Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infection?


  • This topic is locked This topic is locked
28 replies to this topic

#1 g.k.

g.k.

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 02 June 2012 - 02:13 PM

Hi,

I have a Windows XP PC. I run AVG free as my anti-virus. The computer is pretty slow, even when I'm using eBooster to speed it up, but it's pretty old (512 MB RAM, 66 GB hard disk space total, only 8 gb free space remaining...) so I don't think that indicates a serious problem.

I have been, however, experiencing some suspicious things:

1- My Documents has become read-only. I can access it thru "run" or by opening it from My Computer -> Other Places, but not by double clicking on it. I can't uncheck the "read-only" option, it reverts back even when I unchoose it.

2- AVG keeps finding tracking cookies, which I manually delete. I have cleaned my cookies folder completely several times, but the tracking cookies keep coming back. They are mostly named "atdmt" and "atdmt.combing".

AVG finds nothing when I scan the PC, but I don't think this is normal behaviour. What shall I do?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 02 June 2012 - 09:12 PM

Hello; well 8 gb free space remaining is less than 15% of the HDD,which will cause slowness.

1- My Documents ..Have tiy tried a System Restore to a date prior to this ?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 07:40 AM

Before posting this topic, I had started an AVG scan. The scan detected and removed some infections. It hadn't been detecting anything in its routine scans. Here's the result of the AVG scan (it's in Turkish, so I can translate it if you want):

Tarama "Tüm bilgisayarı tara" bitti.
Bulaşmalar;"5";"2";"3"
Casus yazılım;"2";"2";"0"
Uyarılar;"12";"12";"0"
Bilgi;"6"
Tarama için seçilen klasörler:;"Tüm bilgisayarı tara"
Tarama başlatıldı:;"02 Haziran 2012 Cumartesi, 22:00:27"
Tarama bitti:;"03 Haziran 2012 Pazar, 00:15:45 (2 saat 15 dakika 18 saniye)"
Taranan toplam nesne:;"696979"
Taramayı başlatan kullanıcı:;"Burak"

Bulaşmalar
;"Dosya";"Bulaşma";"Sonuç"
;"D:\YEDEK\Oyun Setupları - Programlar\Bewitched -ok-\Bewitched (GameHouse) by Knetus.zip:\Bewitched (GameHouse) by Knetus.exe";"Truva atı Dropper.Generic3.MKQ";"Virüs Kasasına Taşındı"
;"D:\YEDEK\Oyun Setupları - Programlar\Bewitched -ok-\Bewitched (GameHouse) by Knetus.zip";"Truva atı Dropper.Generic3.MKQ";"Virüs Kasasına Taşındı"
;"D:\YEDEK\Oyun Setupları - Programlar\Mirror Magic\MirrorMagicSetup.exe:\MirrorMagicSetup.exe:\{app}\mirrormagic.RWG";"Virüs bulundu Win32/Heur";"Bulaşmış"
;"D:\YEDEK\Oyun Setupları - Programlar\Mirror Magic\MirrorMagicSetup.exe:\MirrorMagicSetup.exe";"Virüs bulundu Win32/Heur";"Bulaşmış"
;"D:\YEDEK\Oyun Setupları - Programlar\Mirror Magic\MirrorMagicSetup.exe";"Virüs bulundu Win32/Heur.dropper";"Bulaşmış"

Casus yazılım
;"Dosya";"Bulaşma";"Sonuç"
;"C:\Documents and Settings\Burak\Local Settings\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe:\$JF\bh\BabylonToolbarsrv.exe";"Reklam yazılımı Skodna.Generic_r.X";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Local Settings\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe";"Reklam yazılımı Skodna.Generic_r.X";"Virüs Kasasına Taşındı"

Uyarılar
;"Dosya";"Bulaşma";"Sonuç"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.f8ab5adb";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.f32a7c49";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.99c35e71";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.8aafc627";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.672c2183";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.66561182";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt:\real.com.13a6979d";"Tracking cookie.Real bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@real[2].txt";"Tracking cookie.Real bulundu";"Temizlenen"
;"C:\Documents and Settings\Burak\Cookies\burak@m.webtrends[2].txt:\m.webtrends.com.b4ca7df0";"Tracking cookie.Webtrends bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@m.webtrends[2].txt";"Tracking cookie.Webtrends bulundu";"Temizlenen"
;"C:\Documents and Settings\Burak\Cookies\burak@atdmt[1].txt:\atdmt.com.9e6d7fd3";"Tracking cookie.Atdmt bulundu";"Virüs Kasasına Taşındı"
;"C:\Documents and Settings\Burak\Cookies\burak@atdmt[1].txt";"Tracking cookie.Atdmt bulundu";"Temizlenen"

Bilgi
;"Dosya";"Bilgi";"Sonuç"
;"D:\YEDEK\Oyun Setupları - Programlar\Puzzle Inlay\GameHouse_Puzzle_Inlay_v1[1].0\embrace.rar:\PuzzleInlay_kg.exe";"Paketlenmiş çalışma zamanı fsg";""
;"D:\YEDEK\Oyun Setupları - Programlar\Puzzle Inlay\GameHouse_Puzzle_Inlay_v1[1].0\embrace.rar";"Paketlenmiş çalışma zamanı fsg";""
;"D:\YEDEK\Oyun Setupları - Programlar\cubis -ok-\Gamehouse[1].Cubis.Gold.2.v1.03.WinALL.Keygen.Only-BRD.ZIP:\Gamehouse.Cubis.Gold.2.v1.03.WinALL.Keygen.Only-BRD\Keygen.exe";"Paketlenmiş çalışma zamanı fsg";""
;"D:\YEDEK\Oyun Setupları - Programlar\cubis -ok-\Gamehouse[1].Cubis.Gold.2.v1.03.WinALL.Keygen.Only-BRD.ZIP";"Paketlenmiş çalışma zamanı fsg";""
;"C:\LF2-Mods\Mods\Killer_beta.rar:\killer_beta.exe";"Paketlenmiş çalışma zamanı fsg";""
;"C:\LF2-Mods\Mods\Killer_beta.rar";"Paketlenmiş çalışma zamanı fsg";""

However, even after the scan, tracking cookies started popping up again. Here's a sample AVG screenshot:

Posted Image

Also, while browsing my e-mail upload, I have stumbled upon some e-mails sent supposedly by my brother to me. We both use this PC, and to my knowledge he hasn't logged in to his e-mail account in another PC other that this one, so I am pretty sure this means the PC is infected.

Posted Image

I didn't censor the links because it might be useful knowledge.

Anyway, I will do the things you said in that order, and report back, along with anything else I encounter. Thank you for your help so far! :)

Edited by g.k., 03 June 2012 - 07:42 AM.


#4 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 08:36 AM

Okay, I did all things you said. When I first ran Minitoolbox, AVG detected it as malware, so I disabled AVG and ran it for the second time. Should I post both logs?

TFC erased ~900 mb worth of files. That's a lot :o It didn't leave a log though. Was it supposed to?

MBAM detected 36 registry keys, 3 registry values, 2 registry data item, 3 folders and 9 files. I removed them after the reboot. After the reboot, MBAM said it blocked an outgoing connetcion or something. Should I post the protection log too?

That would be 4 logs total, so should I send it in 1 post or send each log as a different post?

Edited by g.k., 03 June 2012 - 08:37 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 03 June 2012 - 09:24 AM

OK. if it fits in one post thats fine.I need to see what wa there and the Minibox log.

This is most likely the cause of it all.
;"D:\YEDEK\Oyun Setupları - Programlar\cubis -ok-\Gamehouse[1].Cubis.Gold.2.v1.03.WinALL.Keygen.Only
The reason they give you free stuff is to plant malware to steal info of your machine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 09:31 AM

OK. if it fits in one post thats fine.I need to see what wa there and the Minibox log.

This is most likely the cause of it all.
;"D:\YEDEK\Oyun Setupları - Programlar\cubis -ok-\Gamehouse[1].Cubis.Gold.2.v1.03.WinALL.Keygen.Only
The reason they give you free stuff is to plant malware to steal info of your machine.

I know. Well, this is going to sound cliche, but I suspect my brother (he's 12) has something to do with this :lol:

First MiniToolBox Log

MiniToolBox by Farbar Version: 14-01-2012
Ran by Burak (administrator) on 03-06-2012 at 15:48:21
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Yapılandırması



DNS Çözme Önbelleği başarıyla temizlendi.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

74.125.159.138 www3.l.google.com
74.125.159.139 youtube-ui.l.google.com
216.239.32.10 ns1.google.com
216.239.34.10 ns2.google.com
216.239.36.10 ns3.google.com
216.239.38.10 ns4.google.com
74.125.79.100 uk.youtube.com
74.125.79.100 de.youtube.com
209.85.229.99 youtube.com
209.85.229.99 www.youtube.com
74.125.79.100 translate.google.com
209.85.129.138 suggestqueries.google.com
74.125.159.138 earth.google.com
74.125.159.138 books.google.com
74.125.159.139 code.google.com
74.125.159.139 code.l.google.com
208.117.236.70 youtube.com
208.117.236.70 www.youtube.com
74.125.65.118 img.youtube.com
64.15.124.143 sjc-v1.sjc.youtube.com
64.15.124.144 sjc-v2.sjc.youtube.com
64.15.124.145 sjc-v3.sjc.youtube.com
64.15.124.146 sjc-v4.sjc.youtube.com
64.15.124.147 sjc-v5.sjc.youtube.com
64.15.124.148 sjc-v6.sjc.youtube.com
64.15.124.149 sjc-v7.sjc.youtube.com
64.15.124.150 sjc-v8.sjc.youtube.com
64.15.124.151 sjc-v9.sjc.youtube.com
64.15.124.152 sjc-v10.sjc.youtube.com
64.15.124.153 sjc-v11.sjc.youtube.com
64.15.124.154 sjc-v12.sjc.youtube.com
64.15.124.155 sjc-v13.sjc.youtube.com
64.15.124.156 sjc-v14.sjc.youtube.com
64.15.124.157 sjc-v15.sjc.youtube.com
64.15.124.158 sjc-v16.sjc.youtube.com
64.15.124.159 sjc-v17.sjc.youtube.com
64.15.124.160 sjc-v18.sjc.youtube.com
64.15.124.161 sjc-v19.sjc.youtube.com
64.15.124.162 sjc-v20.sjc.youtube.com
64.15.124.163 sjc-v21.sjc.youtube.com
64.15.124.164 sjc-v22.sjc.youtube.com
64.15.124.165 sjc-v23.sjc.youtube.com
64.15.124.166 sjc-v24.sjc.youtube.com
64.15.124.167 sjc-v25.sjc.youtube.com
64.15.124.168 sjc-v26.sjc.youtube.com
64.15.124.169 sjc-v27.sjc.youtube.com
64.15.124.170 sjc-v28.sjc.youtube.com
64.15.124.171 sjc-v29.sjc.youtube.com
64.15.124.172 sjc-v30.sjc.youtube.com
64.15.124.173 sjc-v31.sjc.youtube.com
64.15.124.174 sjc-v32.sjc.youtube.com
64.15.124.175 sjc-v33.sjc.youtube.com
64.15.124.176 sjc-v34.sjc.youtube.com
64.15.124.177 sjc-v35.sjc.youtube.com
64.15.124.178 sjc-v36.sjc.youtube.com
64.15.124.179 sjc-v37.sjc.youtube.com
64.15.124.180 sjc-v38.sjc.youtube.com
64.15.124.207 sjc-v39.sjc.youtube.com
64.15.124.208 sjc-v40.sjc.youtube.com
64.15.124.209 sjc-v41.sjc.youtube.com
64.15.124.210 sjc-v42.sjc.youtube.com
64.15.124.211 sjc-v43.sjc.youtube.com
64.15.124.212 sjc-v44.sjc.youtube.com
64.15.124.213 sjc-v45.sjc.youtube.com
64.15.124.214 sjc-v46.sjc.youtube.com
64.15.124.215 sjc-v47.sjc.youtube.com
64.15.124.216 sjc-v48.sjc.youtube.com
64.15.124.217 sjc-v49.sjc.youtube.com
64.15.124.218 sjc-v50.sjc.youtube.com
64.15.124.219 sjc-v51.sjc.youtube.com
64.15.124.220 sjc-v52.sjc.youtube.com
64.15.124.221 sjc-v53.sjc.youtube.com
64.15.124.222 sjc-v54.sjc.youtube.com
64.15.124.223 sjc-v55.sjc.youtube.com
64.15.124.224 sjc-v56.sjc.youtube.com
64.15.124.225 sjc-v57.sjc.youtube.com
64.15.124.226 sjc-v58.sjc.youtube.com
64.15.124.227 sjc-v59.sjc.youtube.com
64.15.124.228 sjc-v60.sjc.youtube.com
64.15.124.229 sjc-v61.sjc.youtube.com
64.15.124.230 sjc-v62.sjc.youtube.com
64.15.124.231 sjc-v63.sjc.youtube.com
64.15.124.232 sjc-v64.sjc.youtube.com
64.15.124.233 sjc-v65.sjc.youtube.com
64.15.124.234 sjc-v66.sjc.youtube.com
64.15.124.235 sjc-v67.sjc.youtube.com
64.15.124.236 sjc-v68.sjc.youtube.com
64.15.124.237 sjc-v69.sjc.youtube.com
64.15.124.238 sjc-v70.sjc.youtube.com
64.15.124.239 sjc-v71.sjc.youtube.com
64.15.124.240 sjc-v72.sjc.youtube.com
64.15.124.241 sjc-v73.sjc.youtube.com
64.15.124.242 sjc-v74.sjc.youtube.com
64.15.124.243 sjc-v75.sjc.youtube.com
64.15.124.244 sjc-v76.sjc.youtube.com
64.15.125.16 sjc-v77.sjc.youtube.com
74.125.13.80 v1.lscache1.c.youtube.com
74.125.13.83 v2.lscache1.c.youtube.com
74.125.13.86 v3.lscache1.c.youtube.com
74.125.13.89 v4.lscache1.c.youtube.com
74.125.13.92 v5.lscache1.c.youtube.com
74.125.13.95 v6.lscache1.c.youtube.com
74.125.13.98 v7.lscache1.c.youtube.com
74.125.13.101 v8.lscache1.c.youtube.com
74.125.97.17 v9.lscache1.c.youtube.com
74.125.97.84 v10.lscache1.c.youtube.com
74.125.13.87 v11.lscache1.c.youtube.com
74.125.13.90 v12.lscache1.c.youtube.com
74.125.13.93 v13.lscache1.c.youtube.com
74.125.13.96 v14.lscache1.c.youtube.com
74.125.13.99 v15.lscache1.c.youtube.com
74.125.97.38 v16.lscache1.c.youtube.com
74.125.13.82 v17.lscache1.c.youtube.com
74.125.13.85 v18.lscache1.c.youtube.com
74.125.13.88 v19.lscache1.c.youtube.com
74.125.13.91 v20.lscache1.c.youtube.com
74.125.13.94 v21.lscache1.c.youtube.com
74.125.13.97 v22.lscache1.c.youtube.com
74.125.13.100 v23.lscache1.c.youtube.com
74.125.13.103 v24.lscache1.c.youtube.com
74.125.13.80 v1.lscache2.c.youtube.com
74.125.13.83 v2.lscache2.c.youtube.com
74.125.13.86 v3.lscache2.c.youtube.com
74.125.13.89 v4.lscache2.c.youtube.com
74.125.13.92 v5.lscache2.c.youtube.com
74.125.13.95 v6.lscache2.c.youtube.com
74.125.13.98 v7.lscache2.c.youtube.com
74.125.13.101 v8.lscache2.c.youtube.com
74.125.13.81 v9.lscache2.c.youtube.com
74.125.13.84 v10.lscache2.c.youtube.com
74.125.13.87 v11.lscache2.c.youtube.com
74.125.13.90 v12.lscache2.c.youtube.com
74.125.13.93 v13.lscache2.c.youtube.com
74.125.13.96 v14.lscache2.c.youtube.com
74.125.13.99 v15.lscache2.c.youtube.com
74.125.13.102 v16.lscache2.c.youtube.com
74.125.13.82 v17.lscache2.c.youtube.com
74.125.13.85 v18.lscache2.c.youtube.com
74.125.13.88 v19.lscache2.c.youtube.com
74.125.13.91 v20.lscache2.c.youtube.com
74.125.13.94 v21.lscache2.c.youtube.com
74.125.13.97 v22.lscache2.c.youtube.com
74.125.13.100 v23.lscache2.c.youtube.com
74.125.13.103 v24.lscache2.c.youtube.com
74.125.99.80 v1.lscache3.c.youtube.com
74.125.99.83 v2.lscache3.c.youtube.com
74.125.99.86 v3.lscache3.c.youtube.com
74.125.99.89 v4.lscache3.c.youtube.com
74.125.99.92 v5.lscache3.c.youtube.com
74.125.99.95 v6.lscache3.c.youtube.com
74.125.99.98 v7.lscache3.c.youtube.com
74.125.99.101 v8.lscache3.c.youtube.com
74.125.99.81 v9.lscache3.c.youtube.com
74.125.99.84 v10.lscache3.c.youtube.com
74.125.99.87 v11.lscache3.c.youtube.com
74.125.99.90 v12.lscache3.c.youtube.com
74.125.99.93 v13.lscache3.c.youtube.com
74.125.97.32 v14.lscache3.c.youtube.com
74.125.99.99 v15.lscache3.c.youtube.com
74.125.99.102 v16.lscache3.c.youtube.com
74.125.99.82 v17.lscache3.c.youtube.com
74.125.99.85 v18.lscache3.c.youtube.com
74.125.99.88 v19.lscache3.c.youtube.com
74.125.99.91 v20.lscache3.c.youtube.com
74.125.99.94 v21.lscache3.c.youtube.com
74.125.99.97 v22.lscache3.c.youtube.com
74.125.99.100 v23.lscache3.c.youtube.com
74.125.99.103 v24.lscache3.c.youtube.com
74.125.99.80 v1.lscache4.c.youtube.com
74.125.99.83 v2.lscache4.c.youtube.com
74.125.99.86 v3.lscache4.c.youtube.com
74.125.99.89 v4.lscache4.c.youtube.com
74.125.99.92 v5.lscache4.c.youtube.com
74.125.99.95 v6.lscache4.c.youtube.com
74.125.99.98 v7.lscache4.c.youtube.com
74.125.99.101 v8.lscache4.c.youtube.com
74.125.99.81 v9.lscache4.c.youtube.com
74.125.99.84 v10.lscache4.c.youtube.com
74.125.99.87 v11.lscache4.c.youtube.com
74.125.99.90 v12.lscache4.c.youtube.com
74.125.99.93 v13.lscache4.c.youtube.com
74.125.99.96 v14.lscache4.c.youtube.com
74.125.99.99 v15.lscache4.c.youtube.com
74.125.99.102 v16.lscache4.c.youtube.com
74.125.99.82 v17.lscache4.c.youtube.com
74.125.99.85 v18.lscache4.c.youtube.com
74.125.99.88 v19.lscache4.c.youtube.com
74.125.99.91 v20.lscache4.c.youtube.com
74.125.99.94 v21.lscache4.c.youtube.com
74.125.99.97 v22.lscache4.c.youtube.com
74.125.99.100 v23.lscache4.c.youtube.com
74.125.99.103 v24.lscache4.c.youtube.com
74.125.99.16 v1.lscache5.c.youtube.com
74.125.99.19 v2.lscache5.c.youtube.com
74.125.99.22 v3.lscache5.c.youtube.com
74.125.99.25 v4.lscache5.c.youtube.com
74.125.99.28 v5.lscache5.c.youtube.com
74.125.99.31 v6.lscache5.c.youtube.com
74.125.99.34 v7.lscache5.c.youtube.com
74.125.99.37 v8.lscache5.c.youtube.com
74.125.99.17 v9.lscache5.c.youtube.com
74.125.97.20 v10.lscache5.c.youtube.com
74.125.99.23 v11.lscache5.c.youtube.com
74.125.170.154 v12.lscache5.c.youtube.com
74.125.99.29 v13.lscache5.c.youtube.com
74.125.99.32 v14.lscache5.c.youtube.com
74.125.99.35 v15.lscache5.c.youtube.com
74.125.99.38 v16.lscache5.c.youtube.com
74.125.99.18 v17.lscache5.c.youtube.com
74.125.99.21 v18.lscache5.c.youtube.com
74.125.99.24 v19.lscache5.c.youtube.com
74.125.99.27 v20.lscache5.c.youtube.com
74.125.99.30 v21.lscache5.c.youtube.com
74.125.99.33 v22.lscache5.c.youtube.com
74.125.99.36 v23.lscache5.c.youtube.com
74.125.99.39 v24.lscache5.c.youtube.com
74.125.99.16 v1.lscache6.c.youtube.com
74.125.99.19 v2.lscache6.c.youtube.com
74.125.99.22 v3.lscache6.c.youtube.com
74.125.99.25 v4.lscache6.c.youtube.com
74.125.99.28 v5.lscache6.c.youtube.com
74.125.99.31 v6.lscache6.c.youtube.com
74.125.99.34 v7.lscache6.c.youtube.com
74.125.99.37 v8.lscache6.c.youtube.com
74.125.99.17 v9.lscache6.c.youtube.com
74.125.99.20 v10.lscache6.c.youtube.com
74.125.99.23 v11.lscache6.c.youtube.com
74.125.99.26 v12.lscache6.c.youtube.com
74.125.99.29 v13.lscache6.c.youtube.com
74.125.99.32 v14.lscache6.c.youtube.com
74.125.99.35 v15.lscache6.c.youtube.com
74.125.99.38 v16.lscache6.c.youtube.com
74.125.99.18 v17.lscache6.c.youtube.com
74.125.99.21 v18.lscache6.c.youtube.com
74.125.99.24 v19.lscache6.c.youtube.com
74.125.99.27 v20.lscache6.c.youtube.com
74.125.99.30 v21.lscache6.c.youtube.com
74.125.99.33 v22.lscache6.c.youtube.com
74.125.99.36 v23.lscache6.c.youtube.com
74.125.99.39 v24.lscache6.c.youtube.com
74.125.170.208 v1.lscache7.c.youtube.com
74.125.170.211 v2.lscache7.c.youtube.com
74.125.170.214 v3.lscache7.c.youtube.com
74.125.170.217 v4.lscache7.c.youtube.com
74.125.170.220 v5.lscache7.c.youtube.com
74.125.170.223 v6.lscache7.c.youtube.com
74.125.170.226 v7.lscache7.c.youtube.com
74.125.170.229 v8.lscache7.c.youtube.com
74.125.170.209 v9.lscache7.c.youtube.com
74.125.170.212 v10.lscache7.c.youtube.com
74.125.170.215 v11.lscache7.c.youtube.com
74.125.170.218 v12.lscache7.c.youtube.com
74.125.170.221 v13.lscache7.c.youtube.com
74.125.170.224 v14.lscache7.c.youtube.com
74.125.170.227 v15.lscache7.c.youtube.com
74.125.170.230 v16.lscache7.c.youtube.com
74.125.170.210 v17.lscache7.c.youtube.com
74.125.170.213 v18.lscache7.c.youtube.com
74.125.170.216 v19.lscache7.c.youtube.com
74.125.170.219 v20.lscache7.c.youtube.com
74.125.170.222 v21.lscache7.c.youtube.com
74.125.170.225 v22.lscache7.c.youtube.com
74.125.170.228 v23.lscache7.c.youtube.com
74.125.170.231 v24.lscache7.c.youtube.com
74.125.170.208 v1.lscache8.c.youtube.com
74.125.170.211 v2.lscache8.c.youtube.com
74.125.170.214 v3.lscache8.c.youtube.com
74.125.170.217 v4.lscache8.c.youtube.com
74.125.170.220 v5.lscache8.c.youtube.com
74.125.170.159 v6.lscache8.c.youtube.com
74.125.170.226 v7.lscache8.c.youtube.com
74.125.170.229 v8.lscache8.c.youtube.com
74.125.170.209 v9.lscache8.c.youtube.com
74.125.170.212 v10.lscache8.c.youtube.com
74.125.170.215 v11.lscache8.c.youtube.com
74.125.170.218 v12.lscache8.c.youtube.com
74.125.170.221 v13.lscache8.c.youtube.com
74.125.170.224 v14.lscache8.c.youtube.com
74.125.170.227 v15.lscache8.c.youtube.com
74.125.170.230 v16.lscache8.c.youtube.com
74.125.170.210 v17.lscache8.c.youtube.com
74.125.170.213 v18.lscache8.c.youtube.com
74.125.170.216 v19.lscache8.c.youtube.com
74.125.170.219 v20.lscache8.c.youtube.com
74.125.170.222 v21.lscache8.c.youtube.com
74.125.170.225 v22.lscache8.c.youtube.com
74.125.170.228 v23.lscache8.c.youtube.com
74.125.170.231 v24.lscache8.c.youtube.com
208.117.236.69 youtube.com

127.0.0.1 localhost

========================= IP Configuration: ================================

VIA Compatable Fast Ethernet Bağdaştırıcısı = Yerel Ağ Bağlantısı (Connected)


# ----------------------------------
# Arabirim IP Yaplandrmas
# ----------------------------------
pushd interface ip


# "Yerel A§ Ba§lants" i‡in Arabirim IP Yaplandrmas

set address name="Yerel A§ Ba§lants" source=dhcp
set dns name="Yerel A§ Ba§lants" source=dhcp register=PRIMARY
set wins name="Yerel A§ Ba§lants" source=dhcp


popd
# Arabirim IP yaplandrmasnn sonu




Windows IP Yapılandırması



Ana Bilgisayar Adı . . . . . . . : xp

Birincil DNS Soneki . . . . . . . :

Düğüm Türü . . . . .. . . : Bilinmiyor

IP Yönlendirme Etkin . . . . . : Hayır

WINS Proxy Etkin . . . . . . . : Hayır



Ethernet bağdaştırıcı Yerel Ağ Bağlantısı:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : VIA Compatable Fast Ethernet Bağdaştırıcısı

Fiziksel Adres. . . . . . . . . . : 00-16-EC-51-F3-6C

Dhcp Etkin. . . . . . . . . . . : Evet

Otomatik Yapılandırma Etkin. . . : Evet

IP Adres. . . . . . . . . . . . . : 192.168.1.4

Alt Ağ Maskesi. . . . . . . . . . : 255.255.255.0

IP Adres. . . . . . . . . . . . . : fe80::216:ecff:fe51:f36c%4

Varsayılan Ağ Geçidi. . . . . . . : 192.168.1.1

DHCP Sunucusu . . . . . . . . . . : 192.168.1.1

DNS Sunucusu. . . . . . . . . . . : 192.168.1.1

fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Kira Sağlanan. . . . . . . . . . : 02 Haziran 2012 Cumartesi 08:15:52

Kira Bitişi . . . . . . . . . . . : 05 Haziran 2012 Salı 08:15:52



Tunnel bağdaştırıcı Teredo Tunneling Pseudo-Interface:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Fiziksel Adres. . . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Etkin. . . . . . . . . . .: Hayır

IP Adres. . . . . . . . . . . . . : fe80::ffff:ffff:fffd%5

Varsayılan Ağ Geçidi. . . . . . . :

Tcpip üzerinden NetBIOS . . . . : Devre dışı



Tunnel bağdaştırıcı Automatic Tunneling Pseudo-Interface:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Fiziksel Adres. . . . . . . . . . : C0-A8-01-04

Dhcp Etkin. . . . . . . . . . .: Hayır

IP Adres. . . . . . . . . . . . . : fe80::5efe:192.168.1.4%2

Varsayılan Ağ Geçidi. . . . . . . :

DNS Sunucusu. . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Tcpip üzerinden NetBIOS . . . . : Devre dışı

Sunucu: UnKnown
Address: 192.168.1.1

Ad: google.com
Addresses: 209.85.148.100, 209.85.148.101, 209.85.148.102, 209.85.148.113
209.85.148.138, 209.85.148.139



32 bayt veri ile google.com [209.85.148.138] 'ping' ediliyor:



209.85.148.138 cevab: bayt=32 sre=55ms TTL=56

209.85.148.138 cevab: bayt=32 sre=55ms TTL=56



209.85.148.138 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 55ms, En €ok = 55ms, Ortalama = 55ms

Sunucu: UnKnown
Address: 192.168.1.1

Ad: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



32 bayt veri ile yahoo.com [209.191.122.70] 'ping' ediliyor:



209.191.122.70 cevab: bayt=32 sre=203ms TTL=48

209.191.122.70 cevab: bayt=32 sre=203ms TTL=48



209.191.122.70 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 203ms, En €ok = 203ms, Ortalama = 203ms

Sunucu: UnKnown
Address: 192.168.1.1

Ad: bleepingcomputer.com
Address: 208.43.87.2



32 bayt veri ile bleepingcomputer.com [208.43.87.2] 'ping' ediliyor:



208.43.87.2 cevab: Hedef ana bilgisayar ulaŸlamaz.

208.43.87.2 cevab: Hedef ana bilgisayar ulaŸlamaz.



208.43.87.2 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 0ms, En €ok = 0ms, Ortalama = 0ms



32 bayt veri ile 127.0.0.1 'ping' ediliyor:



127.0.0.1 cevab: bayt=32 sre<1ms TTL=128

127.0.0.1 cevab: bayt=32 sre<1ms TTL=128



127.0.0.1 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 0ms, En €ok = 0ms, Ortalama = 0ms

===========================================================================
Arabirim Listesi
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 ec 51 f3 6c ...... VIA Compatable Fast Ethernet Bağdaştırıcısı - Paket Zamanlayıcısı Mini Bağlantı Noktası
===========================================================================
===========================================================================
Etkin Yollar:
A§ Hedefi A§ Maskesi A§ Ge‡idi Arabirim ™l‡t
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.4 192.168.1.4 20
192.168.1.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.4 192.168.1.4 20
224.0.0.0 240.0.0.0 192.168.1.4 192.168.1.4 20
255.255.255.255 255.255.255.255 192.168.1.4 192.168.1.4 1
Varsaylan
A§ Ge‡idi: 192.168.1.1
===========================================================================
Srekli Yollar:
Yok
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245760] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245760] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [143360] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/03/2012 03:17:39 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application winword.exe, version 12.0.6661.5000, stamp 4f7cd9da, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x03e2fd57.

Error: (06/03/2012 11:46:30 AM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 19.0.1084.52, hata modülü gcswf32.dll, sürümü 11.2.202.235, hata adresi 0x0007472e.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/31/2012 04:14:57 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama chrome.exe, sürüm 19.0.1084.52, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/30/2012 04:50:31 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama Server.exe, sürüm 0.0.0.0, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/26/2012 05:52:28 PM) (Source: Application Error) (User: )
Description: Hata uygulaması drwtsn32.exe, sürüm 5.1.2600.0, hata modülü dbghelp.dll, sürümü 5.1.2600.2180, hata adresi 0x0001295d.
Ortama özel olay [drwtsn32.exe!ws!] için işleniyor

Error: (05/26/2012 05:52:12 PM) (Source: Application Error) (User: )
Description: Hata uygulaması explorer.exe, sürüm 6.0.2900.3156, hata modülü hxmedpltfm.dll, sürümü 15.0.1.13, hata adresi 0x00002684.
Ortama özel olay [explorer.exe!ws!] için işleniyor

Error: (05/23/2012 03:52:57 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama rundll32.exe, sürüm 5.1.2600.2180, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/20/2012 06:11:33 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 19.0.1084.46, hata modülü unknown, sürümü 0.0.0.0, hata adresi 0x3a3686c7.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/17/2012 03:45:27 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 18.0.1025.168, hata modülü gcswf32.dll, sürümü 11.2.202.235, hata adresi 0x0012b171.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/13/2012 04:12:54 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 18.0.1025.168, hata modülü chrome.dll, sürümü 18.0.1025.168, hata adresi 0x0000e84a.
Ortama özel olay [chrome.exe!ws!] için işleniyor


System errors:
=============
Error: (06/02/2012 08:18:02 AM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater11.0.2 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:37 AM) (Source: Service Control Manager) (User: )
Description: LogMeIn Hamachi Tunneling Engine hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:34 AM) (Source: Service Control Manager) (User: )
Description: Java Quick Starter hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:31 AM) (Source: Service Control Manager) (User: )
Description: Pml Driver HPZ12 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:18 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%2

Error: (06/01/2012 08:04:16 AM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater11.0.2 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/01/2012 08:03:56 AM) (Source: Service Control Manager) (User: )
Description: Java Quick Starter hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/01/2012 08:03:53 AM) (Source: Service Control Manager) (User: )
Description: Pml Driver HPZ12 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/01/2012 08:03:51 AM) (Source: Service Control Manager) (User: )
Description: LogMeIn Hamachi Tunneling Engine hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/01/2012 07:57:01 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%2


Microsoft Office Sessions:
=========================
Error: (06/03/2012 03:17:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/02/2012 09:42:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/01/2012 07:00:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 744 seconds with 480 seconds of active time. This session ended with a crash.

Error: (03/29/2012 09:06:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1829 seconds with 780 seconds of active time. This session ended with a crash.

Error: (07/25/2011 06:43:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2010 08:54:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/08/2009 08:45:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/08/2009 08:44:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/07/2009 10:37:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

50 FREE MP3s +1 Free Audiobook! (Version: 1.0.0.1)
7-Zip 9.20
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
AiO_Scan_CDA (Version: 70.0.231.000)
Armada Tanks 1.00 (Version: 1.00)
µTorrent (Version: 3.0.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.1913)
AVG PC Tuneup (Version: 10.0.0.27)
Babylon toolbar on IE
CDSpace 4.1
CM 03-04 (Version: 4.1.0)
Codec 8.4
Command & Conquer Red Alert 2
DigimonBattle 2010.12.15 (Version: 2010.12.15)
e-XPLoDeR & HPB Bot (Version: v1.0)
eBoostr 3 (Version: 3.0)
Fish Tycoon
FoXBot v0.67
Google Chrome (Version: 19.0.1084.52)
Google Update Helper (Version: 1.3.21.111)
Half-Life
Hamsterball 3.25
HP Photosmart, Officejet and Deskjet 7.0.A (Version: 7.0)
I Want This (Version: 1.18.149.149)
Icy Tower v1.3.1
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
LogMeIn Hamachi (Version: 2.1.0.166)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Outlook MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Turkish) 2007 (Version: 12.0.4518.1027)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (Turkish) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSVCRT (Version: 14.0.1468.721)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Overkill
Picasa 2 (Version: 2.0)
POD-Bot 2.5
Pokemon Online 1.0.53
Punk Ass Fraggers Map Pack V1.3
QBeez 2
QFolder (Version: 1.00.0000)
Re-Volt patch 12.07 (Version: patch 12.07)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Rival Ball Tournament
Sözlük
Scan (Version: 7.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Sierra Utilities
Soldat 1.6.2 (Version: 1.6.2)
Steam
swMSM (Version: 12.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
vvv.kimdir.com Oyun kutusu
WebFldrs XP (Version: 9.50.7523)
Westwood Shared Internet Components
Winamp (Version: 5.572 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Internet Explorer 8 için Güncelleştirme (KB975364) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB976662) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB976749) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB980182) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB971961) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB974455) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB976325) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB978207) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB981332) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB982381) (Version: 1)
Windows Live Aile Koruması (Version: 14.0.8118.427)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Fotoğraf Galerisi (Version: 14.0.8117.416)
Windows Live Karşıya Yükleme Aracı (Version: 14.0.8014.1029)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Oturum Açma Yardımcısı (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Temel Parçalar (Version: 14.0.8117.0416)
Windows Live Temel Parçalar (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
YTD YouTube Downloader & Converter 3.6

========================= Memory info: ===================================

Percentage of memory in use: 82%
Total physical RAM: 511.3 MB
Available physical RAM: 88.38 MB
Total Pagefile: 1249.85 MB
Available Pagefile: 575.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.89 MB

========================= Partitions: =====================================

2 Drive c: (System) (Fixed) (Total:39.07 GB) (Free:6.5 GB) NTFS
3 Drive d: (Depo) (Fixed) (Total:26.96 GB) (Free:1.89 GB) NTFS
5 Drive g: (CM 03-04) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

========================= Users: ========================================

\\XP Kullanc Hesaplar

Administrator Burak Guest
HelpAssistant SUPPORT_388945a0
Komut baŸaryla tamamland.


**** End of log ****

Second MiniToolBox Log

MiniToolBox by Farbar Version: 14-01-2012
Ran by Burak (administrator) on 03-06-2012 at 16:04:14
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Yapılandırması



DNS Çözme Önbelleği başarıyla temizlendi.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

74.125.159.138 www3.l.google.com
74.125.159.139 youtube-ui.l.google.com
216.239.32.10 ns1.google.com
216.239.34.10 ns2.google.com
216.239.36.10 ns3.google.com
216.239.38.10 ns4.google.com
74.125.79.100 uk.youtube.com
74.125.79.100 de.youtube.com
209.85.229.99 youtube.com
209.85.229.99 www.youtube.com
74.125.79.100 translate.google.com
209.85.129.138 suggestqueries.google.com
74.125.159.138 earth.google.com
74.125.159.138 books.google.com
74.125.159.139 code.google.com
74.125.159.139 code.l.google.com
208.117.236.70 youtube.com
208.117.236.70 www.youtube.com
74.125.65.118 img.youtube.com
64.15.124.143 sjc-v1.sjc.youtube.com
64.15.124.144 sjc-v2.sjc.youtube.com
64.15.124.145 sjc-v3.sjc.youtube.com
64.15.124.146 sjc-v4.sjc.youtube.com
64.15.124.147 sjc-v5.sjc.youtube.com
64.15.124.148 sjc-v6.sjc.youtube.com
64.15.124.149 sjc-v7.sjc.youtube.com
64.15.124.150 sjc-v8.sjc.youtube.com
64.15.124.151 sjc-v9.sjc.youtube.com
64.15.124.152 sjc-v10.sjc.youtube.com
64.15.124.153 sjc-v11.sjc.youtube.com
64.15.124.154 sjc-v12.sjc.youtube.com
64.15.124.155 sjc-v13.sjc.youtube.com
64.15.124.156 sjc-v14.sjc.youtube.com
64.15.124.157 sjc-v15.sjc.youtube.com
64.15.124.158 sjc-v16.sjc.youtube.com
64.15.124.159 sjc-v17.sjc.youtube.com
64.15.124.160 sjc-v18.sjc.youtube.com
64.15.124.161 sjc-v19.sjc.youtube.com
64.15.124.162 sjc-v20.sjc.youtube.com
64.15.124.163 sjc-v21.sjc.youtube.com
64.15.124.164 sjc-v22.sjc.youtube.com
64.15.124.165 sjc-v23.sjc.youtube.com
64.15.124.166 sjc-v24.sjc.youtube.com
64.15.124.167 sjc-v25.sjc.youtube.com
64.15.124.168 sjc-v26.sjc.youtube.com
64.15.124.169 sjc-v27.sjc.youtube.com
64.15.124.170 sjc-v28.sjc.youtube.com
64.15.124.171 sjc-v29.sjc.youtube.com
64.15.124.172 sjc-v30.sjc.youtube.com
64.15.124.173 sjc-v31.sjc.youtube.com
64.15.124.174 sjc-v32.sjc.youtube.com
64.15.124.175 sjc-v33.sjc.youtube.com
64.15.124.176 sjc-v34.sjc.youtube.com
64.15.124.177 sjc-v35.sjc.youtube.com
64.15.124.178 sjc-v36.sjc.youtube.com
64.15.124.179 sjc-v37.sjc.youtube.com
64.15.124.180 sjc-v38.sjc.youtube.com
64.15.124.207 sjc-v39.sjc.youtube.com
64.15.124.208 sjc-v40.sjc.youtube.com
64.15.124.209 sjc-v41.sjc.youtube.com
64.15.124.210 sjc-v42.sjc.youtube.com
64.15.124.211 sjc-v43.sjc.youtube.com
64.15.124.212 sjc-v44.sjc.youtube.com
64.15.124.213 sjc-v45.sjc.youtube.com
64.15.124.214 sjc-v46.sjc.youtube.com
64.15.124.215 sjc-v47.sjc.youtube.com
64.15.124.216 sjc-v48.sjc.youtube.com
64.15.124.217 sjc-v49.sjc.youtube.com
64.15.124.218 sjc-v50.sjc.youtube.com
64.15.124.219 sjc-v51.sjc.youtube.com
64.15.124.220 sjc-v52.sjc.youtube.com
64.15.124.221 sjc-v53.sjc.youtube.com
64.15.124.222 sjc-v54.sjc.youtube.com
64.15.124.223 sjc-v55.sjc.youtube.com
64.15.124.224 sjc-v56.sjc.youtube.com
64.15.124.225 sjc-v57.sjc.youtube.com
64.15.124.226 sjc-v58.sjc.youtube.com
64.15.124.227 sjc-v59.sjc.youtube.com
64.15.124.228 sjc-v60.sjc.youtube.com
64.15.124.229 sjc-v61.sjc.youtube.com
64.15.124.230 sjc-v62.sjc.youtube.com
64.15.124.231 sjc-v63.sjc.youtube.com
64.15.124.232 sjc-v64.sjc.youtube.com
64.15.124.233 sjc-v65.sjc.youtube.com
64.15.124.234 sjc-v66.sjc.youtube.com
64.15.124.235 sjc-v67.sjc.youtube.com
64.15.124.236 sjc-v68.sjc.youtube.com
64.15.124.237 sjc-v69.sjc.youtube.com
64.15.124.238 sjc-v70.sjc.youtube.com
64.15.124.239 sjc-v71.sjc.youtube.com
64.15.124.240 sjc-v72.sjc.youtube.com
64.15.124.241 sjc-v73.sjc.youtube.com
64.15.124.242 sjc-v74.sjc.youtube.com
64.15.124.243 sjc-v75.sjc.youtube.com
64.15.124.244 sjc-v76.sjc.youtube.com
64.15.125.16 sjc-v77.sjc.youtube.com
74.125.13.80 v1.lscache1.c.youtube.com
74.125.13.83 v2.lscache1.c.youtube.com
74.125.13.86 v3.lscache1.c.youtube.com
74.125.13.89 v4.lscache1.c.youtube.com
74.125.13.92 v5.lscache1.c.youtube.com
74.125.13.95 v6.lscache1.c.youtube.com
74.125.13.98 v7.lscache1.c.youtube.com
74.125.13.101 v8.lscache1.c.youtube.com
74.125.97.17 v9.lscache1.c.youtube.com
74.125.97.84 v10.lscache1.c.youtube.com
74.125.13.87 v11.lscache1.c.youtube.com
74.125.13.90 v12.lscache1.c.youtube.com
74.125.13.93 v13.lscache1.c.youtube.com
74.125.13.96 v14.lscache1.c.youtube.com
74.125.13.99 v15.lscache1.c.youtube.com
74.125.97.38 v16.lscache1.c.youtube.com
74.125.13.82 v17.lscache1.c.youtube.com
74.125.13.85 v18.lscache1.c.youtube.com
74.125.13.88 v19.lscache1.c.youtube.com
74.125.13.91 v20.lscache1.c.youtube.com
74.125.13.94 v21.lscache1.c.youtube.com
74.125.13.97 v22.lscache1.c.youtube.com
74.125.13.100 v23.lscache1.c.youtube.com
74.125.13.103 v24.lscache1.c.youtube.com
74.125.13.80 v1.lscache2.c.youtube.com
74.125.13.83 v2.lscache2.c.youtube.com
74.125.13.86 v3.lscache2.c.youtube.com
74.125.13.89 v4.lscache2.c.youtube.com
74.125.13.92 v5.lscache2.c.youtube.com
74.125.13.95 v6.lscache2.c.youtube.com
74.125.13.98 v7.lscache2.c.youtube.com
74.125.13.101 v8.lscache2.c.youtube.com
74.125.13.81 v9.lscache2.c.youtube.com
74.125.13.84 v10.lscache2.c.youtube.com
74.125.13.87 v11.lscache2.c.youtube.com
74.125.13.90 v12.lscache2.c.youtube.com
74.125.13.93 v13.lscache2.c.youtube.com
74.125.13.96 v14.lscache2.c.youtube.com
74.125.13.99 v15.lscache2.c.youtube.com
74.125.13.102 v16.lscache2.c.youtube.com
74.125.13.82 v17.lscache2.c.youtube.com
74.125.13.85 v18.lscache2.c.youtube.com
74.125.13.88 v19.lscache2.c.youtube.com
74.125.13.91 v20.lscache2.c.youtube.com
74.125.13.94 v21.lscache2.c.youtube.com
74.125.13.97 v22.lscache2.c.youtube.com
74.125.13.100 v23.lscache2.c.youtube.com
74.125.13.103 v24.lscache2.c.youtube.com
74.125.99.80 v1.lscache3.c.youtube.com
74.125.99.83 v2.lscache3.c.youtube.com
74.125.99.86 v3.lscache3.c.youtube.com
74.125.99.89 v4.lscache3.c.youtube.com
74.125.99.92 v5.lscache3.c.youtube.com
74.125.99.95 v6.lscache3.c.youtube.com
74.125.99.98 v7.lscache3.c.youtube.com
74.125.99.101 v8.lscache3.c.youtube.com
74.125.99.81 v9.lscache3.c.youtube.com
74.125.99.84 v10.lscache3.c.youtube.com
74.125.99.87 v11.lscache3.c.youtube.com
74.125.99.90 v12.lscache3.c.youtube.com
74.125.99.93 v13.lscache3.c.youtube.com
74.125.97.32 v14.lscache3.c.youtube.com
74.125.99.99 v15.lscache3.c.youtube.com
74.125.99.102 v16.lscache3.c.youtube.com
74.125.99.82 v17.lscache3.c.youtube.com
74.125.99.85 v18.lscache3.c.youtube.com
74.125.99.88 v19.lscache3.c.youtube.com
74.125.99.91 v20.lscache3.c.youtube.com
74.125.99.94 v21.lscache3.c.youtube.com
74.125.99.97 v22.lscache3.c.youtube.com
74.125.99.100 v23.lscache3.c.youtube.com
74.125.99.103 v24.lscache3.c.youtube.com
74.125.99.80 v1.lscache4.c.youtube.com
74.125.99.83 v2.lscache4.c.youtube.com
74.125.99.86 v3.lscache4.c.youtube.com
74.125.99.89 v4.lscache4.c.youtube.com
74.125.99.92 v5.lscache4.c.youtube.com
74.125.99.95 v6.lscache4.c.youtube.com
74.125.99.98 v7.lscache4.c.youtube.com
74.125.99.101 v8.lscache4.c.youtube.com
74.125.99.81 v9.lscache4.c.youtube.com
74.125.99.84 v10.lscache4.c.youtube.com
74.125.99.87 v11.lscache4.c.youtube.com
74.125.99.90 v12.lscache4.c.youtube.com
74.125.99.93 v13.lscache4.c.youtube.com
74.125.99.96 v14.lscache4.c.youtube.com
74.125.99.99 v15.lscache4.c.youtube.com
74.125.99.102 v16.lscache4.c.youtube.com
74.125.99.82 v17.lscache4.c.youtube.com
74.125.99.85 v18.lscache4.c.youtube.com
74.125.99.88 v19.lscache4.c.youtube.com
74.125.99.91 v20.lscache4.c.youtube.com
74.125.99.94 v21.lscache4.c.youtube.com
74.125.99.97 v22.lscache4.c.youtube.com
74.125.99.100 v23.lscache4.c.youtube.com
74.125.99.103 v24.lscache4.c.youtube.com
74.125.99.16 v1.lscache5.c.youtube.com
74.125.99.19 v2.lscache5.c.youtube.com
74.125.99.22 v3.lscache5.c.youtube.com
74.125.99.25 v4.lscache5.c.youtube.com
74.125.99.28 v5.lscache5.c.youtube.com
74.125.99.31 v6.lscache5.c.youtube.com
74.125.99.34 v7.lscache5.c.youtube.com
74.125.99.37 v8.lscache5.c.youtube.com
74.125.99.17 v9.lscache5.c.youtube.com
74.125.97.20 v10.lscache5.c.youtube.com
74.125.99.23 v11.lscache5.c.youtube.com
74.125.170.154 v12.lscache5.c.youtube.com
74.125.99.29 v13.lscache5.c.youtube.com
74.125.99.32 v14.lscache5.c.youtube.com
74.125.99.35 v15.lscache5.c.youtube.com
74.125.99.38 v16.lscache5.c.youtube.com
74.125.99.18 v17.lscache5.c.youtube.com
74.125.99.21 v18.lscache5.c.youtube.com
74.125.99.24 v19.lscache5.c.youtube.com
74.125.99.27 v20.lscache5.c.youtube.com
74.125.99.30 v21.lscache5.c.youtube.com
74.125.99.33 v22.lscache5.c.youtube.com
74.125.99.36 v23.lscache5.c.youtube.com
74.125.99.39 v24.lscache5.c.youtube.com
74.125.99.16 v1.lscache6.c.youtube.com
74.125.99.19 v2.lscache6.c.youtube.com
74.125.99.22 v3.lscache6.c.youtube.com
74.125.99.25 v4.lscache6.c.youtube.com
74.125.99.28 v5.lscache6.c.youtube.com
74.125.99.31 v6.lscache6.c.youtube.com
74.125.99.34 v7.lscache6.c.youtube.com
74.125.99.37 v8.lscache6.c.youtube.com
74.125.99.17 v9.lscache6.c.youtube.com
74.125.99.20 v10.lscache6.c.youtube.com
74.125.99.23 v11.lscache6.c.youtube.com
74.125.99.26 v12.lscache6.c.youtube.com
74.125.99.29 v13.lscache6.c.youtube.com
74.125.99.32 v14.lscache6.c.youtube.com
74.125.99.35 v15.lscache6.c.youtube.com
74.125.99.38 v16.lscache6.c.youtube.com
74.125.99.18 v17.lscache6.c.youtube.com
74.125.99.21 v18.lscache6.c.youtube.com
74.125.99.24 v19.lscache6.c.youtube.com
74.125.99.27 v20.lscache6.c.youtube.com
74.125.99.30 v21.lscache6.c.youtube.com
74.125.99.33 v22.lscache6.c.youtube.com
74.125.99.36 v23.lscache6.c.youtube.com
74.125.99.39 v24.lscache6.c.youtube.com
74.125.170.208 v1.lscache7.c.youtube.com
74.125.170.211 v2.lscache7.c.youtube.com
74.125.170.214 v3.lscache7.c.youtube.com
74.125.170.217 v4.lscache7.c.youtube.com
74.125.170.220 v5.lscache7.c.youtube.com
74.125.170.223 v6.lscache7.c.youtube.com
74.125.170.226 v7.lscache7.c.youtube.com
74.125.170.229 v8.lscache7.c.youtube.com
74.125.170.209 v9.lscache7.c.youtube.com
74.125.170.212 v10.lscache7.c.youtube.com
74.125.170.215 v11.lscache7.c.youtube.com
74.125.170.218 v12.lscache7.c.youtube.com
74.125.170.221 v13.lscache7.c.youtube.com
74.125.170.224 v14.lscache7.c.youtube.com
74.125.170.227 v15.lscache7.c.youtube.com
74.125.170.230 v16.lscache7.c.youtube.com
74.125.170.210 v17.lscache7.c.youtube.com
74.125.170.213 v18.lscache7.c.youtube.com
74.125.170.216 v19.lscache7.c.youtube.com
74.125.170.219 v20.lscache7.c.youtube.com
74.125.170.222 v21.lscache7.c.youtube.com
74.125.170.225 v22.lscache7.c.youtube.com
74.125.170.228 v23.lscache7.c.youtube.com
74.125.170.231 v24.lscache7.c.youtube.com
74.125.170.208 v1.lscache8.c.youtube.com
74.125.170.211 v2.lscache8.c.youtube.com
74.125.170.214 v3.lscache8.c.youtube.com
74.125.170.217 v4.lscache8.c.youtube.com
74.125.170.220 v5.lscache8.c.youtube.com
74.125.170.159 v6.lscache8.c.youtube.com
74.125.170.226 v7.lscache8.c.youtube.com
74.125.170.229 v8.lscache8.c.youtube.com
74.125.170.209 v9.lscache8.c.youtube.com
74.125.170.212 v10.lscache8.c.youtube.com
74.125.170.215 v11.lscache8.c.youtube.com
74.125.170.218 v12.lscache8.c.youtube.com
74.125.170.221 v13.lscache8.c.youtube.com
74.125.170.224 v14.lscache8.c.youtube.com
74.125.170.227 v15.lscache8.c.youtube.com
74.125.170.230 v16.lscache8.c.youtube.com
74.125.170.210 v17.lscache8.c.youtube.com
74.125.170.213 v18.lscache8.c.youtube.com
74.125.170.216 v19.lscache8.c.youtube.com
74.125.170.219 v20.lscache8.c.youtube.com
74.125.170.222 v21.lscache8.c.youtube.com
74.125.170.225 v22.lscache8.c.youtube.com
74.125.170.228 v23.lscache8.c.youtube.com
74.125.170.231 v24.lscache8.c.youtube.com
208.117.236.69 youtube.com

127.0.0.1 localhost

========================= IP Configuration: ================================

VIA Compatable Fast Ethernet Bağdaştırıcısı = Yerel Ağ Bağlantısı (Connected)


# ----------------------------------
# Arabirim IP Yaplandrmas
# ----------------------------------
pushd interface ip


# "Yerel A§ Ba§lants" i‡in Arabirim IP Yaplandrmas

set address name="Yerel A§ Ba§lants" source=dhcp
set dns name="Yerel A§ Ba§lants" source=dhcp register=PRIMARY
set wins name="Yerel A§ Ba§lants" source=dhcp


popd
# Arabirim IP yaplandrmasnn sonu




Windows IP Yapılandırması



Ana Bilgisayar Adı . . . . . . . : xp

Birincil DNS Soneki . . . . . . . :

Düğüm Türü . . . . .. . . : Bilinmiyor

IP Yönlendirme Etkin . . . . . : Hayır

WINS Proxy Etkin . . . . . . . : Hayır



Ethernet bağdaştırıcı Yerel Ağ Bağlantısı:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : VIA Compatable Fast Ethernet Bağdaştırıcısı

Fiziksel Adres. . . . . . . . . . : 00-16-EC-51-F3-6C

Dhcp Etkin. . . . . . . . . . . : Evet

Otomatik Yapılandırma Etkin. . . : Evet

IP Adres. . . . . . . . . . . . . : 192.168.1.4

Alt Ağ Maskesi. . . . . . . . . . : 255.255.255.0

IP Adres. . . . . . . . . . . . . : fe80::216:ecff:fe51:f36c%4

Varsayılan Ağ Geçidi. . . . . . . : 192.168.1.1

DHCP Sunucusu . . . . . . . . . . : 192.168.1.1

DNS Sunucusu. . . . . . . . . . . : 192.168.1.1

fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Kira Sağlanan. . . . . . . . . . : 03 Haziran 2012 Pazar 15:58:14

Kira Bitişi . . . . . . . . . . . : 06 Haziran 2012 Çarşamba 15:58:14



Tunnel bağdaştırıcı Teredo Tunneling Pseudo-Interface:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Fiziksel Adres. . . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Etkin. . . . . . . . . . .: Hayır

IP Adres. . . . . . . . . . . . . : fe80::ffff:ffff:fffd%5

Varsayılan Ağ Geçidi. . . . . . . :

Tcpip üzerinden NetBIOS . . . . : Devre dışı



Tunnel bağdaştırıcı Automatic Tunneling Pseudo-Interface:



Bağlantıya özgü DNS Soneki . . . :

Açıklama . . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Fiziksel Adres. . . . . . . . . . : C0-A8-01-04

Dhcp Etkin. . . . . . . . . . .: Hayır

IP Adres. . . . . . . . . . . . . : fe80::5efe:192.168.1.4%2

Varsayılan Ağ Geçidi. . . . . . . :

DNS Sunucusu. . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Tcpip üzerinden NetBIOS . . . . : Devre dışı

Sunucu: UnKnown
Address: 192.168.1.1

Ad: google.com
Addresses: 209.85.148.100, 209.85.148.101, 209.85.148.102, 209.85.148.113
209.85.148.138, 209.85.148.139



32 bayt veri ile google.com [209.85.148.139] 'ping' ediliyor:



209.85.148.139 cevab: bayt=32 sre=62ms TTL=56

209.85.148.139 cevab: bayt=32 sre=62ms TTL=56



209.85.148.139 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 62ms, En €ok = 62ms, Ortalama = 62ms

Sunucu: UnKnown
Address: 192.168.1.1

Ad: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



32 bayt veri ile yahoo.com [209.191.122.70] 'ping' ediliyor:



209.191.122.70 cevab: bayt=32 sre=203ms TTL=48

209.191.122.70 cevab: bayt=32 sre=204ms TTL=48



209.191.122.70 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 203ms, En €ok = 204ms, Ortalama = 203ms

Sunucu: UnKnown
Address: 192.168.1.1

Ad: bleepingcomputer.com
Address: 208.43.87.2



32 bayt veri ile bleepingcomputer.com [208.43.87.2] 'ping' ediliyor:



208.43.87.2 cevab: Hedef ana bilgisayar ulaŸlamaz.

208.43.87.2 cevab: Hedef ana bilgisayar ulaŸlamaz.



208.43.87.2 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 0ms, En €ok = 0ms, Ortalama = 0ms



32 bayt veri ile 127.0.0.1 'ping' ediliyor:



127.0.0.1 cevab: bayt=32 sre<1ms TTL=128

127.0.0.1 cevab: bayt=32 sre<1ms TTL=128



127.0.0.1 i‡in Ping istatisti§i:

Paket: Giden = 2, Gelen = 2, Kaybolan = 0 (0% kayp),

Mili saniye trnden yaklaŸk tur sreleri:

En Az = 0ms, En €ok = 0ms, Ortalama = 0ms

===========================================================================
Arabirim Listesi
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 ec 51 f3 6c ...... VIA Compatable Fast Ethernet Bağdaştırıcısı - Paket Zamanlayıcısı Mini Bağlantı Noktası
===========================================================================
===========================================================================
Etkin Yollar:
A§ Hedefi A§ Maskesi A§ Ge‡idi Arabirim ™l‡t
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.4 192.168.1.4 20
192.168.1.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.4 192.168.1.4 20
224.0.0.0 240.0.0.0 192.168.1.4 192.168.1.4 20
255.255.255.255 255.255.255.255 192.168.1.4 192.168.1.4 1
Varsaylan
A§ Ge‡idi: 192.168.1.1
===========================================================================
Srekli Yollar:
Yok
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245760] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245760] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [143360] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245760] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/03/2012 03:17:39 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application winword.exe, version 12.0.6661.5000, stamp 4f7cd9da, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x03e2fd57.

Error: (06/03/2012 11:46:30 AM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 19.0.1084.52, hata modülü gcswf32.dll, sürümü 11.2.202.235, hata adresi 0x0007472e.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/31/2012 04:14:57 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama chrome.exe, sürüm 19.0.1084.52, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/30/2012 04:50:31 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama Server.exe, sürüm 0.0.0.0, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/26/2012 05:52:28 PM) (Source: Application Error) (User: )
Description: Hata uygulaması drwtsn32.exe, sürüm 5.1.2600.0, hata modülü dbghelp.dll, sürümü 5.1.2600.2180, hata adresi 0x0001295d.
Ortama özel olay [drwtsn32.exe!ws!] için işleniyor

Error: (05/26/2012 05:52:12 PM) (Source: Application Error) (User: )
Description: Hata uygulaması explorer.exe, sürüm 6.0.2900.3156, hata modülü hxmedpltfm.dll, sürümü 15.0.1.13, hata adresi 0x00002684.
Ortama özel olay [explorer.exe!ws!] için işleniyor

Error: (05/23/2012 03:52:57 PM) (Source: Application Hang) (User: )
Description: Askıda kalan uygulama rundll32.exe, sürüm 5.1.2600.2180, askı modülü hungapp, sürüm 0.0.0.0, askıda kalma adresi 0x00000000.

Error: (05/20/2012 06:11:33 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 19.0.1084.46, hata modülü unknown, sürümü 0.0.0.0, hata adresi 0x3a3686c7.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/17/2012 03:45:27 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 18.0.1025.168, hata modülü gcswf32.dll, sürümü 11.2.202.235, hata adresi 0x0012b171.
Ortama özel olay [chrome.exe!ws!] için işleniyor

Error: (05/13/2012 04:12:54 PM) (Source: Application Error) (User: )
Description: Hata uygulaması chrome.exe, sürüm 18.0.1025.168, hata modülü chrome.dll, sürümü 18.0.1025.168, hata adresi 0x0000e84a.
Ortama özel olay [chrome.exe!ws!] için işleniyor


System errors:
=============
Error: (06/03/2012 04:01:26 PM) (Source: Service Control Manager) (User: )
Description: LogMeIn Hamachi Tunneling Engine hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/03/2012 04:01:23 PM) (Source: Service Control Manager) (User: )
Description: Java Quick Starter hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/03/2012 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: Pml Driver HPZ12 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/03/2012 04:01:03 PM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater11.0.2 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/03/2012 03:59:20 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%2

Error: (06/03/2012 03:52:59 PM) (Source: Service Control Manager) (User: )
Description: eBoostr Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/03/2012 03:52:59 PM) (Source: Service Control Manager) (User: )
Description: SeaPort hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:18:02 AM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater11.0.2 hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:37 AM) (Source: Service Control Manager) (User: )
Description: LogMeIn Hamachi Tunneling Engine hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.

Error: (06/02/2012 08:17:34 AM) (Source: Service Control Manager) (User: )
Description: Java Quick Starter hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.


Microsoft Office Sessions:
=========================
Error: (06/03/2012 03:17:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/02/2012 09:42:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/01/2012 07:00:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 744 seconds with 480 seconds of active time. This session ended with a crash.

Error: (03/29/2012 09:06:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1829 seconds with 780 seconds of active time. This session ended with a crash.

Error: (07/25/2011 06:43:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2010 08:54:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/08/2009 08:45:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/08/2009 08:44:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/07/2009 10:37:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

50 FREE MP3s +1 Free Audiobook! (Version: 1.0.0.1)
7-Zip 9.20
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
AiO_Scan_CDA (Version: 70.0.231.000)
Armada Tanks 1.00 (Version: 1.00)
µTorrent (Version: 3.0.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.1913)
AVG PC Tuneup (Version: 10.0.0.27)
Babylon toolbar on IE
CDSpace 4.1
CM 03-04 (Version: 4.1.0)
Codec 8.4
Command & Conquer Red Alert 2
DigimonBattle 2010.12.15 (Version: 2010.12.15)
e-XPLoDeR & HPB Bot (Version: v1.0)
eBoostr 3 (Version: 3.0)
Fish Tycoon
FoXBot v0.67
Google Chrome (Version: 19.0.1084.52)
Google Update Helper (Version: 1.3.21.111)
Half-Life
Hamsterball 3.25
HP Photosmart, Officejet and Deskjet 7.0.A (Version: 7.0)
I Want This (Version: 1.18.149.149)
Icy Tower v1.3.1
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
LogMeIn Hamachi (Version: 2.1.0.166)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Outlook MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Turkish) 2007 (Version: 12.0.4518.1027)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (Turkish) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSVCRT (Version: 14.0.1468.721)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Overkill
Picasa 2 (Version: 2.0)
POD-Bot 2.5
Pokemon Online 1.0.53
Punk Ass Fraggers Map Pack V1.3
QBeez 2
QFolder (Version: 1.00.0000)
Re-Volt patch 12.07 (Version: patch 12.07)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Rival Ball Tournament
Sözlük
Scan (Version: 7.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Sierra Utilities
Soldat 1.6.2 (Version: 1.6.2)
Steam
swMSM (Version: 12.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
vvv.kimdir.com Oyun kutusu
WebFldrs XP (Version: 9.50.7523)
Westwood Shared Internet Components
Winamp (Version: 5.572 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Internet Explorer 8 için Güncelleştirme (KB975364) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB976662) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB976749) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB980182) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB971961) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB974455) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB976325) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB978207) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB981332) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB982381) (Version: 1)
Windows Live Aile Koruması (Version: 14.0.8118.427)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Fotoğraf Galerisi (Version: 14.0.8117.416)
Windows Live Karşıya Yükleme Aracı (Version: 14.0.8014.1029)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Oturum Açma Yardımcısı (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Temel Parçalar (Version: 14.0.8117.0416)
Windows Live Temel Parçalar (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
YTD YouTube Downloader & Converter 3.6

========================= Memory info: ===================================

Percentage of memory in use: 75%
Total physical RAM: 511.3 MB
Available physical RAM: 122.94 MB
Total Pagefile: 1249.85 MB
Available Pagefile: 760.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.96 MB

========================= Partitions: =====================================

2 Drive c: (System) (Fixed) (Total:39.07 GB) (Free:7.39 GB) NTFS
3 Drive d: (Depo) (Fixed) (Total:26.96 GB) (Free:1.89 GB) NTFS
5 Drive g: (CM 03-04) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

========================= Users: ========================================

\\XP Kullanc Hesaplar

Administrator Burak Guest
HelpAssistant SUPPORT_388945a0
Komut baŸaryla tamamland.


**** End of log ****

#7 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 09:33 AM

MBAM Scan Log

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.03.03

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Burak :: XP [administrator]

Protection: Enabled

03.06.2012 16:10:54
mbam-log-2012-06-03 (16-18-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 194912
Time elapsed: 6 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 36
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> No action taken.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\I WANT THIS (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

Registry Values Detected: 3
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 986e4cdd22eaefdb20600c866e97d5ab -> No action taken.
HKCU\Software\I Want This|HelperRunningVersion (PUP.GamesPlayLab) -> Data: 149 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> No action taken.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel|HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel|HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 3
C:\Program Files\I Want This (Adware.GamePlayLab) -> No action taken.
C:\Documents and Settings\Burak\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> No action taken.
C:\Documents and Settings\Burak\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

Files Detected: 9
C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> No action taken.
C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> No action taken.
C:\Documents and Settings\Burak\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken.

(end)

MBAM Protection Log

2012/06/03 16:10:45 +0300 XP Burak MESSAGE Starting protection
2012/06/03 16:10:54 +0300 XP Burak MESSAGE Protection started successfully
2012/06/03 16:11:00 +0300 XP Burak MESSAGE Starting IP protection
2012/06/03 16:11:10 +0300 XP Burak MESSAGE IP Protection started successfully
2012/06/03 16:22:53 +0300 XP Burak MESSAGE Starting protection
2012/06/03 16:23:21 +0300 XP Burak MESSAGE Protection started successfully
2012/06/03 16:23:24 +0300 XP Burak MESSAGE Starting IP protection
2012/06/03 16:23:57 +0300 XP Burak MESSAGE IP Protection started successfully
2012/06/03 16:25:22 +0300 XP Burak IP-BLOCK 89.28.118.42 (Type: outgoing)

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 03 June 2012 - 09:49 AM

Ok, Perhaps you did not click "Remove Selected" button after the MBAM scan. The log shows -> No action taken.



Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.




Now tun these...

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 10:19 AM

I removed everything in the quarantine after the reboot.

Fixed the hosts file. I also removed Babylon Toolbar and uTorrent. I had added those Youtube entries, though. Youtube was banned over here between 2007-2010, so yeah.

I have two news though, one still worrying, one nice. I can access My Documents directly now. On the other hand, even after fixing the hosts file and restarting the computer, I had 2 notifications from MBAM telling it blocked access to malicious sites.

A screenshot:

Posted Image

And the entries from the MBAM protection log:
2012/06/03 18:00:37 +0300 XP MESSAGE Starting protection
2012/06/03 18:00:58 +0300 XP MESSAGE Protection started successfully
2012/06/03 18:01:01 +0300 XP MESSAGE Starting IP protection
2012/06/03 18:01:52 +0300 XP Burak MESSAGE IP Protection started successfully
2012/06/03 18:02:33 +0300 XP Burak IP-BLOCK 89.28.104.253 (Type: outgoing)
2012/06/03 18:03:13 +0300 XP Burak IP-BLOCK 89.28.36.166 (Type: outgoing)

Will run TDSSKiller and ESET & get back to you asap :)

Edited by g.k., 03 June 2012 - 11:30 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 03 June 2012 - 12:45 PM

Let me know if thos is the pay or feee MBam PROGRAM.

The Ips are from
Country Moldova, Republic of
Country Code MD
Region Chisinau
http://www.fast-ip-search.com/lookup.htm?ip=89.28.36.166+
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 12:51 PM

After installing it, MBAM asked me if I wanted to try the trial version. I accepted. So it's the trial version of the paid thing.

TDSSKiller found nothing. It lasted, like 1 minute maybe, though. Is that normal?

ESET is at %97 and it has found 7 infections so far. I'll post the log once it finishes.

Thank you for your help so far :)

Edited by g.k., 03 June 2012 - 12:54 PM.


#12 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 01:01 PM

Infections ESET has found:

C:\Documents and Settings\Burak\Application Data\AVG\Rescue\PC Tuneup 2011\120306195448625.rsc a variant of Win32/InstallCore.D application deleted - quarantined
C:\Documents and Settings\Burak\Application Data\OpenCandy\OpenCandy_54B80AEDAB4A43629A0C1D5EFDC18533\registrybooster40.exe Win32/RegistryBooster application deleted - quarantined
C:\Documents and Settings\Burak\Application Data\OpenCandy\OpenCandy_54B80AEDAB4A43629A0C1D5EFDC18533\registrybooster40_wp10v1.exe Win32/RegistryBooster application deleted - quarantined
C:\Documents and Settings\Burak\Belgelerim\Downloads\counter strike setup.exe Win32/Soft32Downloader application cleaned by deleting - quarantined
C:\Documents and Settings\Burak\Desktop\Full oyunlar\HamsterBall_GOLD_v3.25.rar Win32/HackTool.Patcher.A application deleted - quarantined
C:\Documents and Settings\Burak\Desktop\Full oyunlar\HamsterBall GOLD v3.25\Crack.exe Win32/HackTool.Patcher.A application cleaned by deleting - quarantined
D:\Hamachi\SoftonicDownloader_for_hamachi.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 03 June 2012 - 01:12 PM

Hi.. then its doing its job..
Since it is out going .. whay Firewall are you using?

You also need to installl Windows Service Pack 3 to close security holes.

Tdss is OK.


Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 g.k.

g.k.
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Istanbul, Turkey
  • Local time:02:03 PM

Posted 03 June 2012 - 02:02 PM

I want to say that the PC runs noticably faster now.

Since it is out going .. whay Firewall are you using?

Well, I don't use one :whistle: I was trusting AVG to do the job. I have turned Resident Shield off to prevent it from interfering with the disinfection process, could that be the reason?

I'm looking for updates at Microsoft's site, would that be enough?

aswMBR Log
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-03 21:20:02
-----------------------------
21:20:02.546 OS Version: Windows 5.1.2600 Service Pack 2
21:20:02.546 Number of processors: 1 586 0x409
21:20:02.546 ComputerName: XP UserName:
21:20:11.468 Initialize success
21:25:38.078 AVAST engine defs: 12060301
21:26:00.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12
21:26:00.437 Disk 0 Vendor: SAMSUNG_SP0842N BH100-45 Size: 68637MB BusType: 3
21:26:00.453 Disk 0 MBR read successfully
21:26:00.453 Disk 0 MBR scan
21:26:00.562 Disk 0 Windows XP default MBR code
21:26:00.578 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 40005 MB offset 63
21:26:00.593 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 27611 MB offset 81931500
21:26:00.609 Disk 0 Partition 3 00 77 SA/DPS 1019 MB offset 138480300
21:26:00.609 Disk 0 scanning sectors +140568750
21:26:00.765 Disk 0 scanning C:\WINDOWS\system32\drivers
21:26:12.953 Service scanning
21:26:36.750 Modules scanning
21:26:42.265 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
21:26:43.843 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**
21:26:43.843 Disk 0 trace - called modules:
21:26:43.875 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
21:26:43.875 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8238cab8]
21:26:43.875 3 CLASSPNP.SYS[f857705b] -> nt!IofCallDriver -> \Device\00000075[0x823cd138]
21:26:43.875 5 ACPI.sys[f84ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-12[0x8238fd98]
21:26:44.906 AVAST engine scan C:\WINDOWS
21:26:48.593 AVAST engine scan C:\WINDOWS\system32
21:29:37.078 AVAST engine scan C:\WINDOWS\system32\drivers
21:29:50.390 AVAST engine scan C:\Documents and Settings\Burak
21:46:37.640 AVAST engine scan C:\Documents and Settings\All Users
21:49:57.343 Scan finished successfully
21:52:15.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Burak\Desktop\MBR.dat"
21:52:15.984 The log file has been saved successfully to "C:\Documents and Settings\Burak\Desktop\aswMBR.txt"

Edited by g.k., 03 June 2012 - 02:12 PM.


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 AM

Posted 03 June 2012 - 05:36 PM

Install the ZoneAlarm Free Firewall Firewall only.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users