Yeni Kayıt
Konudaki Resimler
önceki
|
Hızlı 
Bildirim
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (445. sayfa)
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
PonART Saklama Kabı : Amazon.com.tr: Mutfak
https://www.amazon.com.tr/dp/B07DL3Z6X1
4 sa. önce paylaşıldı
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
Ben birşey yapıyorum bu prog.ile.Şimdi tarattıktan sonra liste halinde çıkan şeylerin hepsini işaretliyorum ve sonra da sil diyorum.Hepsini sildikten sonra pc de değişen birşey olmuyor.Yani mesela internet giriş sayfası değişiyor,onu eski haline getiriyorum.Başka da google toolbar yüklü net sayfasında silinmiş oluyor,tekrardan kuruyorum.Sonuçta prog.gerçek manada bilgisayarımdan silinmediği için tek yapmam gereken kurmak.Bilmiyorum bu şekilde yapan ark.var mı? -
Burak ben CM'den kardeşim,tanımışsındır.Senin koyduğun malware ve de registry cleaner'ı çalıştırdım,adeta bilgisayarın üstündeki ölü toprağını aldı diyebilirim.Ama bu elektrik kesintileri mevzu biliyosun veya bu bu gereksiz kaldır diyebileceğin bişey gözüne çarpıyor mu?Aman driver falan kırpmayalım kazayla driverları nereye kyodum bilmiyorum ev dandini olmasın bulucam diye (: Virüs falan yoktur sanıyorum yine sen daha iyi bilirsin ama,şimdiden teşekkürler kardeşim.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:43:05, on 05.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\ygtrtnc\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [VMSnap3] "C:\WINDOWS\VMSnap3.EXE"
O4 - HKLM\..\Run: [Domino] "C:\WINDOWS\Domino.EXE"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [hpqSRMon] "C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LightScribe Control Panel] "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobil Sık Kullanılanı Oluştur... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: HP Akıllı Seçim - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DA7344B-7D61-40F5-91F3-99CCFB9353A2}: NameServer = 4.2.2.3,4.2.2.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAD7A76D-6E9A-4484-96DB-22B2AEFCBC1E}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED3E2B6A-3D4F-4CC1-B88F-3A1E292E7F0E}: NameServer = 4.2.2.3,4.2.2.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 11180 bytes
-
quote:
Orijinalden alıntı: fenah2007
Cevabın için teşekkurler farklı bir hesapta deneme yapmadım ama uzun arastırmalarım oldu su kanıya vardım bu recovery programı ile ilgili bir dosya imiş onceki recovery programında yoktu servisin yeni yukledigi recovery bu ve baslangıcta acılmaya calisiyomus hatayı yasayanlar varmıs ve configden bunu devre dısı bırakıp sorunu cozdum suan için bir problem cıkmadı ama 1 kac kisiye danıstım servisi arayip soylememi recoverynin sorunlu olabilecegini soylediler bakalim konusucam servisle tekrar saol ilgilendigin icin
Rica ederim.
quote:
Orijinalden alıntı: Ocean Blue
sağolasın serji
kardeş bakmışsın ama yapmam gereken hakkında birşey yazmamışsın senin eklediklerine ne yapmam gerekiyor..
Teşekkür ederim.
Onlari programda isaretleyip fix checked tiklaman yeterli.
-
quote:
Orijinalden alıntı: makine07
Ben birşey yapıyorum bu prog.ile.Şimdi tarattıktan sonra liste halinde çıkan şeylerin hepsini işaretliyorum ve sonra da sil diyorum.Hepsini sildikten sonra pc de değişen birşey olmuyor.Yani mesela internet giriş sayfası değişiyor,onu eski haline getiriyorum.Başka da google toolbar yüklü net sayfasında silinmiş oluyor,tekrardan kuruyorum.Sonuçta prog.gerçek manada bilgisayarımdan silinmediği için tek yapmam gereken kurmak.Bilmiyorum bu şekilde yapan ark.var mı?
Bu sekilde bilincsiz kullanmak bilgisayariniza zarar verebilir. Zaten bu sekilde devre disi birakip diger araclarla da temizliyoruz.
quote:
Orijinalden alıntı: Ferrel
Burak ben CM'den kardeşim,tanımışsındır.Senin koyduğun malware ve de registry cleaner'ı çalıştırdım,adeta bilgisayarın üstündeki ölü toprağını aldı diyebilirim.Ama bu elektrik kesintileri mevzu biliyosun veya bu bu gereksiz kaldır diyebileceğin bişey gözüne çarpıyor mu?Aman driver falan kırpmayalım kazayla driverları nereye kyodum bilmiyorum ev dandini olmasın bulucam diye (: Virüs falan yoktur sanıyorum yine sen daha iyi bilirsin ama,şimdiden teşekkürler kardeşim.
Bunlari fixlemen yeterli. Zaten baska da bir sey gozukmuyor.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [VMSnap3] "C:\WINDOWS\VMSnap3.EXE"
O4 - HKLM\..\Run: [Domino] "C:\WINDOWS\Domino.EXE"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\AdobeCS3_MC\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
-
Bilgisayarımda biraz kasma başladı. Boş zamanında bakabilirsen sevinirim 
quote:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:51:48, on 06.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\taner\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.haber7.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: TT Jacker :)
O1 - Hosts: 195.8.214.141 dailymotion.com
O1 - Hosts: 195.8.214.142 dailymotion.com
O1 - Hosts: 195.8.214.140www.dailymotion.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 67.228.223.62 mp3hanesi.com
O1 - Hosts: 67.228.223.62 mp3hanesi.net
O1 - Hosts: 67.228.223.62 mp3hanesi.org
O1 - Hosts: 67.228.223.62www.mp3hanesi.com
O1 - Hosts: 67.228.223.62www.mp3hanesi.net
O1 - Hosts: 67.228.223.62www.mp3hanesi.org
O1 - Hosts: 75.126.2.88 forumtr.com
O1 - Hosts: 75.126.2.88www.forumtr.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: WinMySQLadmin.lnk = C:\Documents and Settings\taner\Desktop\xampp\mysql\bin\winmysqladmin.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: WinMySQLadmin.lnk = C:\Documents and Settings\taner\Desktop\xampp\mysql\bin\winmysqladmin.exe (User 'Default user')
O4 - Startup: OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: WinMySQLadmin.lnk = C:\Documents and Settings\taner\Desktop\xampp\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: reguser.lnk = C:\WINDOWS\system32\reguser.exe
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apache - Unknown owner - (no file)
O23 - Service: Apache2.2 - Unknown owner - (no file)
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L.http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
--
End of file - 13186 bytes
-
mümkünse bende yardım istiyorum... :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:58, on 06.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\windows\system32\svchost.exe
C:\windows\system32\rundll32.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe
C:\windows\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\1B2541\5F8268.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\ZEYNO2\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RunPUTasktray] "C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe" --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 5F8268.lnk = C:\WINDOWS\system32\1B2541\5F8268.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249277411281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE78CC64-C69C-4197-B5F1-B16D2CE97020}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cc.metu.edu.tr,metu.edu.tr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cc.metu.edu.tr,metu.edu.tr
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll
O18 - Protocol: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O18 - Protocol: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O18 - Protocol: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9525 bytes
-
bilgisayarımdan bir çok adult sitesine girilmiş ben yokken , aşırı yavaşlama mevcut ne yapmam gerekiyor..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:06, on 06.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = OGUZHAN EROL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 89.149.232.87 sharebus.com
O1 - Hosts: 89.149.232.87www.sharebus.com
O1 - Hosts: 74.50.28.205 divx-world.com
O1 - Hosts: 74.50.28.205www.divx-world.com
O1 - Hosts: 94.102.51.10 12chan.org
O1 - Hosts: 94.102.51.10www.12chan.org
O1 - Hosts: 94.102.51.10 img.12chan.org
O1 - Hosts: 195.72.135.41 bwin.com
O1 - Hosts: 195.8.215.136 dailymotion.com
O1 - Hosts: 195.8.215.137www.dailymotion.com
O1 - Hosts: 174.36.21.116 divxevi.com
O1 - Hosts: 174.36.12.48 forumtr.com
O1 - Hosts: 174.36.12.48www.forumtr.com
O1 - Hosts: 75.126.2.88www.forumtr.com
O1 - Hosts: 195.110.8.7 images.freeviewmovies.com
O1 - Hosts: 195.110.8.6 content.freeviewmovies.com
O1 - Hosts: 89.238.128.18 content1.freeviewmovies.com
O1 - Hosts: 195.110.8.8 content2.freeviewmovies.com
O1 - Hosts: 66.218.77.68 geocities.com
O1 - Hosts: 66.218.77.68www.geocities.com
O1 - Hosts: 77.247.179.157 imagefap.com
O1 - Hosts: 77.247.179.165www.imagefap.com
O1 - Hosts: 77.247.179.169 images.imagefap.com
O1 - Hosts: 77.247.179.169 cache.imagefap.com
O1 - Hosts: 87.242.73.60 imgsrc.ru
O1 - Hosts: 87.242.72.143 s0.imgsrc.ru
O1 - Hosts: 87.242.72.143 s1.imgsrc.ru
O1 - Hosts: 87.242.72.143 b0.imgsrc.ru
O1 - Hosts: 87.242.72.143 b1.imgsrc.ru
O1 - Hosts: 87.242.72.143 b0p.imgsrc.ru
O1 - Hosts: 87.242.72.143 b1p.imgsrc.ru
O1 - Hosts: 85.17.90.3 wwwstatic.megaupload.com
O1 - Hosts: 69.5.88.70 www01.megaupload.com
O1 - Hosts: 69.5.88.75 static.megaupload.com
O1 - Hosts: 67.228.223.62 mp3hanesi.com
O1 - Hosts: 67.228.223.62 mp3hanesi.net
O1 - Hosts: 67.228.223.62 mp3hanesi.org
O1 - Hosts: 67.228.223.62www.mp3hanesi.com
O1 - Hosts: 67.228.223.62www.mp3hanesi.net
O1 - Hosts: 67.228.223.62www.mp3hanesi.org
O1 - Hosts: 216.155.128.58 redtube.com
O1 - Hosts: 66.55.141.21www.redtube.com
O1 - Hosts: 216.155.128.24 thumbs.redtube.com
O1 - Hosts: 66.55.141.51 ads.redtube.com
O1 - Hosts: 216.155.128.22 dl.redtube.com
O1 - Hosts: 66.55.141.251 dlembed.redtube.com
O1 - Hosts: 66.55.141.20 embed.redtube.com
O1 - Hosts: 74.208.27.228 redtube.com.br
O1 - Hosts: 74.208.27.228www.redtube.com.br
O1 - Hosts: 195.149.139.33 casinoeuro.net
O1 - Hosts: 195.149.139.33www.casinoeuro.net
O1 - Hosts: 172.16.249.19 starhacks.org
O1 - Hosts: 172.16.249.19www.starhacks.org
O1 - Hosts: 209.200.162.65 superbahis199.com
O1 - Hosts: 209.200.162.65www.superbahis199.com
O1 - Hosts: 83.140.65.11 thepiratebay.org
O1 - Hosts: 83.140.176.160www.thepiratebay.org
O1 - Hosts: 91.191.138.3 tracker.thepiratebay.org
O1 - Hosts: 83.140.65.31 torrents.thepiratebay.org
O1 - Hosts: 83.140.65.41 static.thepiratebay.org
O1 - Hosts: 91.191.138.2 vip.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.5 tpb.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.9 wip.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.4 open.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.7 upen.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.6 vtv.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.5 a.tracker.thepiratebay.org
O1 - Hosts: 213.73.89.193 stalker.h3q.com
O1 - Hosts: 91.191.138.2 denis.stalker.h3q.com
O1 - Hosts: 91.191.138.7 vtv.tv.tracker.prq.to
O1 - Hosts: 91.191.138.8 tracker.prq.to
O1 - Hosts: 91.191.138.9 tv.tracker.prq.to
O1 - Hosts: 91.191.138.2 eztv.tv.tracker.prq.to
O1 - Hosts: 208.73.210.32 torrentturk.com
O1 - Hosts: 64.111.206.186 xnxx.com
O1 - Hosts: 64.111.206.194www.xnxx.com
O1 - Hosts: 76.9.6.234 video.xnxx.com
O1 - Hosts: 66.230.171.106 gfx.xnxx.com
O1 - Hosts: 66.230.171.162 stories.xnxx.com
O1 - Hosts: 94.75.218.37 xv122.xvideos.com
O1 - Hosts: 94.75.218.38 xv123.xvideos.com
O1 - Hosts: 94.75.218.39 xv124.xvideos.com
O1 - Hosts: 76.9.6.230 xvideos.com
O1 - Hosts: 76.9.6.238www.xvideos.com
O1 - Hosts: 94.75.218.53 img.xvideos.com
O1 - Hosts: 94.75.218.1 xv100.xvideos.com
O1 - Hosts: 94.75.218.2 xv101.xvideos.com
O1 - Hosts: 94.75.218.3 xv102.xvideos.com
O1 - Hosts: 94.75.218.4 xv103.xvideos.com
O1 - Hosts: 94.75.218.5 xv104.xvideos.com
O1 - Hosts: 94.75.218.6 xv105.xvideos.com
O1 - Hosts: 94.75.218.7 xv106.xvideos.com
O1 - Hosts: 94.75.218.8 xv107.xvideos.com
O1 - Hosts: 94.75.218.9 xv108.xvideos.com
O1 - Hosts: 94.75.218.10 xv109.xvideos.com
O1 - Hosts: 94.75.218.11 xv110.xvideos.com
O1 - Hosts: 94.75.218.12 xv111.xvideos.com
O1 - Hosts: 94.75.218.13 xv112.xvideos.com
O1 - Hosts: 94.75.218.14 xv113.xvideos.com
O1 - Hosts: 94.75.218.15 xv114.xvideos.com
O1 - Hosts: 94.75.218.16 xv115.xvideos.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Açılır Pencere Engelleyicisine ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{76B141BD-AE2B-4201-B616-A71A655E7439}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 13869 bytes
-
bilgisayarımdan bir çok adult sitesine girilmiş ben yokken , aşırı yavaşlama mevcut ne yapmam gerekiyor..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:06, on 06.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = OGUZHAN EROL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 89.149.232.87 sharebus.com
O1 - Hosts: 89.149.232.87www.sharebus.com
O1 - Hosts: 74.50.28.205 divx-world.com
O1 - Hosts: 74.50.28.205www.divx-world.com
O1 - Hosts: 94.102.51.10 12chan.org
O1 - Hosts: 94.102.51.10www.12chan.org
O1 - Hosts: 94.102.51.10 img.12chan.org
O1 - Hosts: 195.72.135.41 bwin.com
O1 - Hosts: 195.8.215.136 dailymotion.com
O1 - Hosts: 195.8.215.137www.dailymotion.com
O1 - Hosts: 174.36.21.116 divxevi.com
O1 - Hosts: 174.36.12.48 forumtr.com
O1 - Hosts: 174.36.12.48www.forumtr.com
O1 - Hosts: 75.126.2.88www.forumtr.com
O1 - Hosts: 195.110.8.7 images.freeviewmovies.com
O1 - Hosts: 195.110.8.6 content.freeviewmovies.com
O1 - Hosts: 89.238.128.18 content1.freeviewmovies.com
O1 - Hosts: 195.110.8.8 content2.freeviewmovies.com
O1 - Hosts: 66.218.77.68 geocities.com
O1 - Hosts: 66.218.77.68www.geocities.com
O1 - Hosts: 77.247.179.157 imagefap.com
O1 - Hosts: 77.247.179.165www.imagefap.com
O1 - Hosts: 77.247.179.169 images.imagefap.com
O1 - Hosts: 77.247.179.169 cache.imagefap.com
O1 - Hosts: 87.242.73.60 imgsrc.ru
O1 - Hosts: 87.242.72.143 s0.imgsrc.ru
O1 - Hosts: 87.242.72.143 s1.imgsrc.ru
O1 - Hosts: 87.242.72.143 b0.imgsrc.ru
O1 - Hosts: 87.242.72.143 b1.imgsrc.ru
O1 - Hosts: 87.242.72.143 b0p.imgsrc.ru
O1 - Hosts: 87.242.72.143 b1p.imgsrc.ru
O1 - Hosts: 85.17.90.3 wwwstatic.megaupload.com
O1 - Hosts: 69.5.88.70 www01.megaupload.com
O1 - Hosts: 69.5.88.75 static.megaupload.com
O1 - Hosts: 67.228.223.62 mp3hanesi.com
O1 - Hosts: 67.228.223.62 mp3hanesi.net
O1 - Hosts: 67.228.223.62 mp3hanesi.org
O1 - Hosts: 67.228.223.62www.mp3hanesi.com
O1 - Hosts: 67.228.223.62www.mp3hanesi.net
O1 - Hosts: 67.228.223.62www.mp3hanesi.org
O1 - Hosts: 216.155.128.58 redtube.com
O1 - Hosts: 66.55.141.21www.redtube.com
O1 - Hosts: 216.155.128.24 thumbs.redtube.com
O1 - Hosts: 66.55.141.51 ads.redtube.com
O1 - Hosts: 216.155.128.22 dl.redtube.com
O1 - Hosts: 66.55.141.251 dlembed.redtube.com
O1 - Hosts: 66.55.141.20 embed.redtube.com
O1 - Hosts: 74.208.27.228 redtube.com.br
O1 - Hosts: 74.208.27.228www.redtube.com.br
O1 - Hosts: 195.149.139.33 casinoeuro.net
O1 - Hosts: 195.149.139.33www.casinoeuro.net
O1 - Hosts: 172.16.249.19 starhacks.org
O1 - Hosts: 172.16.249.19www.starhacks.org
O1 - Hosts: 209.200.162.65 superbahis199.com
O1 - Hosts: 209.200.162.65www.superbahis199.com
O1 - Hosts: 83.140.65.11 thepiratebay.org
O1 - Hosts: 83.140.176.160www.thepiratebay.org
O1 - Hosts: 91.191.138.3 tracker.thepiratebay.org
O1 - Hosts: 83.140.65.31 torrents.thepiratebay.org
O1 - Hosts: 83.140.65.41 static.thepiratebay.org
O1 - Hosts: 91.191.138.2 vip.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.5 tpb.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.9 wip.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.4 open.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.7 upen.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.6 vtv.tracker.thepiratebay.org
O1 - Hosts: 91.191.138.5 a.tracker.thepiratebay.org
O1 - Hosts: 213.73.89.193 stalker.h3q.com
O1 - Hosts: 91.191.138.2 denis.stalker.h3q.com
O1 - Hosts: 91.191.138.7 vtv.tv.tracker.prq.to
O1 - Hosts: 91.191.138.8 tracker.prq.to
O1 - Hosts: 91.191.138.9 tv.tracker.prq.to
O1 - Hosts: 91.191.138.2 eztv.tv.tracker.prq.to
O1 - Hosts: 208.73.210.32 torrentturk.com
O1 - Hosts: 64.111.206.186 xnxx.com
O1 - Hosts: 64.111.206.194www.xnxx.com
O1 - Hosts: 76.9.6.234 video.xnxx.com
O1 - Hosts: 66.230.171.106 gfx.xnxx.com
O1 - Hosts: 66.230.171.162 stories.xnxx.com
O1 - Hosts: 94.75.218.37 xv122.xvideos.com
O1 - Hosts: 94.75.218.38 xv123.xvideos.com
O1 - Hosts: 94.75.218.39 xv124.xvideos.com
O1 - Hosts: 76.9.6.230 xvideos.com
O1 - Hosts: 76.9.6.238www.xvideos.com
O1 - Hosts: 94.75.218.53 img.xvideos.com
O1 - Hosts: 94.75.218.1 xv100.xvideos.com
O1 - Hosts: 94.75.218.2 xv101.xvideos.com
O1 - Hosts: 94.75.218.3 xv102.xvideos.com
O1 - Hosts: 94.75.218.4 xv103.xvideos.com
O1 - Hosts: 94.75.218.5 xv104.xvideos.com
O1 - Hosts: 94.75.218.6 xv105.xvideos.com
O1 - Hosts: 94.75.218.7 xv106.xvideos.com
O1 - Hosts: 94.75.218.8 xv107.xvideos.com
O1 - Hosts: 94.75.218.9 xv108.xvideos.com
O1 - Hosts: 94.75.218.10 xv109.xvideos.com
O1 - Hosts: 94.75.218.11 xv110.xvideos.com
O1 - Hosts: 94.75.218.12 xv111.xvideos.com
O1 - Hosts: 94.75.218.13 xv112.xvideos.com
O1 - Hosts: 94.75.218.14 xv113.xvideos.com
O1 - Hosts: 94.75.218.15 xv114.xvideos.com
O1 - Hosts: 94.75.218.16 xv115.xvideos.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Açılır Pencere Engelleyicisine ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{76B141BD-AE2B-4201-B616-A71A655E7439}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 13869 bytes
-
"c:\windows\system32\drivers\etc\hosts" isimli klasördeymiş bütün bu 01 dosyaları bende bunu sildim inş. bir sorun olmaz çünkü hijackthis buna hata verdi..
hata bu :
buna cevabın nedir serji bey ?
< Bu mesaj bu kişi tarafından değiştirildi yaniyorsunfuatabi -- 6 Kasım 2009; 19:16:37 > -
Serji teşekkür Ederim
Emeğine sağlık... -
COmbo fix sonuçları
ComboFix 09-11-05.05 - Administrator 06.11.2009 15:10.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.2038.1288 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\1.bat
c:\windows\system32\2.reg
c:\windows\system32\hidden.reg
c:\windows\system32\scrrntr.dll
.
((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 )))))))))))))))))))))))))))))))
.
2009-11-06 12:56 . 2009-11-06 12:56 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-06 12:55 . 2009-11-06 12:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-11-06 12:55 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-06 12:55 . 2009-11-06 12:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-06 12:55 . 2009-11-06 12:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-06 12:55 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-06 12:34 . 2009-11-06 12:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nero
2009-11-06 11:30 . 2009-11-06 11:30 -------- d-----w- c:\program files\Trend Micro
2009-11-04 23:59 . 2009-11-04 23:59 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2009-11-01 18:00 . 2009-11-01 18:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2009-11-01 17:47 . 2009-11-01 17:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\ViGlance
2009-11-01 17:46 . 2009-11-01 18:38 -------- d-----w- c:\program files\ViGlance
2009-11-01 17:37 . 2009-11-01 17:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\Styler
2009-11-01 17:33 . 2009-11-01 17:33 15086 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_7b12541d.exe
2009-11-01 17:33 . 2009-11-01 17:33 15086 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe
2009-11-01 17:33 . 2009-11-01 17:37 -------- d-----w- c:\program files\Styler
2009-11-01 17:01 . 2009-10-30 13:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2009-11-01 17:01 . 2009-10-30 13:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-01 17:01 . 2009-11-01 17:01 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-11-01 17:00 . 2009-11-01 17:00 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-10-31 20:45 . 2009-10-31 20:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nokia
2009-10-31 20:45 . 2009-10-31 20:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Suite
2009-10-31 20:44 . 2009-10-31 20:44 -------- d-----w- c:\program files\Nokia
2009-10-31 20:44 . 2009-10-31 20:44 -------- d-----w- c:\program files\DIFX
2009-10-31 20:44 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-10-31 20:44 . 2009-10-31 20:44 -------- d-----w- c:\program files\PC Connectivity Solution
2009-10-31 20:38 . 2009-11-01 12:21 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-31 20:38 . 2009-10-31 20:38 -------- d-----w- c:\program files\Reference Assemblies
2009-10-31 20:38 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-10-31 20:31 . 2009-10-31 20:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2009-10-31 14:58 . 2009-10-31 14:58 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-31 14:49 . 2009-10-31 14:49 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-10-31 14:48 . 2009-10-31 14:48 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2009-10-30 23:12 . 2009-10-30 23:12 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-30 19:42 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-10-30 19:41 . 2009-11-03 16:28 -------- d-----w- c:\program files\Microsoft Works
2009-10-30 19:41 . 2009-10-30 19:41 -------- d-----w- c:\program files\MSBuild
2009-10-30 19:38 . 2009-10-30 19:41 -------- d-----w- c:\windows\SHELLNEW
2009-10-30 19:38 . 2009-10-30 19:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2009-10-30 19:38 . 2009-11-05 00:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-30 19:37 . 2009-10-30 19:37 -------- d-----r- C:\MSOCache
2009-10-30 13:28 . 2009-10-30 13:28 -------- d-----w- c:\windows\ie8updates
2009-10-30 13:24 . 2009-07-17 19:02 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2009-10-30 13:23 . 2009-08-29 07:56 206848 -c----w- c:\windows\system32\dllcache\occache.dll
2009-10-30 13:23 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-10-30 13:23 . 2009-08-29 07:56 1208832 -c----w- c:\windows\system32\dllcache\urlmon.dll
2009-10-30 13:23 . 2009-08-29 07:56 25600 -c----w- c:\windows\system32\dllcache\jsproxy.dll
2009-10-30 13:23 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-30 13:23 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-30 13:23 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-10-30 13:23 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-30 13:23 . 2009-08-29 07:56 387584 -c----w- c:\windows\system32\dllcache\iedkcs32.dll
2009-10-30 13:23 . 2009-08-28 10:39 173056 -c----w- c:\windows\system32\dllcache\ie4uinit.exe
2009-10-30 13:23 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-30 13:20 . 2009-02-06 10:15 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-10-30 13:20 . 2009-03-06 13:50 283136 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-10-30 13:20 . 2009-02-09 10:55 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-10-30 13:20 . 2009-02-09 10:55 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-10-30 13:20 . 2009-02-09 11:16 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-10-30 13:20 . 2009-02-06 10:36 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2009-10-30 13:20 . 2009-02-09 10:55 710656 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-10-30 13:20 . 2009-02-09 10:55 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-10-30 13:20 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-10-30 13:19 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-30 13:18 . 2009-08-04 17:21 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-30 13:18 . 2009-08-04 20:52 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-10-30 13:18 . 2009-08-04 17:21 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-30 13:17 . 2009-06-22 06:47 726528 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-10-30 13:17 . 2009-11-03 16:31 -------- d--h--w- c:\windows\$hf_mig$
2009-10-30 13:10 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-10-29 00:20 . 2009-10-29 00:21 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-10-28 23:12 . 2009-10-28 23:12 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-28 23:12 . 2009-10-28 23:12 -------- d-----w- c:\program files\McAfee Security Scan
2009-10-27 22:23 . 2009-10-27 22:23 0 ----a-w- c:\windows\nsreg.dat
2009-10-27 22:23 . 2009-10-27 22:23 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2009-10-27 21:08 . 2009-11-03 16:16 -------- d-----w- c:\program files\Farm Helper
2009-10-27 20:51 . 2009-11-03 16:16 -------- d-----w- c:\program files\FarmHelper
2009-10-23 14:45 . 2009-10-23 14:45 -------- d--h--w- c:\windows\PIF
2009-10-23 14:01 . 2009-10-23 14:01 -------- d-----w- c:\program files\CCleaner
2009-10-22 21:31 . 2009-10-22 21:31 -------- d-----w- c:\program files\DirectVobSub
2009-10-22 21:22 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-10-22 21:22 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-10-22 21:22 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-10-22 21:22 . 2009-10-16 18:53 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-22 20:19 . 2009-10-22 20:20 3119320 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmupdt.exe
2009-10-22 20:19 . 2009-10-22 20:19 198064 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-10-22 20:18 . 2009-10-22 20:18 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2009-10-22 18:16 . 2009-10-22 18:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\BSplayer Pro
2009-10-22 18:16 . 2009-10-22 18:16 -------- d-----w- c:\program files\Webteh
2009-10-22 18:09 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-22 17:59 . 2009-10-22 17:59 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\DFX
2009-10-22 15:58 . 2009-10-22 15:58 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-10-22 15:58 . 2009-10-22 15:58 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-10-22 15:58 . 2009-10-22 15:58 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-10-22 15:58 . 2009-10-22 15:58 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-10-22 15:58 . 2009-10-22 15:58 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-10-22 15:57 . 2009-10-22 15:57 80400 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-22 15:57 . 2009-10-22 15:57 80400 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-22 15:57 . 2009-10-22 15:57 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-22 15:57 . 2009-10-22 15:57 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-22 15:57 . 2009-10-22 15:57 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-22 15:57 . 2009-10-22 15:57 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-22 15:26 . 2009-10-22 15:26 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-22 15:19 . 2009-10-22 15:57 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-22 15:19 . 2009-10-22 15:57 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-22 15:19 . 2009-11-03 22:14 -------- d-----w- c:\program files\Microsoft Goodies
2009-10-22 15:19 . 2009-11-06 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-22 15:19 . 2009-10-22 16:02 -------- d-----w- c:\program files\Kaspersky Lab
2009-10-21 22:49 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-10-21 22:49 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-10-21 22:49 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-10-21 22:49 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-10-21 22:49 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-10-21 22:49 . 2009-10-21 22:49 -------- d-----w- c:\program files\Nero
2009-10-21 22:49 . 2009-10-21 22:49 -------- d-----w- c:\program files\Common Files\Nero
2009-10-21 22:49 . 2009-10-21 22:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-10-21 22:48 . 2009-10-21 22:48 -------- d-----w- c:\program files\7-Zip
2009-10-21 22:43 . 2009-10-21 22:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2009-10-21 22:43 . 2009-11-01 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-10-21 22:41 . 2009-10-21 22:43 -------- d-----w- c:\program files\Google
2009-10-21 22:40 . 2009-10-21 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\DFX
2009-10-21 22:40 . 2009-10-21 22:40 -------- d-----w- c:\program files\DFX
2009-10-21 22:40 . 2009-10-21 22:40 -------- d-----w- c:\program files\Common Files\DFX
2009-10-21 22:39 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-21 22:39 . 2009-10-22 21:23 -------- d-----w- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-04 14:55 . 2009-10-21 23:10 70144 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-03 01:03 . 2001-11-22 12:00 75394 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-03 01:03 . 2001-11-22 12:00 417436 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-01 16:43 . 2009-10-21 23:12 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-31 20:47 . 2009-10-22 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-22 15:14 . 2009-10-21 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-10-22 15:14 . 2009-10-21 22:52 -------- d-----w- c:\program files\Lavasoft
2009-10-22 15:13 . 2009-10-22 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-10-22 14:16 . 2009-10-22 12:43 -------- d-----w- c:\program files\Farmville
2009-10-21 23:34 . 2009-10-21 23:34 -------- d-----w- c:\program files\Microsoft
2009-10-21 23:34 . 2009-10-21 23:33 -------- d-----w- c:\program files\Windows Live
2009-10-21 23:34 . 2009-10-21 23:34 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-21 23:28 . 2009-10-21 23:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-10-21 23:10 . 2009-10-21 23:10 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-21 22:58 . 2009-10-21 15:41 -------- d-----w- c:\program files\Windows Sidebar
2009-10-21 16:05 . 2009-10-21 15:45 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-21 15:46 . 2009-10-21 15:46 295 ----a-w- c:\windows\system32\Find_Target.vbs
2009-10-21 15:46 . 2009-10-21 15:46 -------- d-----w- c:\program files\LClock
2009-10-21 15:42 . 2009-10-21 15:42 21736 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-21 15:42 . 2009-10-21 15:42 -------- d-----w- c:\program files\VistaExperience.org
2009-10-21 15:41 . 2009-10-21 15:41 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-11 14:14 . 2008-04-14 07:00 136704 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-09 10:43 . 2009-10-15 06:09 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-09-04 21:04 . 2008-04-14 07:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2009-05-08 20:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:01 . 2009-05-08 20:20 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
.
------- Sigcheck -------
[-] 2009-05-08 . 1254A5890C9F1ADA216BE0E0B5D5CF35 . 540672 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2009-05-08 . 2E1BE2B73E406E85211B0CC306BB1E56 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-05-08 . B3A28AB23450EBFEAB3CEE207B97EAA5 . 639488 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-05-08 . 5C098BB8DDFD7C9DF4442474BD166D24 . 2509312 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2009-05-08 . 7D518D62725D520CC5A01AAD5074AD39 . 37888 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
c:\windows\system32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="c:\program files\LClock\lclock.exe" [2004-09-19 65536]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-10-22 3134896]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2009-05-08 37888]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-21 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-26 196608]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-05-22 413696]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
"combofix"="c:\combofix\CF9732.exe" [2009-11-06 387072]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-13 17508864]
"Alcmtr"="ALCMTR.EXE" - c:\windows\ALCMTR.EXE [2008-06-19 57344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-05-08 37888]
"LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-05-08 128512]
c:\documents and settings\Administrator\Start Menu\Programlar\BaŸlang‡\
Styler.lnk - c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-11-1 15086]
c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"SfcDisable"=dword:ffffff9d
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15.12.2008 19:41 33808]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13.05.2009 16:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16.05.2009 19:59 19472]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 07:24 10064]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.10.2009 23:57 1684736]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBR
*Deregistered* - mbr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-11-06 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Açılır Pencere Engelleyicisine ekle - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Bütün linkleri IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm
IE: FLV video içeriğini IDM ile indir - c:\program files\Internet Download Manager\IEGetVL.htm
IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {76B141BD-AE2B-4201-B616-A71A655E7439} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yjdxqr0q.default\
FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2009-11-06 15:18
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1004336348-1326574676-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,eb,f1,91,97,06,ab,7e,4f,a6,69,9c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,eb,f1,91,97,06,ab,7e,4f,a6,69,9c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,eb,f1,91,97,06,ab,7e,4f,a6,69,9c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1856)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1912)
c:\windows\system32\setupapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Apoint2K\Apntex.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Styler\Styler.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2009-11-06 15:20 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-06 13:20
Pre-Run: 13.088.309.248 bayt boş
Post-Run: 13.282.078.720 bayt boş
- - End Of File - - C231A0FBD62EB7ED6088201C0E8F0F07
-
Merhaba,
Pc çok kasmaya başladı son günlerde. Sistem XP ama üstüne vista teması kurdum. Virüsler filan her şey karıştı. Yardımcı olursanız sevinirim.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:06, on 06.11.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy125.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kwanzy\kwanzy.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Documents and Settings\USER\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O1 - Hosts: 208.65.153.251 uk.youtube.com
O1 - Hosts: 208.65.153.253 de.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Bar] C:\Documents and Settings\USER\Desktop\SETUP.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241276878671
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) -http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDBE4A43-57BE-4311-9131-1B039C685E17}: NameServer = 208.67.222.222
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy125.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 13526 bytes
-
quote:
Orijinalden alıntı: .TaneR.
Bilgisayarımda biraz kasma başladı. Boş zamanında bakabilirsen sevinirim
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.haber7.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: TT Jacker :)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
-
quote:
Orijinalden alıntı: Caesar06
mümkünse bende yardım istiyorum... :
* HijackThis adlı programı açın.
* Do a system scan only seçeneğine tıklayın.
* Aşağıdaki satırları işaretleyin.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 5F8268.lnk = C:\WINDOWS\system32\1B2541\5F8268.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
* CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.
ComboFix adlı programı masaüstünüze indirin.
http://www.buraksonmez.com/dosyalar/ComboFix.exe
1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
-
quote:
Orijinalden alıntı: Ocean Blue
Serji teşekkür Ederim
Emeğine sağlık...
Rica ederim. Kolay gelsin.
quote:
Orijinalden alıntı: ozzyouz
COmbo fix sonuçları
Bir sorun gozukmuyor. MBAM ile de taratmanda fayda olabilir. -
quote:
Orijinalden alıntı: Cane®
Merhaba,
Pc çok kasmaya başladı son günlerde. Sistem XP ama üstüne vista teması kurdum. Virüsler filan her şey karıştı. Yardımcı olursanız sevinirim.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [Bar] C:\Documents and Settings\USER\Desktop\SETUP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
ComboFix adlı programı masaüstünüze indirin.
http://www.buraksonmez.com/dosyalar/ComboFix.exe
1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
-
quote:
Orijinalden alıntı: ozzyouz
"c:\windows\system32\drivers\etc\hosts" isimli klasördeymiş bütün bu 01 dosyaları bende bunu sildim inş. bir sorun olmaz çünkü hijackthis buna hata verdi..
hata bu :
buna cevabın nedir serji bey ?
-
log dosyası bu.
Malwarebytes' Anti-Malware 1.41
Veritabanı sürümü: 3111
Windows 5.1.2600 Service Pack 3
06.11.2009 19:45:28
mbam-log-2009-11-06 (19-45-27).txt
Tarama biçimi: Gelişmiş Tarama (C:\|D:\|)
Taranan öğeler: 197304
Geçen süre: 59 minute(s), 42 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 0
Etkilenmiş Kayıt Değerleri: 0
Etkilenmiş Kayıt Verisi Öğeleri: 0
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 0
Etkilenmiş Hafıza İşlemleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Hafıza Modülleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Anahtarları:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Değerleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Kayıt Verisi Öğeleri:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Klasörler:
(Herhangi bir tehlikeli öğe bulunmadı)
Etkilenmiş Dosyalar:
(Herhangi bir tehlikeli öğe bulunmadı)
-
@serji
Aşağıdaki kayıtlar beni şüpheye düşürdü, sana zahmet bakarmısın?
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
ComboFix 09-11-05.05 - Tamer 06.11.2009 17:14.52.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1254.90.1055.18.1015.678 [GMT 2:00]
Running from: c:\documents and settings\Tamer\Desktop\ComboFix.exe
AV: Doctor Web Anti-Virus *On-access scanning enabled* (Updated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Tamer\Application Data\.#
.
((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 )))))))))))))))))))))))))))))))
.
2009-11-06 14:27 . 2009-11-06 14:27 -------- d-----w- c:\program files\Common Files\Labcenter Electronics
2009-11-06 14:27 . 2005-10-18 15:36 54784 ----a-w- c:\windows\system32\INETWH32.DLL
2009-11-06 14:27 . 2005-10-18 15:36 1048576 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-11-06 14:27 . 2009-11-06 14:27 -------- d-----w- c:\program files\Labcenter Electronics
2009-10-23 19:18 . 2009-10-23 19:20 -------- d-----w- c:\program files\Exif Farm
2009-10-08 12:59 . 2009-10-08 12:59 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-10-07 16:57 . 2009-10-07 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-06 14:50 . 2001-11-22 11:00 82366 ----a-w- c:\windows\system32\perfc01F.dat
2009-11-06 14:50 . 2001-11-22 11:00 430722 ----a-w- c:\windows\system32\perfh01F.dat
2009-11-06 14:47 . 2009-02-23 18:06 -------- d-----w- c:\program files\Microsoft Works
2009-11-06 14:27 . 2009-05-22 15:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-06 13:42 . 2008-12-31 16:15 -------- d-----w- c:\documents and settings\Tamer\Application Data\uTorrent
2009-11-03 18:43 . 2009-01-02 18:06 426 ----a-w- C:\sccfg.sys
2009-10-23 18:26 . 2009-01-02 18:06 -------- d-----w- c:\program files\Folder Lock
2009-10-09 16:31 . 2009-09-14 10:20 -------- d-----w- c:\program files\ARProtect
2009-10-07 15:54 . 2009-01-05 10:54 83872 ----a-w- c:\documents and settings\Tamer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-06 10:03 . 2009-10-06 10:03 -------- d-----w- c:\documents and settings\Tamer\Application Data\Design Science
2009-10-06 10:03 . 2009-10-06 10:03 -------- d-----w- c:\program files\MathType
2009-10-05 10:12 . 2009-03-09 12:04 -------- d-----w- c:\program files\Web Page Maker V2
2009-10-05 10:12 . 2009-03-09 12:04 -------- d-----w- c:\documents and settings\Tamer\Application Data\Web Page Maker V2
2009-09-30 14:16 . 2009-09-30 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-28 16:03 . 2009-09-28 16:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Zbshareware Lab
2009-09-28 16:03 . 2008-12-31 11:07 -------- d-----w- c:\program files\USB Disk Security
2009-09-28 15:04 . 2009-01-14 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-09-28 12:16 . 2009-09-28 12:16 -------- d-----w- c:\documents and settings\Tamer\Application Data\Office Genuine Advantage
2009-09-25 15:10 . 2009-05-18 19:07 -------- d-----w- c:\program files\Java
2009-09-25 15:09 . 2009-09-25 15:09 152576 ----a-w- c:\documents and settings\Tamer\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-09-25 12:51 . 2009-09-25 12:51 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-11 14:34 . 2004-08-03 20:45 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 12:42 . 2009-09-11 12:42 -------- d-----w- c:\program files\Trend Micro
2009-09-10 11:54 . 2009-09-30 14:16 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 11:53 . 2009-09-30 14:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 20:46 . 2004-08-03 20:45 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 11:52 . 2009-09-01 11:52 7680 ----a-w- c:\documents and settings\Tamer\Application Data\Thinstall\FastStone Capture 6.3 Beta\1000000b00002i\verclsid.exe
2009-08-29 07:56 . 2004-08-03 20:45 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:15 . 2004-08-03 20:45 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-01-23 10:09 . 2009-01-23 10:09 2 --shatr- c:\windows\winstart.bat
.
------- Sigcheck -------
[-] 2008-12-29 . 5DBFC36FC0C9BDC8B7615143F422CC9B . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 043873D830016BB0F1E7759F7BCEDE81 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\31d7b774df1570be3bd6cc99092a4043\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-09_13.50.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-16 11:09 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2008-12-31 09:21 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2008-12-31 09:21 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2009-01-12 16:27 . 2004-03-22 13:17 25840 c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2009-02-23 18:07 . 2004-03-22 13:17 42224 c:\windows\system32\spool\drivers\w32x86\mdiui.dll
+ 2009-02-23 18:07 . 2004-03-22 13:17 42224 c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2009-11-06 13:43 . 2009-08-06 17:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-11-06 13:43 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2001-11-22 11:00 . 2009-08-26 09:41 71982 c:\windows\system32\perfc009.dat
+ 2001-11-22 11:00 . 2009-11-06 14:50 71982 c:\windows\system32\perfc009.dat
+ 2007-08-13 16:54 . 2009-08-29 07:56 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2009-07-03 16:57 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-01-12 16:27 . 2004-03-22 13:17 24816 c:\windows\system32\mdimon.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 25600 c:\windows\system32\jsproxy.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 25600 c:\windows\system32\jsproxy.dll
- 2009-08-24 10:06 . 2009-07-03 16:57 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-08-24 10:06 . 2009-08-29 07:56 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2008-12-31 09:21 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-12-31 09:21 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
- 2009-02-20 17:08 . 2009-07-03 16:57 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-02-20 17:08 . 2009-08-29 07:56 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-03 20:45 . 2009-09-04 20:46 58880 c:\windows\system32\dllcache\msasn1.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-03 20:45 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
- 2008-12-31 09:28 . 2008-12-31 09:28 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-31 09:28 . 2009-10-20 03:46 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-12-31 09:28 . 2008-12-31 09:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-31 09:28 . 2009-10-20 03:46 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2004-08-03 20:45 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 17:58 . 2007-04-13 17:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 17:57 . 2007-04-13 17:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 17:57 . 2007-04-13 17:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 18:30 . 2007-04-13 18:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2003-07-15 05:00 . 2003-07-15 05:00 99904 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 74288 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\RM.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 64056 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL
+ 2003-07-15 04:44 . 2003-07-15 04:44 88128 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL
+ 2003-07-15 04:41 . 2003-07-15 04:41 24640 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL
+ 2003-07-14 20:53 . 2003-07-14 20:53 95792 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OSA.EXE
+ 2003-07-15 09:14 . 2003-07-15 09:14 27192 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 35328 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 18944 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 17920 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL
+ 2003-07-14 20:57 . 2003-07-14 20:57 87096 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-07-26 00:57 . 2003-07-26 00:57 75832 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL
+ 2003-07-14 20:53 . 2003-07-14 20:53 60984 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\BLNMGR.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 87616 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL
+ 2009-11-06 14:51 . 2009-07-03 16:57 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_37e93dee\System.Drawing.Design.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_76c81476\CustomMarshalers.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-11-06 14:51 . 2009-11-06 14:51 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-11-06 14:47 . 2009-11-06 14:47 88776 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-02-23 18:07 . 2009-11-06 14:52 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-11-06 14:50 . 2009-11-06 14:50 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-12-31 09:21 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2008-12-31 09:21 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2004-08-03 20:45 . 2009-04-03 10:15 485376 c:\windows\system32\wmspdmod.dll
+ 2009-02-23 18:07 . 2004-03-22 13:17 765680 c:\windows\system32\spool\drivers\w32x86\mdigraph.dll
+ 2009-02-23 18:07 . 2004-03-22 13:17 765680 c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2009-11-06 13:43 . 2009-08-06 17:23 575704 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.4.7600.226\wuapi.dll
- 2001-11-22 11:00 . 2009-08-26 09:41 443724 c:\windows\system32\perfh009.dat
+ 2001-11-22 11:00 . 2009-11-06 14:50 443724 c:\windows\system32\perfh009.dat
+ 2004-08-03 20:45 . 2009-08-29 07:56 206848 c:\windows\system32\occache.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 206848 c:\windows\system32\occache.dll
+ 2009-09-26 09:02 . 2009-08-06 17:23 215904 c:\windows\system32\muweb.dll
+ 2009-09-26 09:02 . 2009-08-06 17:23 274288 c:\windows\system32\mucltui.dll
- 2007-08-13 16:54 . 2009-07-03 16:57 594432 c:\windows\system32\msfeeds.dll
+ 2007-08-13 16:54 . 2009-08-29 07:56 594432 c:\windows\system32\msfeeds.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 184320 c:\windows\system32\iepeers.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 184320 c:\windows\system32\iepeers.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-03 20:45 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-03 20:45 . 2009-08-28 10:39 173056 c:\windows\system32\ie4uinit.exe
- 2008-12-31 11:07 . 2009-10-06 17:10 305216 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-31 11:07 . 2009-11-06 14:54 305216 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-31 09:21 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-12-31 09:21 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2004-08-03 20:45 . 2009-04-03 10:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-03 20:45 . 2009-08-26 08:15 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-03 20:45 . 2008-10-03 10:16 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-03 20:45 . 2009-06-25 08:48 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-03 20:45 . 2009-09-11 14:34 133632 c:\windows\system32\dllcache\msv1_0.dll
- 2009-02-20 17:08 . 2009-07-03 16:57 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-02-20 17:08 . 2009-08-29 07:56 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2009-08-24 10:06 . 2009-07-03 16:57 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-08-24 10:06 . 2009-08-29 07:56 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 184320 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-03 20:45 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-03 20:45 . 2009-08-28 10:39 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 17:58 . 2007-04-13 17:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 17:56 . 2007-04-13 17:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 18:30 . 2007-04-13 18:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 217864 c:\windows\Installer\{90120000-00A4-0409-0000-0000000FF1CE}\misc.exe
- 2009-09-28 09:54 . 2009-09-28 09:54 217864 c:\windows\Installer\{90120000-00A4-0409-0000-0000000FF1CE}\misc.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-02-23 18:07 . 2009-09-28 09:54 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-02-23 18:07 . 2009-11-06 14:52 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2005-05-03 22:06 . 2005-05-03 22:06 199408 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.7969\MSMDUN80.DLL
+ 2005-05-03 22:06 . 2005-05-03 22:06 465640 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.7969\MSDMENG.DLL
+ 2003-08-06 19:26 . 2003-08-06 19:26 445488 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\SOA.DLL
+ 2003-08-06 19:31 . 2003-08-06 19:31 362552 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\SETLANG.EXE
+ 2003-07-15 04:50 . 2003-07-15 04:50 551480 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\PUBCONV.DLL
+ 2003-07-15 04:51 . 2003-07-15 04:51 604728 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\PTXT9.DLL
+ 2003-07-15 04:40 . 2003-07-15 04:40 130104 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\PRTF9.DLL
+ 2003-07-15 09:18 . 2003-07-15 09:18 430136 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 139320 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLPH.DLL
+ 2003-07-15 04:45 . 2003-07-15 04:45 196152 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLOOK.EXE
+ 2003-07-15 09:14 . 2003-07-15 09:14 828472 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL
+ 2003-07-15 09:14 . 2003-07-15 09:14 283696 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OIS.EXE
+ 2003-07-24 04:40 . 2003-07-24 04:40 482872 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL
+ 2003-07-15 04:56 . 2003-07-15 04:56 124984 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE
+ 2003-07-15 05:02 . 2003-07-15 05:02 627256 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE
+ 2003-07-23 20:35 . 2003-07-23 20:35 127032 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
+ 2003-07-15 01:14 . 2003-07-15 01:14 106552 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
+ 2003-07-15 09:14 . 2003-07-15 09:14 139328 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL
+ 2003-07-15 09:13 . 2003-07-15 09:13 130112 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL
+ 2003-07-15 05:01 . 2003-07-15 05:01 445496 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MODHELP.DLL
+ 2003-05-28 21:42 . 2003-05-28 21:42 342616 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\METCONV.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 443904 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 758784 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL
+ 2003-05-28 21:42 . 2003-05-28 21:42 514680 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\INTLNAME.DLL
+ 2003-07-24 04:32 . 2003-07-24 04:32 121400 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL
+ 2003-07-26 01:14 . 2003-07-26 01:14 799288 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
+ 2003-07-15 05:36 . 2003-07-15 05:36 186424 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
+ 2003-07-31 21:19 . 2003-07-31 21:19 131648 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL
+ 2003-07-15 01:14 . 2003-07-15 01:14 350264 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
+ 2003-07-15 09:13 . 2003-07-15 09:13 166456 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL
+ 2009-02-11 17:39 . 2009-02-11 17:39 461616 c:\windows\Installer\$PatchCache$\Managed\000021094A0090400000000000F01FEC\12.0.4518\OWC11PIA.DLL
+ 2009-11-06 14:51 . 2009-07-03 16:57 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-11-06 14:51 . 2009-05-26 11:43 386424 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-11-06 14:51 . 2008-07-08 13:22 232824 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-11-06 14:51 . 2009-07-03 16:57 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-11-06 14:51 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-30 20:42 . 2007-01-09 06:19 110592 c:\windows\Downloaded Program Files\PURtr-tr.dll
+ 2006-11-20 09:04 . 2006-11-20 09:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll
+ 2009-08-19 09:55 . 2009-08-19 09:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_bf0ed423\System.Drawing.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_440a07d7\System.Drawing.Design.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ccef7ef3\CustomMarshalers.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-06 14:48 . 2009-11-06 14:48 477032 c:\windows\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
+ 2009-11-06 14:47 . 2009-11-06 14:47 101064 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2009-11-06 13:59 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2008-12-31 09:21 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 1208832 c:\windows\system32\urlmon.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 1208832 c:\windows\system32\urlmon.dll
- 2004-08-03 20:45 . 2006-06-22 05:06 1435648 c:\windows\system32\query.dll
+ 2004-08-03 20:45 . 2009-07-17 16:26 1435648 c:\windows\system32\query.dll
+ 2004-08-03 20:40 . 2009-08-04 17:05 2138112 c:\windows\system32\ntoskrnl.exe
- 2004-08-03 20:40 . 2009-02-09 11:49 2138112 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 00:40 . 2009-02-09 11:49 2017792 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 00:40 . 2009-08-04 17:05 2017792 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-03 20:45 . 2009-08-29 07:56 5940224 c:\windows\system32\mshtml.dll
+ 2007-08-13 16:34 . 2009-08-29 07:56 1985536 c:\windows\system32\iertutil.dll
- 2007-08-13 16:34 . 2009-07-03 16:57 1985536 c:\windows\system32\iertutil.dll
+ 2008-12-31 09:21 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2004-08-03 20:45 . 2009-08-29 07:56 1208832 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-03 20:45 . 2009-07-03 16:57 1208832 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-03 20:45 . 2006-06-22 05:06 1435648 c:\windows\system32\dllcache\query.dll
+ 2004-08-03 20:45 . 2009-07-17 16:26 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-04-16 07:01 . 2009-08-04 17:05 2182272 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2017792 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2017792 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2059648 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2059648 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2138112 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2138112 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-03 20:45 . 2009-08-29 07:56 5940224 c:\windows\system32\dllcache\mshtml.dll
- 2009-02-20 17:08 . 2009-07-03 16:57 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-02-20 17:08 . 2009-08-29 07:56 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-11-25 01:59 . 2008-11-25 01:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 18:35 . 2007-04-13 18:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 18:35 . 2007-04-13 18:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 17:57 . 2007-04-13 17:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 17:57 . 2007-04-13 17:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-13 17:50 . 2007-04-13 17:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-09-21 14:53 . 2009-09-21 14:53 5518848 c:\windows\Installer\4f01b1.msp
+ 2009-07-27 02:31 . 2009-07-27 02:31 3738624 c:\windows\Installer\4f019b.msp
+ 2009-07-02 14:22 . 2009-07-02 14:22 4854272 c:\windows\Installer\4f0171.msp
+ 2005-05-03 22:06 . 2005-05-03 22:06 1411816 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.7969\MSDMINE.DLL
+ 2003-07-03 21:19 . 2003-07-03 21:19 2502656 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\VBE6.DLL
+ 2003-08-03 16:52 . 2003-08-03 16:52 2808376 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL
+ 2003-07-31 21:21 . 2003-07-31 21:21 1782840 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE
+ 2003-07-30 18:40 . 2003-07-30 18:40 6133312 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE
+ 2003-08-04 19:19 . 2003-08-04 19:19 7330360 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OWC10.DLL
+ 2003-08-10 05:06 . 2003-08-10 05:06 7522360 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL
+ 2003-07-28 18:24 . 2003-07-28 18:24 5677112 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSPUB.EXE
+ 2003-06-18 23:31 . 2003-06-18 23:31 1033216 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL
+ 2003-08-15 06:54 . 2003-08-15 06:54 6627392 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE
+ 2003-08-01 21:07 . 2003-08-01 21:07 4815424 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\INFOPATH.EXE
+ 2003-07-15 05:11 . 2003-07-15 05:11 2139192 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE
+ 2003-07-26 01:00 . 2003-07-26 01:00 1157696 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
+ 2003-07-24 05:01 . 2003-07-24 05:01 1949240 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
+ 2007-08-24 01:32 . 2007-08-24 01:32 7049616 c:\windows\Installer\$PatchCache$\Managed\000021094A0090400000000000F01FEC\12.0.6213\OWC11.DLL
+ 2009-11-06 14:51 . 2009-07-03 16:57 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-11-06 14:51 . 2009-07-19 13:13 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-11-06 14:51 . 2009-07-03 16:57 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-04-16 07:01 . 2009-08-04 17:05 2182272 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2017792 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2017792 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2059648 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2059648 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-04-16 07:01 . 2009-08-04 17:05 2138112 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2009-04-16 07:01 . 2009-02-09 11:49 2138112 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-11-06 14:49 . 2009-11-06 14:49 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_40916cc1\System.dll
+ 2009-11-06 14:48 . 2009-11-06 14:48 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3f3c1a03\System.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_c2759fc7\System.Xml.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2bd7a30e\System.Xml.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_fca9aa8e\System.Windows.Forms.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_fba08193\System.Windows.Forms.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3ec9ff8f\System.Drawing.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_402a3f60\System.Design.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_250ea8d2\System.Design.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_64eb8b9b\mscorlib.dll
+ 2009-11-06 14:49 . 2009-11-06 14:49 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_532f7106\mscorlib.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-08-24 11:46 . 2009-08-24 11:46 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-04-22 12:14 . 2009-04-22 12:14 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-11-06 14:48 . 2009-11-06 14:48 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-11-06 14:48 . 2009-11-06 14:48 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-04-22 12:14 . 2009-04-22 12:14 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-04-15 10:28 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
+ 2007-08-13 16:54 . 2009-08-29 07:56 11069440 c:\windows\system32\ieframe.dll
+ 2009-02-20 17:08 . 2009-08-29 07:56 11069440 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-14 18:32 . 2009-08-14 18:32 11110912 c:\windows\Installer\4f0192.msp
+ 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\4f0189.msp
+ 2005-09-01 16:33 . 2005-09-01 16:33 88609280 c:\windows\Installer\4f0168.msp
+ 2003-08-06 19:24 . 2003-08-06 19:24 12037688 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE
+ 2003-08-08 06:23 . 2003-08-08 06:23 12172336 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSO.DLL
+ 2003-08-13 08:34 . 2003-08-13 08:34 10073144 c:\windows\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE
+ 2009-11-06 14:51 . 2009-07-19 15:43 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2009-11-06 14:52 . 2009-11-06 14:52 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2009-11-06 14:51 . 2009-11-06 14:51 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2009-11-06 14:50 . 2009-11-06 14:50 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Auto Shutdown Genius"="c:\program files\AutoShutdown\Shutdown.exe" [2008-06-22 1349539]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2009-09-28 815104]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)
"ose"=3 (0x3)
"C-DillaCdaC11BA"=2 (0x2)
"VSSERV"=2 (0x2)
"LIVESRV"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"MBAMService"=2 (0x2)
"Arrakis3"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30.09.2009 16:16 269648]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [30.09.2009 16:16 19160]
S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys --> c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [?]
S2 ShutdownService;Auto Shutdown Service;c:\program files\Auto Shutdown Genius\ShutdownSvr.exe [01.06.2009 16:50 671232]
S4 Arrakis3;BitDefender Arrakis Server;"c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe" --> c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
TCP: {225BF9D4-9CF4-4BB9-B386-2206DD9DC885} = 4.2.2.3,4.2.2.4
FF - ProfilePath - c:\documents and settings\Tamer\Application Data\Mozilla\Firefox\Profiles\qs66javf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Tamer\Belgelerim\İndirilenler\HijackThis.exe
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3888)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-11-06 17:19
ComboFix-quarantined-files.txt 2009-11-06 15:18
ComboFix2.txt 2009-11-03 14:55
ComboFix3.txt 2009-10-30 16:06
ComboFix4.txt 2009-10-30 14:53
ComboFix5.txt 2009-11-06 15:14
Pre-Run: 1.350.164.480 bayt boş
Post-Run: 1.375.002.624 bayt boş
- - End Of File - - A2631CE719C9209038469FBD0C1CD7E3
< Bu mesaj bu kişi tarafından değiştirildi tcebeci -- 6 Kasım 2009; 21:27:41 >
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
