 . 2008-03-23 18:22 120320 c:\windows\Installer\31afcc.msp
+ 2008-03-23 18:13 . 2008-03-23 18:13 117760 c:\windows\Installer\31afcb.msp
+ 2008-03-23 18:27 . 2008-03-23 18:27 305664 c:\windows\Installer\31afca.msp
+ 2008-03-23 18:16 . 2008-03-23 18:16 710144 c:\windows\Installer\31afc8.msp
+ 2008-03-23 18:19 . 2008-03-23 18:19 163840 c:\windows\Installer\31afc7.msp
+ 2008-03-23 18:02 . 2008-03-23 18:02 352768 c:\windows\Installer\31afb8.msp
+ 2008-03-23 17:52 . 2008-03-23 17:52 247296 c:\windows\Installer\31afb7.msp
+ 2008-03-23 18:05 . 2008-03-23 18:05 473600 c:\windows\Installer\31afb6.msp
+ 2008-03-23 17:58 . 2008-03-23 17:58 708608 c:\windows\Installer\31afb5.msp
+ 2008-03-23 17:55 . 2008-03-23 17:55 352256 c:\windows\Installer\31afb4.msp
- 2009-02-17 19:23 . 2009-10-16 09:37 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-17 19:23 . 2009-11-12 08:09 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-02-17 19:23 . 2009-10-16 09:37 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll
+ 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe
+ 2009-11-27 12:43 . 2007-01-09 06:19 110592 c:\windows\Downloaded Program Files\PURtr-tr.dll
+ 2006-11-20 09:04 . 2006-11-20 09:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll
+ 2009-08-19 09:55 . 2009-08-19 09:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll
+ 2009-11-13 12:55 . 2009-11-13 12:55 160488 c:\windows\Downloaded Program Files\contactx.dll
+ 2009-09-09 00:37 . 2009-10-14 20:32 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll
- 2009-09-09 00:37 . 2009-09-09 00:37 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d5b7d18c\System.Drawing.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f35b7d11\System.Drawing.Design.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_79129eb3\CustomMarshalers.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 155648 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_tr_b77a5c561934e089\System.xml.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 111672 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_tr_31bf3856ad364e35\System.WorkflowServices.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 316480 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 189496 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 417792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_tr_b77a5c561934e089\System.Windows.Forms.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 598016 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 647168 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 450560 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 200704 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_tr_b77a5c561934e089\system.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 524288 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Design.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 385024 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 335872 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationUI.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 237568 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 106496 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationCore.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 299008 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_tr_b77a5c561934e089\mscorlib.resources.dll
+ 2009-11-23 13:52 . 2009-11-23 13:52 151552 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 135168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2009-11-23 13:51 . 2009-11-23 13:51 315392 c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_tr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 573440 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 372736 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 303104 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 720896 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll
+ 2009-11-05 23:21 . 2009-05-26 11:43 756600 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe
+ 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe
+ 2006-03-02 12:00 . 2009-08-14 15:12 1850624 c:\windows\system32\win32k.sys
+ 2009-08-27 07:25 . 2009-11-05 12:46 5643840 c:\windows\system32\Restore\rstrlog.dat
+ 2009-12-03 22:53 . 2002-12-02 09:02 1703936 c:\windows\system32\NCTAudioFile.dll
+ 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\msxml6.dll
+ 2006-03-02 12:00 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll
- 2006-03-02 12:00 . 2009-08-29 07:27 3598336 c:\windows\system32\mshtml.dll
+ 2006-03-02 12:00 . 2009-10-21 04:07 3598336 c:\windows\system32\mshtml.dll
+ 2009-10-23 03:32 . 2009-10-23 03:32 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
- 2009-05-13 08:57 . 2009-05-13 08:57 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
+ 2009-02-17 19:16 . 2009-08-14 15:12 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2009-02-17 17:48 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2009-02-17 19:13 . 2009-08-29 07:27 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2009-02-17 19:13 . 2009-10-21 04:07 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2009-11-10 13:16 . 2008-03-05 13:56 3786760 c:\windows\system32\D3DX9_37.dll
+ 2009-11-10 13:16 . 2007-10-12 13:14 3734536 c:\windows\system32\d3dx9_36.dll
+ 2009-11-10 13:16 . 2007-07-19 16:14 3727720 c:\windows\system32\d3dx9_35.dll
+ 2009-11-10 13:16 . 2007-05-16 14:45 3497832 c:\windows\system32\d3dx9_34.dll
+ 2009-11-10 13:15 . 2006-09-28 14:05 2414360 c:\windows\system32\d3dx9_31.dll
+ 2009-11-10 13:15 . 2006-03-31 10:40 2388176 c:\windows\system32\d3dx9_30.dll
+ 2009-11-10 13:15 . 2006-02-03 06:43 2332368 c:\windows\system32\d3dx9_29.dll
+ 2009-11-10 13:15 . 2005-12-05 16:09 2323664 c:\windows\system32\d3dx9_28.dll
+ 2009-11-10 13:15 . 2005-07-22 17:59 2319568 c:\windows\system32\d3dx9_27.dll
+ 2009-11-10 13:15 . 2005-05-26 13:34 2297552 c:\windows\system32\d3dx9_26.dll
+ 2009-11-10 13:15 . 2005-03-18 15:19 2337488 c:\windows\system32\d3dx9_25.dll
+ 2009-11-10 13:14 . 2005-02-05 17:45 2222800 c:\windows\system32\d3dx9_24.dll
+ 2009-11-10 13:16 . 2008-03-05 13:56 1420824 c:\windows\system32\D3DCompiler_37.dll
+ 2009-11-10 13:16 . 2007-10-12 13:14 1374232 c:\windows\system32\D3DCompiler_36.dll
+ 2009-11-10 13:16 . 2007-07-19 16:14 1358192 c:\windows\system32\D3DCompiler_35.dll
+ 2009-11-10 13:16 . 2007-05-16 14:45 1124720 c:\windows\system32\D3DCompiler_34.dll
+ 2009-11-10 13:16 . 2007-03-12 14:42 1123696 c:\windows\system32\D3DCompiler_33.dll
+ 2009-10-29 05:01 . 2009-10-29 05:01 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
- 2009-04-28 10:00 . 2009-04-28 10:00 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2009-10-29 04:55 . 2009-10-29 04:55 1886320 c:\windows\system32\Adobe\Shockwave 11\gt.exe
- 2009-04-28 10:04 . 2009-04-28 10:04 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2009-10-29 05:05 . 2009-10-29 05:05 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1045504 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1361920 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\SITSetup.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1059328 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\gencomp.dll
+ 2004-07-15 06:15 . 2004-07-15 06:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 12:29 . 2004-07-15 12:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 12:32 . 2004-07-15 12:32 2052096 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2004-07-15 12:29 . 2004-07-15 12:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 12:32 . 2004-07-15 12:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2003-02-20 17:08 . 2003-02-20 17:08 2482176 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorwks.dll
+ 2003-02-20 17:07 . 2003-02-20 17:07 2494464 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsvr.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 2088960 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorlib.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll
+ 2009-11-10 13:15 . 2004-12-01 13:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2004-09-29 10:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 3443712 c:\windows\Installer\a71901.msi
+ 2009-10-22 10:46 . 2009-10-22 10:46 6821888 c:\windows\Installer\42c83.msp
+ 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\42c6d.msp
+ 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\42c57.msp
+ 2009-11-23 14:00 . 2009-11-23 14:00 1757696 c:\windows\Installer\31b23f.msi
+ 2009-11-23 13:52 . 2009-11-23 13:52 1048064 c:\windows\Installer\31afc5.msi
+ 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\21388a3.msp
+ 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\21388a1.msp
+ 2009-11-27 12:35 . 2009-11-27 12:35 1258496 c:\windows\Installer\1201d61.msi
+ 2009-11-05 23:21 . 2009-08-29 07:27 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll
+ 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.4\FP_AX_CAB_INSTALLER.exe
+ 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.3\FP_AX_CAB_INSTALLER.exe
+ 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.2\FP_AX_CAB_INSTALLER.exe
+ 2009-11-13 07:41 . 2009-11-13 07:41 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_cea8607c\System.dll
+ 2009-11-13 00:42 . 2009-11-13 00:42 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_37973a7b\System.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_84335e91\System.Xml.dll
+ 2009-11-13 07:42 . 2009-11-13 07:42 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_52c18cdd\System.Xml.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_febac606\System.Windows.Forms.dll
+ 2009-11-13 07:42 . 2009-11-13 07:42 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6d823986\System.Windows.Forms.dll
+ 2009-11-13 07:42 . 2009-11-13 07:42 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7fe6b7fa\System.Drawing.dll
+ 2009-11-13 07:42 . 2009-11-13 07:42 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c86e3259\System.Design.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4957ea81\System.Design.dll
+ 2009-11-13 07:41 . 2009-11-13 07:41 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_759347a8\mscorlib.dll
+ 2009-11-13 07:42 . 2009-11-13 07:42 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4110eb1c\mscorlib.dll
+ 2009-11-13 00:42 . 2009-11-13 00:42 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-11-13 00:42 . 2009-11-13 00:42 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-11-12 08:00 . 2009-11-12 08:00 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2009-11-10 13:25 . 2009-11-10 13:25 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-10 13:15 . 2009-11-10 13:15 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-21 04:05 . 2009-10-21 04:05 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
+ 2009-02-17 20:21 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
+ 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\638a31.msp
+ 2009-11-12 00:50 . 2009-11-12 00:50 19210240 c:\windows\Installer\4e641d.msp
+ 2009-11-12 07:56 . 2009-11-12 07:56 19210240 c:\windows\Installer\42c43.msp
+ 2009-11-23 13:56 . 2009-11-23 13:56 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
- 2009-10-16 09:45 . 2009-10-16 09:45 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Google Update"="c:\documents and settings\savaş\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-21 206832]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408]
"minihava"="c:\program files\Shenturk\Mini Hava\minihava.exe" [2009-09-16 399360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1768960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2004-10-11 659456]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-06 1920512]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 393216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-14 413696]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-16 122368]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1590608]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-23 227104]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 229376]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-11-01 233472]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 753664]
c:\documents and settings\savaŸ\Start Menu\Programlar\BaŸlang‡\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 585728]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
AirTies ADSL Hizmet Program.lnk - c:\program files\AirTies\ADSL Hizmet Program\AirTies_util3.exe [2009-6-8 2452992]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
"c:\\WINDOWS\\system32\\VTTimer.exe"=
"c:\\Program Files\\VIA\\RAID\\raid_tool.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\WINDOWS\\system32\\VTtrayp.exe"=
"c:\\WINDOWS\\system32\\ntvdm.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=
"c:\\WINDOWS\\SOUNDMAN.EXE"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Google\\Picasa3\\Picasa3.exe"=
"c:\\Program Files\\AirTies\\ADSL Hizmet Programı\\AirTies_util3.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jucheck.exe"=
"c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
"c:\\Program Files\\Shenturk\\Mini Hava\\minihava.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jqs.exe"=
"c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\1.2.183.7\\GoogleCrashHandler.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Google\\Update\\1.2.183.13\\GoogleCrashHandler.exe"=
"c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17.02.2009 23:10 55152]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nlpjtn.sys --> c:\windows\system32\drivers\nlpjtn.sys [?]
S2 gupdate1c9a08f6ed5a052;Google Güncelleme Hizmeti (gupdate1c9a08f6ed5a052);c:\program files\Google\Update\GoogleUpdate.exe [09.03.2009 10:16 309232]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [28.05.2009 15:41 254512]
S3 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [28.05.2009 15:41 362544]
S3 fsssvc;Windows Live Aile Koruması;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 533360]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [02.03.2006 14:00 14336]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [28.05.2009 15:41 274808]
S3 PAC7302;PC VGA Camer@ Plus;c:\windows\system32\drivers\PAC7302.SYS [10.09.2007 08:50 457984]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [28.05.2009 15:41 309296]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{680d34aa-4d47-11de-84ed-001617c51a41}]
\sHeLl\AutOpLaY\cOMmand - I:\btqujj.pif
\sHeLl\AutoRun\command - I:\btqujj.pif
\sHeLl\expLore\ComMaNd - I:\btqujj.pif
\sHeLl\oPEn\comMand - I:\btqujj.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad6f7405-fd14-11dd-830f-001617c51a41}]
\shElL\AUtopLAy\CoMmaNd - I:\qlvnbu.cmd
\shElL\AutoRun\command - I:\qlvnbu.cmd
\shElL\eXplORe\COmmAnd - I:\qlvnbu.cmd
\shElL\opEN\CoMMAnD - I:\qlvnbu.cmd
.
Contents of the 'Scheduled Tasks' folder
2009-12-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-17 10:47]
2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]
2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]
2009-11-29 c:\windows\Tasks\User_Feed_Synchronization-{BE3A2D03-C47A-4D18-B84E-A24C4BA9D84D}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-12-07 09:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-796845957-1004336348-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(444)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-12-07 9:46
ComboFix-quarantined-files.txt 2009-12-07 07:46
ComboFix2.txt 2009-10-28 22:40
ComboFix3.txt 2009-10-25 12:11
Pre-Run: 49.990.991.872 bayt boş
Post-Run: 50.216.026.112 bayt boş
- - End Of File - - 44445DFF0469C0F5C5E430D2896491C8
-
sato_re
Logları "code" tagı içine alır mısınız lütfen? -
bunu bana mesaj olarakta attılar ama biri bunu nasıl yapacağımı anlatsa daha faydalı olmazmı ben şimdiye kadar hep böle yolladım code tag nedir nasıl onun içinde yazıcam -
Cevabı yazarken , yukarıda taglar var ." Code " butonuna basın
arasına logları yapıştırın . Bu kadar basitquote:
[code][/code]
-
quote:
Orijinalden alıntı: sato_re
bunu bana mesaj olarakta attılar ama biri bunu nasıl yapacağımı anlatsa daha faydalı olmazmı ben şimdiye kadar hep böle yolladım code tag nedir nasıl onun içinde yazıcam
Yukarıdaki örnek mesajlardan birini alıntı yaparak da görebilirsiniz.
jackosman'ın anlattığı şekilde düzenlerseniz çok iyi olur.
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
