Şimdi Ara

HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (454. sayfa)

Bu Konudaki Kullanıcılar:
2 Misafir - 2 Masaüstü
5 sn
9.878
Cevap
17
Favori
1.234.270
Tıklama
Daha Fazla
İstatistik
  • Konu İstatistikleri Yükleniyor
0 oy
Öne Çıkar
Sayfa: önceki 452453454455456
Sayfaya Git
Git
sonraki
Giriş
Mesaj
  • arkadaslar benim pc deki sorun
    bilgisayar her açilip kapatildiginda internet explorer ve bilgisayarin geçmisi otomatik olarak silinmesi
    ve bilgisayarda programlarda çalisirken belirgin bir yavaslama ( programin içinde veya masa üstünde fare bosta dururken fare imlecinin yanina kum saatli imleci bir kaç saniyeligine gelip gidiyor )





     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:13:34, on 08.12.2009
    Platform: Windows 2003 SP2 (WinNT 5.02.3790)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
    C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
    C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\uglmd.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\PDF Complete\pdfsty.exe
    C:\Program Files (x86)\Winamp\winampa.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\XP-D41D8CD9.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.hp.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Bagi Yardimi - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [XP-D41D8CD9] C:\WINDOWS\SysWow64\XP-D41D8CD9.EXE
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-D41D8CD9.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - ESC Trusted Zone:http://runonce.msn.com
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) -http://80.237.209.20/objects/NpFv501.dll
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
    O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
    O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

    --
    End of file - 7588 bytes





    < Bu mesaj bu kişi tarafından değiştirildi maketm -- 8 Aralık 2009; 10:30:31 >
  • combo fix raporu
    ComboFix 09-11-09.01 - savaş 07.12.2009 9:39.6.2 - NTFSx86  
    Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.446.175 [GMT 2:00]
    Running from: c:\documents and settings\savaş\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    - REDUCED FUNCTIONALITY MODE -
    .

    ((((((((((((((((((((((((( Files Created from 2009-11-07 to 2009-12-07 )))))))))))))))))))))))))))))))
    .

    2009-12-06 13:47 . 2009-12-06 13:48 -------- d-----w- c:\program files\mIRC
    2009-12-04 18:41 . 2009-12-04 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2009-12-04 17:26 . 2009-12-04 18:44 -------- d-----w- c:\program files\Messenger Plus! Live
    2009-12-04 14:06 . 2009-12-04 14:10 -------- d-----w- c:\program files\mp3DirectCut
    2009-11-25 15:38 . 2009-11-25 15:38 -------- d-----w- c:\program files\Shuangs WAV to MP3 Converter
    2009-11-25 15:34 . 2009-11-25 15:34 295424 ----a-w- c:\windows\system32\bwmedia1.dll
    2009-11-25 15:34 . 2009-11-25 15:34 150016 ----a-w- c:\windows\system32\bwmedia.dll
    2009-11-25 15:34 . 2009-11-25 15:34 -------- d-----w- c:\program files\MP3 Wave Converter
    2009-11-23 14:14 . 2009-12-07 07:17 -------- d-----w- c:\program files\LimeWire
    2009-11-23 13:53 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
    2009-11-18 22:29 . 2009-11-18 23:14 -------- d-----w- c:\program files\GCH Guitar academy
    2009-11-11 23:26 . 2009-11-11 23:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp
    2009-11-10 15:28 . 2009-11-10 15:28 -------- d-----w- c:\program files\Dracula Virüs Temizleyici 3.5
    2009-11-10 13:25 . 2009-11-10 13:25 -------- d-----w- c:\windows\system32\URTTEMP
    2009-11-10 13:15 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
    2009-11-07 21:41 . 2009-11-07 21:41 -------- d-----w- c:\program files\iMesh Applications

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-06 13:47 . 2009-07-04 18:38 -------- d-----w- c:\program files\mIRCTR Script v6.35
    2009-12-06 08:44 . 2009-09-14 15:53 -------- d-----w- c:\program files\Windows Live Safety Center
    2009-12-04 13:49 . 2009-12-03 22:53 -------- d-----w- c:\program files\AnMing
    2009-11-28 21:08 . 2009-06-09 19:16 41 ----a-w- c:\windows\popcinfo.dat
    2009-11-25 15:31 . 2009-07-25 13:36 -------- d-----w- c:\program files\MP3Gain
    2009-11-23 14:01 . 2009-02-17 19:58 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-11-12 07:59 . 2006-03-02 12:00 89192 ----a-w- c:\windows\system32\perfc01F.dat
    2009-11-12 07:59 . 2006-03-02 12:00 444072 ----a-w- c:\windows\system32\perfh01F.dat
    2009-11-10 13:43 . 2009-02-17 17:05 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-11-05 15:05 . 2009-11-05 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2009-11-05 15:02 . 2009-11-05 15:02 -------- d-----w- c:\program files\NOS
    2009-11-05 12:43 . 2009-11-01 12:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS(2)
    2009-11-05 12:40 . 2009-11-02 13:45 -------- d-----w- c:\program files\RealDrawPRO4
    2009-11-05 12:23 . 2009-11-05 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
    2009-11-02 22:21 . 2009-09-16 16:22 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2009-10-31 15:06 . 2009-10-31 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
    2009-10-29 18:13 . 2009-10-29 18:13 684 ----a-w- C:\avexport.bat
    2009-10-28 08:54 . 2009-02-17 21:02 -------- d-----w- c:\program files\Windows Live
    2009-10-28 08:53 . 2009-09-14 14:17 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-10-26 20:54 . 2009-10-26 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-10-26 20:53 . 2009-10-26 20:53 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2009-10-26 20:52 . 2009-10-26 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-10-23 06:53 . 2009-10-23 06:53 -------- d-----w- c:\program files\Trend Micro
    2009-10-22 21:23 . 2009-10-18 06:05 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8ls
    2009-10-22 21:22 . 2009-02-17 19:42 -------- d-----w- c:\program files\Google
    2009-10-22 06:50 . 2009-03-09 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2009-10-18 04:59 . 2009-02-17 19:56 -------- d-----w- c:\program files\Java
    2009-10-08 10:03 . 2009-10-08 09:15 286720 ------w- c:\windows\Setup1.exe
    2009-10-08 10:03 . 2009-10-08 09:15 73216 ----a-w- c:\windows\ST6UNST.EXE
    2009-10-08 09:05 . 2009-10-08 09:05 -------- d-----w- c:\program files\Shenturk
    2009-10-08 08:04 . 2009-10-06 12:49 -------- d-----w- c:\program files\GCH Guitar academy(2)
    2009-10-08 08:04 . 2009-10-08 08:04 -------- d-----w- c:\program files\Webteh
    2009-10-08 08:04 . 2009-10-06 13:27 -------- d-----w- c:\program files\BS_Player
    2009-10-03 09:00 . 2009-10-03 09:00 2560 ----a-w- c:\windows\_MSRSTRT.EXE
    2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS
    2009-09-25 16:32 . 2009-09-25 16:32 8 ----a-w- c:\documents and settings\All Users\Application Data\VGANGMJYMWPP.SYS
    2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS
    2009-09-25 16:30 . 2009-09-25 16:30 8 ----a-w- c:\documents and settings\All Users\Application Data\TYRCPHJYWWPP.SYS
    2009-09-16 12:53 . 2009-09-16 07:37 8192 ----a-w- C:\mtwb.dat
    2009-09-11 14:18 . 2009-09-11 14:18 136192 ----a-w- c:\windows\system32\SETA4.tmp
    2009-09-11 14:18 . 2006-03-02 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-10 12:54 . 2009-10-26 20:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-09-10 12:53 . 2009-10-26 20:52 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    .

    ((((((((((((((((((((((((((((( SnapShot_2009-10-28_22.36.59 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-12-07 07:16 . 2009-12-07 07:16 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
    + 2009-11-10 13:15 . 2005-12-05 16:07 61136 c:\windows\system32\xinput9_1_0.dll
    + 2009-11-10 13:16 . 2007-04-04 16:53 81768 c:\windows\system32\xinput1_3.dll
    + 2009-11-10 13:15 . 2006-07-28 07:30 62744 c:\windows\system32\xinput1_2.dll
    + 2009-11-10 13:15 . 2006-03-31 10:39 62672 c:\windows\system32\xinput1_1.dll
    + 2009-11-10 13:16 . 2008-03-05 14:00 25608 c:\windows\system32\X3DAudio1_3.dll
    + 2009-11-10 13:16 . 2007-10-22 01:37 17928 c:\windows\system32\X3DAudio1_2.dll
    + 2009-11-10 13:15 . 2007-03-05 10:42 15128 c:\windows\system32\x3daudio1_1.dll
    + 2009-11-10 13:15 . 2006-02-03 06:41 14032 c:\windows\system32\x3daudio1_0.dll
    + 2003-02-21 03:16 . 2003-02-21 03:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
    - 2008-04-14 16:00 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
    + 2008-04-14 16:00 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
    - 2009-02-17 20:11 . 2008-07-08 13:22 17272 c:\windows\system32\spmsg.dll
    + 2009-02-17 20:11 . 2009-05-26 11:43 17272 c:\windows\system32\spmsg.dll
    + 2009-12-03 22:53 . 2006-12-21 13:47 81920 c:\windows\system32\qcpsdk.dll
    + 2006-03-02 12:00 . 2009-11-12 07:59 77810 c:\windows\system32\perfc009.dat
    + 2009-10-23 03:32 . 2009-10-23 03:32 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
    - 2009-03-23 10:30 . 2009-03-23 10:30 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
    - 2009-03-23 10:30 . 2009-03-23 10:30 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
    - 2009-03-23 10:30 . 2009-03-23 10:30 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
    - 2009-03-23 10:30 . 2009-03-23 10:30 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
    + 2009-11-13 14:22 . 2009-11-13 14:22 89101 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
    + 2009-05-30 14:18 . 2009-11-06 05:24 87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    - 2009-04-28 10:23 . 2009-04-28 10:23 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
    + 2009-10-29 05:27 . 2009-10-29 05:27 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
    + 2009-10-29 04:55 . 2009-10-29 04:55 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
    + 2009-12-03 22:53 . 2006-12-24 05:36 73728 c:\windows\system32\a1.dll
    + 2008-03-23 19:03 . 2008-03-23 19:03 46096 c:\windows\Microsoft.NET\Framework\v3.5\tr\MSBuild.resources.exe
    + 2008-03-21 13:56 . 2008-03-21 13:56 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\DeleteTemp.exe
    + 2008-03-23 18:58 . 2008-03-23 18:58 28302 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\baseline.dat
    + 2007-10-15 12:16 . 2007-10-15 12:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\WsatConfig.resources.dll
    + 2007-10-15 12:16 . 2007-10-15 12:16 10240 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\SMSvcHost.resources.dll
    + 2007-10-15 12:16 . 2007-10-15 12:16 24576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ServiceModelReg.resources.dll
    + 2007-10-15 12:16 . 2007-10-15 12:16 36864 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\ComSvcConfig.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Services.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.Mobile.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 16384 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Transactions.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.ServiceProcess.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Security.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Serialization.Formatters.Soap.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Runtime.Remoting.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Messaging.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Management.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.EnterpriseServices.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.DirectoryServices.Protocols.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.data.sqlxml.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Configuration.Install.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\sysglobl.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 86016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\ShFusRes.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 20480 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Regasm.Resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\MSBuild.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.VisualBasic.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.JScript.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Utilities.Resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Engine.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\caspol.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regsql.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 76800 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_rc.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\041F\mscorsecr.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 19968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\alinkui.dll
    + 2004-07-15 00:11 . 2004-07-15 00:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
    + 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
    + 2004-07-15 12:28 . 2004-07-15 12:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
    + 2004-07-14 22:35 . 2004-07-14 22:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
    + 2003-02-21 05:26 . 2003-02-21 05:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
    + 2003-02-21 05:26 . 2003-02-21 05:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\PerfCounter.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsn.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\CORPerfMonExt.dll
    + 2003-02-21 05:25 . 2003-02-21 05:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
    + 2004-07-15 12:28 . 2004-07-15 12:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
    + 2003-02-21 05:25 . 2003-02-21 05:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
    + 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe
    + 2003-02-20 16:43 . 2003-02-20 16:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll
    + 2003-02-20 17:18 . 2003-02-20 17:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
    + 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
    + 2004-07-14 22:33 . 2004-07-14 22:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
    + 2003-02-20 17:06 . 2003-02-20 17:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
    + 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
    + 2004-07-14 22:32 . 2004-07-14 22:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
    + 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
    + 2003-02-21 05:25 . 2003-02-21 05:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe
    + 2003-02-21 05:24 . 2003-02-21 05:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
    + 2003-02-20 17:22 . 2003-02-20 17:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
    + 2004-07-15 12:31 . 2004-07-15 12:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
    + 2003-10-08 12:30 . 2003-10-08 12:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
    + 2003-02-21 02:12 . 2003-02-21 02:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
    + 2003-02-21 05:24 . 2003-02-21 05:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
    + 2004-07-15 09:23 . 2004-07-15 09:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
    + 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
    + 2003-02-21 05:24 . 2003-02-21 05:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
    + 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
    + 2004-07-14 23:49 . 2004-07-14 23:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    + 2004-07-14 23:49 . 2004-07-14 23:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
    + 2003-02-20 17:19 . 2003-02-20 17:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
    + 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
    + 2003-02-21 03:00 . 2003-02-21 03:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
    + 2003-02-21 01:55 . 2003-02-21 01:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
    + 2003-02-21 00:59 . 2003-02-21 00:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
    + 2008-03-23 18:29 . 2008-03-23 18:29 51200 c:\windows\Installer\31afc9.msp
    + 2008-03-23 18:32 . 2008-03-23 18:32 25088 c:\windows\Installer\31afc6.msp
    + 2009-11-23 13:51 . 2009-11-23 13:51 81408 c:\windows\Installer\31afb3.msi
    + 2009-10-31 08:47 . 2009-10-31 08:47 22528 c:\windows\Installer\1db54d.msi
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2009-11-27 12:35 . 2009-11-27 12:35 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ARPPRODUCTICON.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 23040 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 61440 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pubs.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 27136 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 11264 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 86016 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\inficon.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 12288 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2009-11-13 07:41 . 2009-11-13 07:41 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_47ff15a6\System.Drawing.Design.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_906020bd\CustomMarshalers.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 81920 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsBase.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 10240 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 42040 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 81920 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Services.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 16384 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_tr_b77a5c561934e089\System.Transactions.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_tr_31bf3856ad364e35\System.Speech.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 66616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_tr_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Security.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 90112 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_tr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 11264 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_tr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 16384 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_tr_31bf3856ad364e35\System.Printing.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_tr_b03f5f7f11d50a3a\System.Net.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Messaging.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 13312 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Management.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 20480 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_tr_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 10752 c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_tr_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 61440 c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_tr_b77a5c561934e089\System.IdentityModel.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_tr_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_tr_b77a5c561934e089\system.data.sqlxml.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.Linq.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 57344 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_tr_b77a5c561934e089\System.Core.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 16896 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_tr_b03f5f7f11d50a3a\sysglobl.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_tr_31bf3856ad364e35\ReachFramework.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationBuildTasks.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 65536 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
    + 2009-11-05 23:21 . 2009-05-26 11:43 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll
    + 2009-11-05 23:21 . 2009-05-26 11:43 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 6656 c:\windows\system32\mui\041F\mscorees.dll
    + 2003-02-20 16:43 . 2003-02-20 16:43 4096 c:\windows\system32\mui\0409\mscoreer.dll
    + 2009-10-29 05:29 . 2009-10-29 05:29 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
    - 2009-04-28 10:26 . 2009-04-28 10:26 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Drawing.Design.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\JSC.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\InstallUtil.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_regbrowsers.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnet_compiler.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\TR\Microsoft.VisualBasic.Compatibility.Data.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 4608 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\CvtResUI.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll
    + 2003-02-21 05:25 . 2003-02-21 05:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll
    + 2003-02-21 05:25 . 2003-02-21 05:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
    + 2004-07-15 12:31 . 2004-07-15 12:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
    + 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
    + 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
    - 2009-02-17 19:23 . 2009-10-16 09:37 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 4096 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2009-11-23 13:52 . 2009-11-23 13:52 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_tr_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationTypes.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationProvider.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 9216 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_tr_31bf3856ad364e35\UIAutomationClient.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 7680 c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_tr_b77a5c561934e089\System.Xml.Linq.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 5632 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_tr_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_tr_b77a5c561934e089\SMDiagnostics.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 8704 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 5120 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2009-11-10 13:16 . 2008-03-05 14:03 479752 c:\windows\system32\XAudio2_0.dll
    + 2009-11-10 13:16 . 2008-03-05 14:03 238088 c:\windows\system32\xactengine3_0.dll
    + 2009-11-10 13:16 . 2007-07-19 22:57 267112 c:\windows\system32\xactengine2_9.dll
    + 2009-11-10 13:16 . 2007-06-20 18:46 266088 c:\windows\system32\xactengine2_8.dll
    + 2009-11-10 13:16 . 2007-04-04 16:55 261480 c:\windows\system32\xactengine2_7.dll
    + 2009-11-10 13:15 . 2007-01-24 13:27 255848 c:\windows\system32\xactengine2_6.dll
    + 2009-11-10 13:15 . 2006-12-08 10:02 251672 c:\windows\system32\xactengine2_5.dll
    + 2009-11-10 13:15 . 2006-09-28 14:05 237848 c:\windows\system32\xactengine2_4.dll
    + 2009-11-10 13:15 . 2006-07-28 07:30 236824 c:\windows\system32\xactengine2_3.dll
    + 2009-11-10 13:15 . 2006-05-31 05:24 230168 c:\windows\system32\xactengine2_2.dll
    + 2009-11-10 13:16 . 2007-10-22 01:39 267272 c:\windows\system32\xactengine2_10.dll
    + 2009-11-10 13:15 . 2006-03-31 10:39 229584 c:\windows\system32\xactengine2_1.dll
    + 2009-11-10 13:15 . 2006-02-03 06:42 230096 c:\windows\system32\xactengine2_0.dll
    + 2009-12-03 22:53 . 2005-04-15 11:22 303104 c:\windows\system32\qscl.dll
    + 2006-03-02 12:00 . 2009-11-12 07:59 456746 c:\windows\system32\perfh009.dat
    + 2009-12-03 22:53 . 2002-12-02 09:11 290816 c:\windows\system32\NCTWMAFile.dll
    + 2009-12-03 22:53 . 2002-12-02 09:09 282624 c:\windows\system32\NCTAudioVisualization.dll
    + 2009-12-03 22:53 . 2002-12-02 09:08 339968 c:\windows\system32\NCTAudioTransform.dll
    + 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioRecord.dll
    + 2009-12-03 22:53 . 2002-12-02 09:07 274432 c:\windows\system32\NCTAudioPlayer.dll
    + 2009-12-03 22:53 . 2002-12-02 09:05 892928 c:\windows\system32\NCTAudioInformation.dll
    + 2009-12-03 22:53 . 2002-12-02 09:03 327680 c:\windows\system32\NCTAudioGrabber.dll
    + 2009-12-03 22:53 . 2002-09-04 13:17 503808 c:\windows\system32\NCTAudioEditor.dll
    + 2002-01-18 19:56 . 2002-01-18 19:56 217088 c:\windows\system32\mp3enc.dll
    - 2009-03-23 10:30 . 2009-03-23 10:30 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
    - 2009-03-23 10:30 . 2009-03-23 10:30 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
    - 2009-05-13 08:57 . 2009-05-13 08:57 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
    - 2009-03-23 10:30 . 2009-03-23 10:30 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll
    + 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe
    + 2009-12-03 22:53 . 2002-09-06 09:36 233472 c:\windows\system32\lame_enc.dll
    + 2009-11-23 14:01 . 2009-11-23 14:01 149280 c:\windows\system32\javaws.exe
    + 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\javaw.exe
    + 2009-11-23 14:01 . 2009-11-23 14:01 145184 c:\windows\system32\java.exe
    + 2009-02-17 18:40 . 2009-11-11 16:57 185816 c:\windows\system32\FNTCACHE.DAT
    + 2009-11-10 13:16 . 2008-02-05 21:07 462864 c:\windows\system32\d3dx10_37.dll
    + 2009-11-10 13:16 . 2007-10-02 07:56 444776 c:\windows\system32\d3dx10_36.dll
    + 2009-11-10 13:16 . 2007-07-19 16:14 444776 c:\windows\system32\d3dx10_35.dll
    + 2009-11-10 13:16 . 2007-05-16 14:45 443752 c:\windows\system32\d3dx10_34.dll
    + 2009-11-10 13:16 . 2007-03-15 14:57 443752 c:\windows\system32\d3dx10_33.dll
    + 2009-12-03 22:53 . 2007-03-25 18:46 212992 c:\windows\system32\amrdec.dll
    + 2009-12-03 22:53 . 2007-09-14 08:40 336896 c:\windows\system32\ammppg.dll
    + 2009-10-29 04:55 . 2009-10-29 04:55 132472 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
    + 2009-10-29 05:27 . 2009-10-29 05:27 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
    - 2009-04-28 10:24 . 2009-04-28 10:24 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
    + 2009-10-29 05:43 . 2009-10-29 05:43 464312 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1152602.exe
    + 2009-07-31 13:40 . 2009-07-31 13:40 538040 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe
    + 2009-04-29 10:28 . 2009-04-29 10:28 546232 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe
    - 2009-04-28 10:26 . 2009-04-28 10:26 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
    + 2009-10-29 05:29 . 2009-10-29 05:29 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
    + 2009-10-29 05:28 . 2009-10-29 05:28 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
    - 2009-04-28 10:24 . 2009-04-28 10:24 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
    + 2009-10-29 04:55 . 2009-10-29 04:55 713216 c:\windows\system32\Adobe\Shockwave 11\gi.dll
    + 2009-10-29 05:26 . 2009-10-29 05:26 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
    + 2009-10-29 05:44 . 2009-10-29 05:44 210360 c:\windows\system32\Adobe\Director\SwDir.dll
    + 2009-10-29 05:28 . 2009-10-29 05:28 131072 c:\windows\system32\Adobe\Director\np32dsw.dll
    - 2009-04-28 10:25 . 2009-04-28 10:25 131072 c:\windows\system32\Adobe\Director\np32dsw.dll
    + 2008-03-23 19:03 . 2008-03-23 19:03 151552 c:\windows\Microsoft.NET\Framework\v3.5\tr\Microsoft.Build.Tasks.v3.5.resources.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 982008 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapUI.dll
    + 2008-03-23 18:39 . 2008-03-23 18:39 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\WapRes.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 687104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsscenario.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 411136 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vsbasereqs.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 627712 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs70uimgr.dll
    + 2008-03-23 19:08 . 2008-03-23 19:08 432128 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.msi
    + 2008-03-23 18:39 . 2008-03-23 18:39 119808 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setupres.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\setup.exe
    + 2008-03-21 14:59 . 2008-03-21 14:59 183296 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\RebootStub.exe
    + 2008-03-21 13:56 . 2008-03-21 13:56 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\HtmlLite.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 276472 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\dlmgr.dll
    + 2008-03-23 19:03 . 2008-03-23 19:03 237048 c:\windows\Microsoft.NET\Framework\v3.5\1055\vbc7ui.dll
    + 2008-03-23 19:03 . 2008-03-23 19:03 173056 c:\windows\Microsoft.NET\Framework\v3.5\1055\cscompui.dll
    + 2006-10-27 16:02 . 2006-10-27 16:02 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\tr\PresentationUI.resources.dll
    + 2007-10-15 12:16 . 2007-10-15 12:16 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\tr\infocard.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 155648 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.xml.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 417792 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Windows.Forms.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 598016 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Web.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 200704 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\system.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 524288 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Design.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 385024 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Deployment.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 335872 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\System.Data.OracleClient.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 347136 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorrc.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\mscorlib.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 135168 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\Microsoft.Build.Tasks.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\tr\aspnetmmcext.resources.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 211968 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\Vsavb7rtUI.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 185856 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\vbc7ui.dll
    + 2007-10-26 01:18 . 2007-10-26 01:18 139776 c:\windows\Microsoft.NET\Framework\v2.0.50727\1055\cscompui.dll
    + 2004-07-15 09:23 . 2004-07-15 09:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
    + 2004-07-15 12:31 . 2004-07-15 12:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
    + 2004-07-15 12:31 . 2004-07-15 12:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
    + 2004-07-15 12:31 . 2004-07-15 12:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
    + 2004-07-15 12:31 . 2004-07-15 12:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
    + 2004-07-15 12:31 . 2004-07-15 12:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
    + 2004-07-14 22:35 . 2004-07-14 22:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll
    + 2003-02-20 17:09 . 2003-02-20 17:09 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll
    + 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\msvcr71.dll
    + 2003-02-20 17:06 . 2003-02-20 17:06 311296 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorjit.dll
    + 2003-02-20 17:06 . 2003-02-20 17:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\fusion.dll
    + 2003-02-20 17:19 . 2003-02-20 17:19 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\aspnet_isapi.dll
    + 2004-08-10 14:20 . 2004-08-10 14:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
    + 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
    + 2004-07-14 22:33 . 2004-07-14 22:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
    + 2003-02-20 16:43 . 2003-02-20 16:43 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll
    + 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
    + 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
    + 2004-07-14 22:32 . 2004-07-14 22:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
    + 2004-07-15 12:28 . 2004-07-15 12:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
    + 2004-07-14 22:35 . 2004-07-14 22:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
    + 2004-07-14 22:24 . 2004-07-14 22:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
    + 2003-02-20 17:16 . 2003-02-20 17:16 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
    + 2003-02-21 08:21 . 2003-02-21 08:21 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
    + 2004-07-15 09:23 . 2004-07-15 09:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
    + 2002-07-29 09:11 . 2002-07-29 09:11 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
    + 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
    + 2003-02-21 03:04 . 2003-02-21 03:04 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
    + 2003-02-21 01:02 . 2003-02-21 01:02 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
    + 2009-11-10 13:15 . 2006-03-31 09:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2006-02-03 05:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-12-05 15:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-09-28 12:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-07-22 15:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-05-26 13:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-03-18 15:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-02-05 17:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
    + 2009-11-10 13:15 . 2005-03-18 14:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 428032 c:\windows\Installer\31afd2.msi
    + 2008-03-23 18:22 . 2008-03-23 18:22 120320 c:\windows\Installer\31afcc.msp
    + 2008-03-23 18:13 . 2008-03-23 18:13 117760 c:\windows\Installer\31afcb.msp
    + 2008-03-23 18:27 . 2008-03-23 18:27 305664 c:\windows\Installer\31afca.msp
    + 2008-03-23 18:16 . 2008-03-23 18:16 710144 c:\windows\Installer\31afc8.msp
    + 2008-03-23 18:19 . 2008-03-23 18:19 163840 c:\windows\Installer\31afc7.msp
    + 2008-03-23 18:02 . 2008-03-23 18:02 352768 c:\windows\Installer\31afb8.msp
    + 2008-03-23 17:52 . 2008-03-23 17:52 247296 c:\windows\Installer\31afb7.msp
    + 2008-03-23 18:05 . 2008-03-23 18:05 473600 c:\windows\Installer\31afb6.msp
    + 2008-03-23 17:58 . 2008-03-23 17:58 708608 c:\windows\Installer\31afb5.msp
    + 2008-03-23 17:55 . 2008-03-23 17:55 352256 c:\windows\Installer\31afb4.msp
    - 2009-02-17 19:23 . 2009-10-16 09:37 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 409600 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 286720 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 249856 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 794624 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\outicon.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 135168 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\misc.exe
    + 2009-02-17 19:23 . 2009-11-12 08:09 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
    - 2009-02-17 19:23 . 2009-10-16 09:37 593920 c:\windows\Installer\{9011041F-6000-11D3-8CFE-0150048383C9}\accicons.exe
    + 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll
    + 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe
    + 2009-11-27 12:43 . 2007-01-09 06:19 110592 c:\windows\Downloaded Program Files\PURtr-tr.dll
    + 2006-11-20 09:04 . 2006-11-20 09:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll
    + 2009-08-19 09:55 . 2009-08-19 09:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll
    + 2009-11-13 12:55 . 2009-11-13 12:55 160488 c:\windows\Downloaded Program Files\contactx.dll
    + 2009-09-09 00:37 . 2009-10-14 20:32 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll
    - 2009-09-09 00:37 . 2009-09-09 00:37 452488 c:\windows\Downloaded Program Files\CONFLICT.1\wlscBase.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d5b7d18c\System.Drawing.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f35b7d11\System.Drawing.Design.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_79129eb3\CustomMarshalers.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 155648 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_tr_b77a5c561934e089\System.xml.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 111672 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_tr_31bf3856ad364e35\System.WorkflowServices.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 316480 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 189496 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_tr_31bf3856ad364e35\System.Workflow.Activities.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 417792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_tr_b77a5c561934e089\System.Windows.Forms.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 598016 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Web.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 647168 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_tr_31bf3856ad364e35\System.Web.Extensions.Resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 450560 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_tr_b77a5c561934e089\System.ServiceModel.Resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 200704 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_tr_b77a5c561934e089\system.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 524288 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Design.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 385024 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_tr_b03f5f7f11d50a3a\System.Deployment.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 335872 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_tr_b77a5c561934e089\System.Data.OracleClient.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationUI.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 237568 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationFramework.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 106496 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_tr_31bf3856ad364e35\PresentationCore.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 299008 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_tr_b77a5c561934e089\mscorlib.resources.dll
    + 2009-11-23 13:52 . 2009-11-23 13:52 151552 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 135168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_tr_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
    + 2009-11-23 13:51 . 2009-11-23 13:51 315392 c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_tr_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 573440 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 372736 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 303104 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 720896 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
    + 2009-11-05 23:21 . 2009-05-26 11:43 386424 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll
    + 2009-11-05 23:21 . 2009-05-26 11:43 756600 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe
    + 2009-11-05 23:21 . 2009-05-26 11:43 232824 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe
    + 2006-03-02 12:00 . 2009-08-14 15:12 1850624 c:\windows\system32\win32k.sys
    + 2009-08-27 07:25 . 2009-11-05 12:46 5643840 c:\windows\system32\Restore\rstrlog.dat
    + 2009-12-03 22:53 . 2002-12-02 09:02 1703936 c:\windows\system32\NCTAudioFile.dll
    + 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\msxml6.dll
    + 2006-03-02 12:00 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll
    - 2006-03-02 12:00 . 2009-08-29 07:27 3598336 c:\windows\system32\mshtml.dll
    + 2006-03-02 12:00 . 2009-10-21 04:07 3598336 c:\windows\system32\mshtml.dll
    + 2009-10-23 03:32 . 2009-10-23 03:32 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
    - 2009-05-13 08:57 . 2009-05-13 08:57 1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
    + 2009-02-17 19:16 . 2009-08-14 15:12 1850624 c:\windows\system32\dllcache\win32k.sys
    + 2008-04-14 16:00 . 2009-07-31 08:03 1372672 c:\windows\system32\dllcache\msxml6.dll
    + 2009-02-17 17:48 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll
    - 2009-02-17 19:13 . 2009-08-29 07:27 3598336 c:\windows\system32\dllcache\mshtml.dll
    + 2009-02-17 19:13 . 2009-10-21 04:07 3598336 c:\windows\system32\dllcache\mshtml.dll
    + 2009-11-10 13:16 . 2008-03-05 13:56 3786760 c:\windows\system32\D3DX9_37.dll
    + 2009-11-10 13:16 . 2007-10-12 13:14 3734536 c:\windows\system32\d3dx9_36.dll
    + 2009-11-10 13:16 . 2007-07-19 16:14 3727720 c:\windows\system32\d3dx9_35.dll
    + 2009-11-10 13:16 . 2007-05-16 14:45 3497832 c:\windows\system32\d3dx9_34.dll
    + 2009-11-10 13:15 . 2006-09-28 14:05 2414360 c:\windows\system32\d3dx9_31.dll
    + 2009-11-10 13:15 . 2006-03-31 10:40 2388176 c:\windows\system32\d3dx9_30.dll
    + 2009-11-10 13:15 . 2006-02-03 06:43 2332368 c:\windows\system32\d3dx9_29.dll
    + 2009-11-10 13:15 . 2005-12-05 16:09 2323664 c:\windows\system32\d3dx9_28.dll
    + 2009-11-10 13:15 . 2005-07-22 17:59 2319568 c:\windows\system32\d3dx9_27.dll
    + 2009-11-10 13:15 . 2005-05-26 13:34 2297552 c:\windows\system32\d3dx9_26.dll
    + 2009-11-10 13:15 . 2005-03-18 15:19 2337488 c:\windows\system32\d3dx9_25.dll
    + 2009-11-10 13:14 . 2005-02-05 17:45 2222800 c:\windows\system32\d3dx9_24.dll
    + 2009-11-10 13:16 . 2008-03-05 13:56 1420824 c:\windows\system32\D3DCompiler_37.dll
    + 2009-11-10 13:16 . 2007-10-12 13:14 1374232 c:\windows\system32\D3DCompiler_36.dll
    + 2009-11-10 13:16 . 2007-07-19 16:14 1358192 c:\windows\system32\D3DCompiler_35.dll
    + 2009-11-10 13:16 . 2007-05-16 14:45 1124720 c:\windows\system32\D3DCompiler_34.dll
    + 2009-11-10 13:16 . 2007-03-12 14:42 1123696 c:\windows\system32\D3DCompiler_33.dll
    + 2009-10-29 05:01 . 2009-10-29 05:01 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
    - 2009-04-28 10:00 . 2009-04-28 10:00 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
    + 2009-10-29 04:55 . 2009-10-29 04:55 1886320 c:\windows\system32\Adobe\Shockwave 11\gt.exe
    - 2009-04-28 10:04 . 2009-04-28 10:04 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
    + 2009-10-29 05:05 . 2009-10-29 05:05 1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 1045504 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\vs_setup.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 1361920 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\SITSetup.dll
    + 2008-03-21 13:56 . 2008-03-21 13:56 1059328 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - trk\gencomp.dll
    + 2004-07-15 06:15 . 2004-07-15 06:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
    + 2004-07-15 12:29 . 2004-07-15 12:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
    + 2004-07-15 12:32 . 2004-07-15 12:32 2052096 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
    + 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
    + 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
    + 2004-07-15 12:29 . 2004-07-15 12:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
    + 2004-07-15 12:32 . 2004-07-15 12:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
    + 2003-02-20 17:08 . 2003-02-20 17:08 2482176 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorwks.dll
    + 2003-02-20 17:07 . 2003-02-20 17:07 2494464 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorsvr.dll
    + 2003-02-21 05:26 . 2003-02-21 05:26 2088960 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2560\mscorlib.dll
    + 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
    + 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
    + 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
    + 2003-02-21 05:25 . 2003-02-21 05:25 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll
    + 2009-11-10 13:15 . 2004-12-01 13:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2004-09-29 10:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 3443712 c:\windows\Installer\a71901.msi
    + 2009-10-22 10:46 . 2009-10-22 10:46 6821888 c:\windows\Installer\42c83.msp
    + 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\42c6d.msp
    + 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\42c57.msp
    + 2009-11-23 14:00 . 2009-11-23 14:00 1757696 c:\windows\Installer\31b23f.msi
    + 2009-11-23 13:52 . 2009-11-23 13:52 1048064 c:\windows\Installer\31afc5.msi
    + 2009-10-06 16:40 . 2009-10-06 16:40 7681024 c:\windows\Installer\21388a3.msp
    + 2009-10-22 10:28 . 2009-10-22 10:28 5521408 c:\windows\Installer\21388a1.msp
    + 2009-11-27 12:35 . 2009-11-27 12:35 1258496 c:\windows\Installer\1201d61.msi
    + 2009-11-05 23:21 . 2009-08-29 07:27 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll
    + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.4\FP_AX_CAB_INSTALLER.exe
    + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.3\FP_AX_CAB_INSTALLER.exe
    + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.2\FP_AX_CAB_INSTALLER.exe
    + 2009-11-13 07:41 . 2009-11-13 07:41 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_cea8607c\System.dll
    + 2009-11-13 00:42 . 2009-11-13 00:42 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_37973a7b\System.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_84335e91\System.Xml.dll
    + 2009-11-13 07:42 . 2009-11-13 07:42 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_52c18cdd\System.Xml.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_febac606\System.Windows.Forms.dll
    + 2009-11-13 07:42 . 2009-11-13 07:42 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6d823986\System.Windows.Forms.dll
    + 2009-11-13 07:42 . 2009-11-13 07:42 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7fe6b7fa\System.Drawing.dll
    + 2009-11-13 07:42 . 2009-11-13 07:42 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c86e3259\System.Design.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4957ea81\System.Design.dll
    + 2009-11-13 07:41 . 2009-11-13 07:41 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_759347a8\mscorlib.dll
    + 2009-11-13 07:42 . 2009-11-13 07:42 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4110eb1c\mscorlib.dll
    + 2009-11-13 00:42 . 2009-11-13 00:42 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
    + 2009-11-13 00:42 . 2009-11-13 00:42 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
    + 2009-11-12 08:00 . 2009-11-12 08:00 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
    + 2009-11-10 13:25 . 2009-11-10 13:25 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-11-10 13:15 . 2009-11-10 13:15 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-10-21 04:05 . 2009-10-21 04:05 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
    + 2009-02-17 20:21 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
    + 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
    + 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\638a31.msp
    + 2009-11-12 00:50 . 2009-11-12 00:50 19210240 c:\windows\Installer\4e641d.msp
    + 2009-11-12 07:56 . 2009-11-12 07:56 19210240 c:\windows\Installer\42c43.msp
    + 2009-11-23 13:56 . 2009-11-23 13:56 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
    - 2009-10-16 09:45 . 2009-10-16 09:45 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "Google Update"="c:\documents and settings\savaş\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-21 206832]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408]
    "minihava"="c:\program files\Shenturk\Mini Hava\minihava.exe" [2009-09-16 399360]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1768960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2004-10-11 659456]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-06 1920512]
    "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 393216]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-14 413696]
    "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-16 122368]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1590608]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-23 227104]
    "VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 229376]
    "VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-11-01 233472]
    "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 753664]

    c:\documents and settings\savaŸ\Start Menu\Programlar\BaŸlang‡\
    LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 585728]

    c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
    AirTies ADSL Hizmet Program.lnk - c:\program files\AirTies\ADSL Hizmet Program\AirTies_util3.exe [2009-6-8 2452992]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
    "DisableTaskMgr"= 1 (0x1)
    "DisableRegistryTools"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "AntiVirusOverride"=dword:00000001
    "AntiVirusDisableNotify"=dword:00000001
    "FirewallDisableNotify"=dword:00000001
    "FirewallOverride"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "UacDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
    "c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
    "c:\\WINDOWS\\system32\\VTTimer.exe"=
    "c:\\Program Files\\VIA\\RAID\\raid_tool.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
    "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
    "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
    "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
    "c:\\WINDOWS\\system32\\VTtrayp.exe"=
    "c:\\WINDOWS\\system32\\ntvdm.exe"=
    "c:\\WINDOWS\\system32\\wuauclt.exe"=
    "c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=
    "c:\\WINDOWS\\SOUNDMAN.EXE"=
    "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
    "c:\\Program Files\\Google\\Picasa3\\Picasa3.exe"=
    "c:\\Program Files\\AirTies\\ADSL Hizmet Programı\\AirTies_util3.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\jucheck.exe"=
    "c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
    "c:\\Program Files\\Shenturk\\Mini Hava\\minihava.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\jqs.exe"=
    "c:\\Documents and Settings\\savaş\\Local Settings\\Application Data\\Google\\Update\\1.2.183.7\\GoogleCrashHandler.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
    "c:\\Program Files\\Google\\Update\\1.2.183.13\\GoogleCrashHandler.exe"=
    "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
    "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
    "c:\\Documents and Settings\\savas¸\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17.02.2009 23:10 55152]
    R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nlpjtn.sys --> c:\windows\system32\drivers\nlpjtn.sys [?]
    S2 gupdate1c9a08f6ed5a052;Google Güncelleme Hizmeti (gupdate1c9a08f6ed5a052);c:\program files\Google\Update\GoogleUpdate.exe [09.03.2009 10:16 309232]
    S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
    S3 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [28.05.2009 15:41 254512]
    S3 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [28.05.2009 15:41 362544]
    S3 fsssvc;Windows Live Aile Koruması;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 533360]
    S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [02.03.2006 14:00 14336]
    S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [28.05.2009 15:41 274808]
    S3 PAC7302;PC VGA Camer@ Plus;c:\windows\system32\drivers\PAC7302.SYS [10.09.2007 08:50 457984]
    S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [28.05.2009 15:41 309296]

    --- Other Services/Drivers In Memory ---

    *Deregistered* - mbr

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{680d34aa-4d47-11de-84ed-001617c51a41}]
    \sHeLl\AutOpLaY\cOMmand - I:\btqujj.pif
    \sHeLl\AutoRun\command - I:\btqujj.pif
    \sHeLl\expLore\ComMaNd - I:\btqujj.pif
    \sHeLl\oPEn\comMand - I:\btqujj.pif

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad6f7405-fd14-11dd-830f-001617c51a41}]
    \shElL\AUtopLAy\CoMmaNd - I:\qlvnbu.cmd
    \shElL\AutoRun\command - I:\qlvnbu.cmd
    \shElL\eXplORe\COmmAnd - I:\qlvnbu.cmd
    \shElL\opEN\CoMMAnD - I:\qlvnbu.cmd
    .
    Contents of the 'Scheduled Tasks' folder

    2009-12-07 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-17 10:47]

    2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]

    2009-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 08:16]

    2009-11-29 c:\windows\Tasks\User_Feed_Synchronization-{BE3A2D03-C47A-4D18-B84E-A24C4BA9D84D}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 16:36]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
    Rootkit scan 2009-12-07 09:42
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-796845957-1004336348-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'explorer.exe'(444)
    c:\windows\system32\WININET.dll
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Completion time: 2009-12-07 9:46
    ComboFix-quarantined-files.txt 2009-12-07 07:46
    ComboFix2.txt 2009-10-28 22:40
    ComboFix3.txt 2009-10-25 12:11

    Pre-Run: 49.990.991.872 bayt boş
    Post-Run: 50.216.026.112 bayt boş

    - - End Of File - - 44445DFF0469C0F5C5E430D2896491C8
  • Benim sorun PC nin 5 katı kadar artık geç açılması.....Hazırda beklemeye alması kapanmasından daha uzun sürüyor.....


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:59:29, on 08.12.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\taskswitch.exe
    C:\Program Files\AvaFind\AvaFind.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    E:\Yedek D\Prog\serhan program dvd\anti virüs\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [AvaFind] "C:\Program Files\AvaFind\AvaFind.exe" /minimized
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
    O4 - S-1-5-18 Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - Startup: AutorunsDisabled
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247544337328
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247544298750
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
    O17 - HKLM\System\CS1\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
    O17 - HKLM\System\CS2\Services\Tcpip\..\{8F9AD8AB-03ED-4346-AA16-105DBA5B8117}: NameServer = 4.2.2.1,4.2.2.5
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

    --
    End of file - 4855 bytes
  • yukarıdaki combo fixten sonraki Malwarebytes raporu (antivirüs yükleniyor ama çalıştırmıyor ve sürekli msnden ve internet bağlantılarından atıyor görev yöneticisi combofixten sonra açıyor ama çok kısa bi süre sonra tekrar devre dışı oluyor


    Malwarebytes' Anti-Malware 1.42  
    Veritabanı sürümü: 3289
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    07.12.2009 10:46:26
    mbam-log-2009-12-07 (10-46-26).txt

    Tarama biçimi: Gelişmiş Tarama (C:\|)
    Taranan öğeler: 151080
    Geçen süre: 39 minute(s), 49 second(s)

    Etkilenmiş Hafıza İşlemleri: 1
    Etkilenmiş Hafıza Modülleri: 0
    Etkilenmiş Kayıt Anahtarları: 1
    Etkilenmiş Kayıt Değerleri: 0
    Etkilenmiş Kayıt Verisi Öğeleri: 3
    Etkilenmiş Klasörler: 0
    Etkilenmiş Dosyalar: 1

    Etkilenmiş Hafıza İşlemleri:
    C:\WINDOWS\temp\wingxwtks.exe (Worm.Spambot) -> Unloaded process successfully.

    Etkilenmiş Hafıza Modülleri:
    (Herhangi bir tehlikeli öğe bulunmadı)

    Etkilenmiş Kayıt Anahtarları:
    HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.

    Etkilenmiş Kayıt Değerleri:
    (Herhangi bir tehlikeli öğe bulunmadı)

    Etkilenmiş Kayıt Verisi Öğeleri:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Etkilenmiş Klasörler:
    (Herhangi bir tehlikeli öğe bulunmadı)

    Etkilenmiş Dosyalar:
    C:\WINDOWS\temp\wingxwtks.exe (Worm.Spambot) -> Quarantined and deleted successfully.
  • bunu türklermi yapdı
  • Logfile of Trend Micro HijackThis v2.0.2 
    Scan saved at 10:54:37, on 09.12.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\USB Disk Security\USBGuard.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    C:\AKINSOFT\CafePlusFilter1\cafeplusfilter.exe
    C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe
    C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\VM303_STI.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\AKINSOFT\CafePlusFilter1\cafeplusfilterinject.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\AKINSOFT\CafePlus9\Server\CafePlus.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Yusuf\Belgelerim\Downloads\Programs\HiJackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    O4 - HKLM\..\Run: [AKINSOFT CafeFilter] C:\AKINSOFT\CafePlusFilter1\cafeplusfilter.exe
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\190.62\english\PhysX_9.09.0814_SystemSoftware.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 8AA5A0.lnk = C:\WINDOWS\system32\9FC1E3\8AA5A0.EXE
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{72049E20-219F-4E95-8C76-594FEDAC64D8}: NameServer = 208.67.222.222,208.67.220.220
    O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: CafePlusFilterServiceMain - Unknown owner - C:\AKINSOFT\CafePlusFilter1\cafeplusfilterinject.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
    O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 10022 bytes




    Log raporu yukarıdaki gibi yaşadığım sıkıntı ise resimdeki gibi..
    Resimdeki hatayı verince NOd 32 bişey siliyor fakat sözde siliyor Bi kaç haftadır böyle.

    Teşekkür ederim.

  • Serji usta rica etsem bi kontrol eder misin son günlerde kendiliğinden donmalar oluyor pc'de .. teşekkürler şimdiden..

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:06:43, on 09.12.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\ups.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\AYHAN\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - (no file)
    O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
    O2 - BHO: CDNSCacheObj Object - {376892AE-1825-4E5F-9F85-23F9640051CC} - C:\WINDOWS\XviDplg.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: URL ko&ntrolü - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) -http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) -https://www.isbank.com.tr/Internet/lib/JaguarEdit4ISBv27.CAB
    O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} -http://165.91.110.101:2010/activex/AMC.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EB244DC6-1E2A-4CCF-87DA-245BAF55C1C5}: NameServer = 4.2.2.5,4.2.2.1
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

    --
    End of file - 7425 bytes
  • böyle güzel bir konu için öncelikle teşekkür ederim gerçekten çok emek gerektiren bir durum.

    gelelim sorunuma imzamdaki bilgisayarım açılış ve kapanışta acayip yavaşladı.özellikle kapatmaya çalısırken uzun süre beklemek durumunda kalıyorumorjinal kis 2010 ile virüs taraması disk temizleme ve disk birleştirme yapmış olmama rağmen bu sorun devam ediyor.bu konuda yardımcı olursanız çok sevinirim

    hijack raporum:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:20:43, on 09.12.2009
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\Desktop\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\PeeRLeSS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211
    O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/212
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
    O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O13 - Gopher Prefix:
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7FF7EF29-8C34-46CB-8B0D-868DCF22917B}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 8740 bytes
  • böyle güzel bir konu için öncelikle teşekkür ederim gerçekten çok emek gerektiren bir durum.

    gelelim sorunuma imzamdaki bilgisayarım açılış ve kapanışta acayip yavaşladı.özellikle kapatmaya çalısırken uzun süre beklemek durumunda kalıyorumorjinal kis 2010 ile virüs taraması disk temizleme ve disk birleştirme yapmış olmama rağmen bu sorun devam ediyor.bu konuda yardımcı olursanız çok sevinirim

    hijack raporum:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:20:43, on 09.12.2009
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\PeeRLeSS\Desktop\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\PeeRLeSS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211
    O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/212
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
    O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\FLV Player\MDIEEx.dll/211 (file missing)
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O13 - Gopher Prefix:
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7FF7EF29-8C34-46CB-8B0D-868DCF22917B}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{408A1C6C-8758-4B74-9800-08CE3B73E938}: NameServer = 4.2.2.2,4.2.2.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 8740 bytes
  • ya benim de bir sorunum var iki günden beri deli edecek.nod32 i kuruyorum son anda sorun çıkarıyor tam bitmiyor şöyle bir uyarı veriyor 'Eset Service'(ekrn) hizmeti başlarken hata oluştu.Sistem hizmetlerini başlatmak için yeterli ayrıcalığınızın olduğunu doğrulayın. nod32 eski versiyondur diye kaçtane virüs programı varsa hepsini yükledim ayrı ayrı ama hiçbiri çalışmadı hep hata veriyor ve en sonunda combofix ile tarattım şöyle bir not defterinde detaylar çıktı.ne anlama geliyor ve düzeltilmesi için ne yapmam gerekiyor.ve tabi bunların hepsinden önce format attım bunları yaptım.


    ComboFix 09-12-08.07 - ORCAALABAND 09.12.2009 17:20:39.1.1 - x86
    Microsoft Windows XP Professional 5.1.2600.2.1254.90.1055.18.480.231 [GMT 2:00]
    Running from: c:\combofix\ComboFix.exe
    Command switches used :: ComboFix
    AV: 3.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\Internet Explorer\rasadhlp.dll
    c:\windows\Help\kfdtk.chm
    c:\windows\system32\ieuinit.inf
    c:\windows\system32\msssc.dll
    c:\windows\system32\scrrntr.dll
    D:\1di1w.exe
    D:\nds0q.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ASC3360PR
    -------\Service_asc3360pr


    ((((((((((((((((((((((((( Files Created from 2009-11-09 to 2009-12-09 )))))))))))))))))))))))))))))))
    .

    2009-12-08 19:49 . 2009-12-08 20:32 -------- d-----w- c:\program files\Kaspersky Lab
    2009-12-08 19:23 . 2009-12-08 19:22 512096 ----a-w- c:\windows\system32\drivers\amon.sys
    2009-12-08 19:23 . 2009-12-08 19:22 298104 ----a-w- c:\windows\system32\imon.dll
    2009-12-08 19:23 . 2009-12-08 19:22 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
    2009-12-08 19:22 . 2009-12-08 20:42 -------- d-----w- c:\program files\ESET
    2009-12-08 16:48 . 2009-12-08 16:48 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\Nokia Multimedia Player
    2009-12-08 14:24 . 2009-12-08 14:24 -------- d-----w- c:\documents and settings\ORCAALABAND\Local Settings\Application Data\Adobe
    2009-12-08 11:50 . 2009-12-08 11:50 42560 ----a-w- c:\documents and settings\ORCAALABAND\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-12-08 11:19 . 2009-12-08 11:19 -------- d-s---w- c:\documents and settings\ORCAALABAND\UserData
    2009-12-08 11:06 . 2009-12-08 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
    2009-12-08 11:01 . 2009-12-08 11:01 15240 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
    2009-12-08 10:51 . 2009-12-08 10:53 -------- d-----w- c:\program files\MSN Messenger
    2009-12-08 10:49 . 2009-12-08 10:50 -------- d-----w- c:\documents and settings\ORCAALABAND\Contacts
    2009-12-08 10:49 . 2009-12-08 10:49 -------- dc----w- c:\windows\system32\DRVSTORE
    2009-12-08 10:35 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
    2009-12-08 10:32 . 2009-12-08 10:32 -------- d-----w- c:\program files\MobiMB Mobile Media Browser
    2009-12-08 10:29 . 2009-12-08 10:29 181680 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
    2009-12-08 10:29 . 2009-12-09 15:25 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\DMCache
    2009-12-08 10:29 . 2009-12-08 14:45 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\IDM
    2009-12-08 10:29 . 2009-12-08 14:49 -------- d-----w- c:\program files\Internet Download Manager
    2009-12-08 10:25 . 2005-07-02 14:33 520192 ----a-w- c:\windows\system32\AVmmfecd.exe
    2009-12-08 10:25 . 2004-06-02 12:23 380928 ----a-w- c:\windows\system32\AVawbdcd.exe
    2009-12-08 10:25 . 2004-06-02 12:18 438272 ----a-w- c:\windows\system32\AVawbecd.exe
    2009-12-08 10:25 . 2004-01-08 09:38 208896 ----a-w- c:\windows\system32\lame_enc.dll
    2009-12-08 10:25 . 2002-01-09 09:52 266240 ----a-w- c:\windows\system32\AVamrecd.exe
    2009-12-08 10:25 . 2009-12-08 10:27 -------- d-----w- c:\program files\MRConverter
    2009-12-08 10:23 . 2009-12-08 10:24 -------- d-----w- c:\program files\Common Files\Adobe
    2009-12-08 10:21 . 2009-12-08 10:21 -------- d-----w- c:\program files\ImTOO
    2009-12-08 10:17 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
    2009-12-08 10:17 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
    2009-12-08 10:16 . 2009-12-08 10:16 -------- d-----w- c:\program files\Microsoft.NET
    2009-12-08 10:15 . 2009-12-08 10:16 -------- d-----w- c:\windows\SHELLNEW
    2009-12-08 10:10 . 2009-12-08 10:10 -------- d-----r- C:\MSOCache
    2009-12-08 10:07 . 2009-12-08 10:07 -------- d-----w- c:\documents and settings\ORCAALABAND\Bluetooth Software
    2009-12-08 10:05 . 2004-08-03 22:37 274176 -c--a-w- c:\windows\system32\dllcache\bthport.sys
    2009-12-08 10:05 . 2004-08-03 22:37 274176 ----a-w- c:\windows\system32\drivers\bthport.sys
    2009-12-08 10:05 . 2004-08-03 21:10 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
    2009-12-08 10:05 . 2004-08-03 21:10 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-09 14:17 . 2009-12-08 08:30 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-12-09 12:20 . 2009-12-08 10:36 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\Winamp
    2009-12-08 10:38 . 2009-12-08 10:36 -------- d-----w- c:\program files\Winamp
    2009-12-08 10:35 . 2009-12-08 09:52 -------- d-----w- c:\program files\TuneUp Utilities 2007
    2009-12-08 10:32 . 2009-12-08 09:34 -------- d-----w- c:\program files\Common Files\LogoManager
    2009-12-08 10:07 . 2001-11-22 12:00 45966 ----a-w- c:\windows\system32\perfc01F.dat
    2009-12-08 10:07 . 2001-11-22 12:00 300636 ----a-w- c:\windows\system32\perfh01F.dat
    2009-12-08 10:06 . 2009-12-08 10:06 -------- d-----w- c:\program files\WIDCOMM
    2009-12-08 09:58 . 2009-12-08 09:58 -------- d-----w- c:\program files\Ahead
    2009-12-08 09:58 . 2009-12-08 09:58 -------- d-----w- c:\program files\Common Files\Ahead
    2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\documents and settings\ORCAALABAND\Application Data\TuneUp Software
    2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
    2009-12-08 09:52 . 2009-12-08 09:52 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2009-12-08 09:40 . 2009-12-08 09:40 -------- d-----w- c:\program files\Total Video Converter
    2009-12-08 09:30 . 2009-12-08 09:30 -------- d-----w- c:\program files\Photodex Presenter
    2009-12-08 09:30 . 2009-12-08 09:30 122880 ----a-w- c:\documents and settings\ORCAALABAND\Application Data\Mozilla\Plugins\npPxPlay.dll
    2009-12-08 09:30 . 2009-12-08 09:30 -------- d-----w- c:\program files\Photodex
    2009-12-08 09:24 . 2009-12-08 08:51 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-08 09:24 . 2009-12-08 09:23 -------- d-----w- c:\program files\Nokia
    2009-12-08 09:23 . 2009-12-08 09:23 -------- d-----w- c:\program files\Common Files\PCSuite
    2009-12-08 09:23 . 2009-12-08 09:23 -------- d-----w- c:\program files\Common Files\Nokia
    2009-12-08 09:22 . 2009-12-08 08:51 -------- d-----w- c:\program files\Common Files\InstallShield
    2009-12-08 09:19 . 2009-12-08 09:15 -------- d-----w- c:\program files\WebEye
    2009-12-08 09:09 . 2009-12-08 09:09 -------- d-----w- c:\program files\SiSLan
    2009-12-08 09:06 . 2009-12-08 09:06 -------- d-----w- c:\program files\Analog Devices
    2009-12-08 08:52 . 2009-12-08 08:51 -------- d-----w- c:\program files\SiS VGA Utilities V3.57a
    2009-12-08 08:31 . 2009-12-08 08:31 -------- d-----w- c:\program files\microsoft frontpage
    2009-12-08 08:27 . 2009-12-08 08:27 21736 ----a-w- c:\windows\system32\emptyregdb.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-12-08 2741680]
    "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2006-01-24 7163904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2004-02-27 241664]
    "SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 180224]
    "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 229376]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 110592]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 109424]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 1009016]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 107520]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

    c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-10-1 565309]
    Utility Tray.lnk - c:\windows\system32\sistray.exe [2009-12-8 352256]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "d:\\VİRÜS PROGRAMI BİLGİSAYARDA\\HACI VERDİ\\WINRAR\\WinRAR[1].v3.71.1.0\\setup.exe"=
    "c:\\WINDOWS\\system32\\keyhook.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\WINDOWS\\system32\\NeroCheck.exe"=
    "c:\\PROGRA~1\\COMMON~1\\PCSuite\\DATALA~1\\DATALA~1.EXE"=
    "c:\\Program Files\\Photodex\\ProShowGold\\ScsiAccess.exe"=
    "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
    "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe"=
    "c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"=
    "c:\\WINDOWS\\system32\\dumprep.exe"=
    "c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=

    R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [08.12.2009 21:23 15424]
    S2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]

    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - ASC3360PR

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com.tr/
    IE: Bütün linkleri IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm
    IE: FLV video içeriğini IDM ile indir - c:\program files\Internet Download Manager\IEGetVL.htm
    IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm
    IE: Microsoft Excel'e Gö&nder - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    LSP: c:\windows\system32\imon.dll
    .
    - - - - ORPHANS REMOVED - - - -

    MSConfigStartUp-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
    MSConfigStartUp-nod32kui - c:\program files\Eset\nod32kui.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
    Rootkit scan 2009-12-09 17:25
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'lsass.exe'(572)
    c:\windows\system32\imon.dll

    - - - - - - - > 'explorer.exe'(1576)
    c:\program files\Internet Download Manager\idmmkb.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\program files\Photodex\ProShowGold\ScsiAccess.exe
    c:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
    c:\windows\system32\rundll32.exe
    c:\program files\Analog Devices\SoundMAX\SMAgent.exe
    c:\windows\system32\wdfmgr.exe
    c:\windows\system32\wscntfy.exe
    c:\program files\Internet Download Manager\IEMonitor.exe
    .
    **************************************************************************
    .
    Completion time: 2009-12-09 17:28:10 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-12-09 15:28

    Pre-Run: 15.784.017.920 bayt boş
    Post-Run: 15.774.797.824 bayt boş

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=BIEH3B /Kernel=TUKernel.exe
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=BIEH3B-BAK

    - - End Of File - - 7D0A3F558EED812ED537F63ED790D6CD
  • quote:

    Orijinalden alıntı: furi544

    Combofix raporum ...

    The Avenger adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/avenger.exe

    1. Aşağıda renkli yazılmış olan yazıların tamamını seçip CTRL+C basın ve kopyalayın.

    Drivers to disable: 
    tcpsr

    Drivers to delete:
    tcpsr


    2. Program ikonunun üzerine çift tıklayarak programı çalıştırın.

    * Load Script altında Paste from Clipboard seçin.
    * Execute butonuna basın.
    * Program soru sorarsa Evet tıklayın.

    3. Bilgisayarınız yeniden başlayacak. (2 kez yeniden başlayabilir) Daha sonra bir takım işlemler yapılacaktır.
    4. Tarama işlemi bittikten sonra C:\avenger.txt olarak bir log dosyası yaratılacaktır. (Yedekleriniz C:\avenger\backup.zip dizininde olacaktır.)
    5. C:\avenger.txt dosyasını mesajınıza ekleyerek bize gönderin.

    Malwarebytes Antimalware adlı programı indirin.

    http://www.buraksonmez.com/dosyalar/mbam-setup.exe

    * Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
    * Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
    * Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
    * Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
    * Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
    * Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
    * Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
    * Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
    * Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

    NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.
  • quote:

    Orijinalden alıntı: kilic.zafer

    işletim sistemim vista ultimate. windows defender birden uyarı verdi "C:\Windows\system32\CSUNINST.EXE Bu program istenmeyen bir davranış sergiliyor olabilir. " ne yapmam gerek tarama işlemi sonuçları aşağıda. yardımcı olabilirseniz çok sevinirim. pc hızında yavaşlamada oluyor.

    * HijackThis adlı programı açın.
    * Do a system scan only seçeneğine tıklayın.
    * Aşağıdaki satırları işaretleyin.

     
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Sobee.ICFLauncherIE.Launcher - {95a0101d-f8f8-4063-9545-0edd223b7819} - mscoree.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


    * CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.



    < Bu mesaj bu kişi tarafından değiştirildi serji -- 10 Aralık 2009; 20:23:13 >
  • quote:

    Orijinalden alıntı: mehmet35h

    benim de surekli internetim donuyor usb modem ve ethernet modemle denedim bu surekli oluyor ikisnde ne yapmalıyım

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.vestel.com.tr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.vestel.com.tr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [VMSnap3] C:\Windows\VMSnap3.EXE
    O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.EXE
    O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
  • quote:

    Orijinalden alıntı: sae1230

    mrb benim anasayfam benim haberim olmadan direkara.com olarak değişmiş doğal olarak bende ne yaptııysam bu anasayfayı google olarak değiştiremedim bana bir yardım edin ltf ,

    * HijackThis adlı programı açın.
    * Do a system scan only seçeneğine tıklayın.
    * Aşağıdaki satırları işaretleyin.

     
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.direkara.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [lsas] "C:\Program Files\Common Files\sysapp\lsas.exe"
    O4 - HKCU\..\Run: [sorfum] "C:\Documents and Settings\Bilgisayarım\Local Settings\Application Data\sysapp\sorfum.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll


    * CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


    quote:

    Orijinalden alıntı: 1881-193∞

    Çok teşekkürler
    İşime yaradı vallahi

    Rica ederim.



    < Bu mesaj bu kişi tarafından değiştirildi serji -- 10 Aralık 2009; 20:22:53 >
  • quote:

    Orijinalden alıntı: bozcaadalı

    Ne yapmam gerek yardımcı olursanız sevinirim teşekkürler.

    Malwarebytes Antimalware adlı programı indirin.

    http://www.buraksonmez.com/dosyalar/mbam-setup.exe

    * Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
    * Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
    * Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
    * Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
    * Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
    * Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
    * Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
    * Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
    * Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

    NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.


    quote:

    Orijinalden alıntı: djinn_inc

    Tekrar istemiş olduğunuz combofix logunu aşağıya ekledim.

    Malwarebytes Antimalware adlı programı indirin.

    http://www.buraksonmez.com/dosyalar/mbam-setup.exe

    * Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
    * Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
    * Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
    * Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
    * Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
    * Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
    * Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
    * Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
    * Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.

    NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.
  • quote:

    Orijinalden alıntı: tcebeci

    Combofix+Mbam 3-4 zararlı bulup sildi. Son Combofix loguna bakarsan sevinirim.

    bir sey gozume carpmadi. Bir de antivirusle taratmak iyi olacaktir.


    quote:

    Orijinalden alıntı: tuncerdyr21

    Birkaç gündür pc ufak uygulamalarda bile donabiliyo Yardımcı olursanız sevinirim

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
  • quote:

    Orijinalden alıntı: - c1gerSuZ -

    Öncelikle konu çok faydalı çünkü buradaki bazı sorunları kendi başına çözmeye çalışanların başı çok ağrıyor , emeğine sağlık.

    Sorunum son 2 haftadır internette ve bilgisayarda acayip yavaşlama oldu..Facebookda bazı videolarım beyaz görünüyo ama oynat diyince sorun yok normal oynatıyor..Bazı forumlarda yazılar ekranın sağına kayıyor ve ufak grafiklerdede hatalar oluyor göstermiyor..Sebebini anlayamadım bir türlü.Google chrome kullanıyordum sorunsuz şimdi sürekli shock wawe çöktü diyor kapatıyor hatalar oluşuyor ..Firefoxdada var benzeri hatalar yani tarayıcıdan değil..İnternet te download hızım 900 lere ulaşırken bunların sebebi nedir çözemedim..Bazı videolarda başta takılıyor biraz aslında video hemen doluyor ama oynatırken tıkanabiliyor.AVG ile tarattım bi kaç ufak şey buldu temizledim.Bilgisiyarı temizde kullanıyorum ama işte.Her neyse bi bakarsan;

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
  • quote:

    Orijinalden alıntı: PHI

    Arkadaşlar bu logları "code" tagının içinde verseniz daha iyi olmaz mı? Bu şekilde sayfalar aşırı uzuyor.

    Code için örnek
    Böylelikle hem sayfa bşuna uzamıyor hem daha iyi görünüyor.

    PHI Antivirus programi ile taratir misin simdi? Combofix'te bir problem goremedim. MBAM temizlemis birazini zaten.


    quote:

    Orijinalden alıntı: jackosman

    @PHI ; Kesinlikle katılıyorum.

    @serji ; Bu arkadaşımın logu; msnden virüs yemiş herkese fotoyla ilgili link gönderiyor...Loglara bakarsan sevinirim.Ayrıca yavaşlık ta söz konusu...

    Logları vermeden önce güncel Eset Smart Security 4 ile tarattım 6 adet zararlı dosya buldu ve temizledi...

    HiJack This logu
    Zahmet veriyoruz sana ama.... Bir gözatarsan iyi olur.Kolay gelsin,iyi çalışmalar.

    Tamamdir bunlar disinda hic bir sorun gozukmuyor. Hala sorun devam ediyor mu?

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  • quote:

    Orijinalden alıntı: ArchEnemy
    Tek sorunum Windows Live Messenger 2009da bazen benim iletilerim gitmiyor bazende başkalarının iletisi gelmiyor.. Düşündüğüm şey internetin çok kısa bir süreliğine kopması veya sinyal zayıflaması ama tam olarak çözemedim yardıma ihtiyacım var..

    Sorun internetten kaynaklaniyor olabilir. Cunku burada ona sebep olacak bir sey goremedim.

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe



    quote:

    Orijinalden alıntı: spawn_19

    İyi geceler benim laptopta internet explorer normalden geç açılıyor ve internette acaip yavaşlamalar oluyor,başka bir bilgisayar örneğin facebooku benimkiden baya hızlı açıyor,aşağıya logu gönderdim,yardımcı olursanız çok minnetar kalırım.

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  • Orijinalden alıntı: jackosman

    Cevabı yazarken , yukarıda taglar var ." Code " butonuna basın
    [/quote] arasına logları yapıştırın . Bu kadar basit  
    [/quote]

    [quote]Orijinalden alıntı: PHI
    Yukarıdaki örnek mesajlardan birini alıntı yaparak da görebilirsiniz.
    jackosman'ın anlattığı şekilde düzenlerseniz çok iyi olur.
    [/quote]
    Teşekkürler. Fazla vaktim olmadığı için bu aralar foruma giremiyorum ama bu şekilde yapılırsa daha düzenli olur.


    [quote]Orijinalden alıntı: maketm

    arkadaslar benim pc deki sorun
    bilgisayar her açilip kapatildiginda internet explorer ve bilgisayarin geçmisi otomatik olarak silinmesi
    ve bilgisayarda programlarda çalisirken belirgin bir yavaslama ( programin içinde veya masa üstünde fare bosta dururken fare imlecinin yanina kum saatli imleci bir kaç saniyeligine gelip gidiyor )
    [/quote]
    * HijackThis adlı programı açın.
    * Do a system scan only seçeneğine tıklayın.
    * Aşağıdaki satırları işaretleyin.

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.hp.com 
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Bagi Yardimi - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [XP-D41D8CD9] C:\WINDOWS\SysWow64\XP-D41D8CD9.EXE
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-D41D8CD9.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


    * CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. (Yalnızca kullanıcı adınızın karşısındaki işlemleri sonlandırın. Local Service, network, system olanlara dokunmayın). HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
  • 
Sayfa: önceki 452453454455456
Sayfaya Git
Git
sonraki
- x
Bildirim
mesajınız kopyalandı (ctrl+v) yapıştırmak istediğiniz yere yapıştırabilirsiniz.