HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (486. sayfa)

C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover121.exe 
  C:\Program Files\BarDiscover\bardiscover.exe 
  C:\DOCUME~1\Haldun\LOCALS~1\Temp\xdmhgj.exe 
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://search.live.com/sphome.aspx 
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.googlaa.com/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.live.com/sphome.aspx 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =http://www.googlaa.com/ 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\Haldun\LOCALS~1\Temp\herss.exe 
  O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 
  O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover121.exe 
  O23 - Service: Arka Plan Akıllı Aktarım Hizmeti (BITS) - Unknown owner - C:\WINDOWS\ 
   

C:\WINDOWS\system32\RVHOST.exe 
  F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe 
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\RVHOST.exe 
  O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 
  

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 21:33:04, on 26.05.2010 
  Platform: Unknown Windows (WinNT 6.01.3504) 
  MSIE: Internet Explorer v8.00 (8.00.7600.16385) 
  Boot mode: Normal 
   
  Running processes: 
  C:\Windows\vmsnap3.exe 
  C:\Windows\Domino.exe 
  C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
  C:\Program Files (x86)\Winamp\winampa.exe 
  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe 
  C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 
  C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
  C:\Program Files (x86)\Internet Explorer\IELowutil.exe 
  C:\Windows\SysWOW64\NOTEPAD.EXE 
  C:\Users\hd\Desktop\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  F2 - REG:system.ini: UserInit=userinit.exe 
  O2 - BHO: (no name) - {00361E36-A4B5-4626-8D96-3C68B902EFD0} - C:\Windows\SysWow64\dmdskres232.dll 
  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files (x86)\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll 
  O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
  O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files (x86)\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll 
  O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime 
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe 
  O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun 
  O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun 
  O4 - HKCU\..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe" 
  O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot 
  O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p 
  O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe 
  O8 - Extra context menu item: Download All Links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm 
  O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm 
  O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm 
  O8 - Extra context menu item: Reklam Başlığı Engelleyicisine ekle - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm 
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll 
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll 
  O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL 
  O9 - Extra button: URL ko&ntrolü - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
  O13 - Gopher Prefix:  
  O20 - AppInit_DLLs: C:\Windows\system32\d3d10_1core32.dll,C:\Windows\system32\diskcopy32.dll,C:\Windows\system32\d3d8thk32.dll,C:\Windows\system32\Display32.dll,C:\Windows\system32\D3DCompiler_3332.dll,C:\Windows\system32\dmband32.dll,C:\Windows\system32\dmband32.dllz4igohjj32.dll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.dll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.dll9rnrezwgc6mtc32.dll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.dll9rnrezwgc6mtc32.dllgph3y400132.dll,C:\Windows\system32\eappgnui32.dll,C:\Windows\system32\dhcpcsvc32.dll,C:\Windows\system32\efsadu32.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.dllfpw2rlwyk32.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.dllfpw2rlwyk32.dllmng3se32.dll 
  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
  O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) 
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe 
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe 
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) 
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
  O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe 
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 
   
  -- 
  End of file - 9476 bytes 
  

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  O2 - BHO: (no name) - {00361E36-A4B5-4626-8D96-3C68B902EFD0} - C:\Windows\SysWow64\dmdskres232.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files (x86)\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll 
  O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files (x86)\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll 
   O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL 
   O13 - Gopher Prefix: 
  O20 - AppInit_DLLs: C:\Windows\system32\d3d10_1core32.dll,C:\Windows\system32\diskcopy32.dll,C:\Wind ows\system32\d3d8thk32.dll,C:\Windows\system32\Display32.dll,C:\Windows\system32 \D3DCompiler_3332.dll,C:\Windows\system32\dmband32.dll,C:\Windows\system32\dmban d32.dllz4igohjj32.dll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.d ll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.dll9rnrezwgc6mtc32.d ll,C:\Windows\system32\dmband32.dllz4igohjj32.dlll15syi0x32.dll9rnrezwgc6mtc32.d llgph3y400132.dll,C:\Windows\system32\eappgnui32.dll,C:\Windows\system32\dhcpcsv c32.dll,C:\Windows\system32\efsadu32.dll,C:\Windows\system32\diskcopy32.dllzxgjk x2y0zf32.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.d ll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.dllfpw2rlwy k32.dll,C:\Windows\system32\diskcopy32.dllzxgjkx2y0zf32.dll19a7hzk4i4z132.dllfpw 2rlwyk32.dllmng3se32.dll 
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) 
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) 
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 
  

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 02:47:31, on 09.06.2010 
  Platform: Windows XP SP3 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
  Boot mode: Normal 
   
  Running processes: 
  C:\WINDOWS\System32\smss.exe 
  C:\WINDOWS\system32\winlogon.exe 
  C:\WINDOWS\system32\services.exe 
  C:\WINDOWS\system32\lsass.exe 
  C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe 
  C:\WINDOWS\system32\nvsvc32.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\system32\spoolsv.exe 
  C:\WINDOWS\Explorer.EXE 
  C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  C:\Program Files\COMODO\COMODO Internet Security\cfp.exe 
  C:\Program Files\Hotspot Shield\bin\openvpnas.exe 
  C:\Program Files\USB Disk Security\USBGuard.exe 
  C:\Program Files\Vista Drive Icon\DrvIcon.exe 
  C:\Program Files\Ad Muncher\AdMunch.exe 
  C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe 
  C:\WINDOWS\system32\ctfmon.exe 
  C:\Program Files\Vista Rainbar\Rainmeter.exe 
  C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe 
  C:\Program Files\Hotspot Shield\bin\hsswd.exe 
  C:\Program Files\uTorrent\uTorrent.exe 
  C:\Program Files\Java\jre6\bin\jqs.exe 
  C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe 
  C:\Program Files\Internet Download Manager\IDMan.exe 
  C:\Program Files\Common Files\LightScribe\LSSrvc.exe 
  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 
  C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 
  C:\WINDOWS\system32\SearchIndexer.exe 
  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe 
  C:\Program Files\Internet Download Manager\IEMonitor.exe 
  C:\Program Files\Mozilla Firefox\firefox.exe 
  C:\Documents and Settings\SELİM\Desktop\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =http://go.navige.com/ 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe 
  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll 
  O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll 
  O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file) 
  O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h 
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup 
  O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe 
  O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe 
  O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice 
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\Rainmeter.exe 
  O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" 
  O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') 
  O4 - Global Startup: Update ESET's license.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe 
  O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html 
  O8 - Extra context menu item: Block frame with Ad Muncher -http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=L8903090&id=menu_ie_frame 
  O8 - Extra context menu item: Block image with Ad Muncher -http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=L8903090&id=menu_ie_image 
  O8 - Extra context menu item: Block link with Ad Muncher -http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=L8903090&id=menu_ie_link 
  O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm 
  O8 - Extra context menu item: Don't filter page with Ad Muncher -http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=L8903090&id=menu_ie_exclude 
  O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm 
  O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm 
  O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 
  O8 - Extra context menu item: Report page to the Ad Muncher developers -http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=L8903090&id=menu_ie_report 
  O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll 
  O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll 
  O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL 
  O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL 
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll 
  O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll 
  O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe 
  O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 
  O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe 
  O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe 
  O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE 
  O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe 
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe 
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe 
  O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 
  O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe 
  O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 
   
  -- 
  End of file - 10845 bytes

C:\WINDOWS\system32\winsys2.exe 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Groove GFS Browser Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll 
  O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
  O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 
  O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL 
  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab 
  O23 - Service: Sukoku Service - Unknown - C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku123.exe 
  

C:\Program Files\****\AdMunch.exe 
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =http://go.navige.com/ 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  F2 - R 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file) 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') 
  O4 - Global Startup: Update ESET's license.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe 
  O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\**** Pro\blockimg.html 
  

 
  Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 20:02:10, on 10.06.2010 
  Platform: Unknown Windows (WinNT 6.01.3504) 
  MSIE: Internet Explorer v8.00 (8.00.7600.16385) 
  Boot mode: Normal 
   
  Running processes: 
  C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
  C:\Program Files (x86)\DNA\btdna.exe 
  C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe 
  C:\Program Files (x86)\Winamp\winampa.exe 
  C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
  C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 
  C:\Program Files (x86)\a-squared Free\a2free.exe 
  C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
  C:\program files (x86)\avira\antivir desktop\avcenter.exe 
  C:\program files (x86)\avira\antivir desktop\avscan.exe 
  C:\Program Files (x86)\Winamp\winamp.exe 
  C:\Users\ahmet\Desktop\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  F2 - REG:system.ini: UserInit=userinit.exe 
  O1 - Hosts: 72.14.204.104 youtube.com 
  O1 - Hosts: 72.14.204.99 www.youtube.com 
  O1 - Hosts: 74.125.43.103 docs.google.com 
  O1 - Hosts: 74.125.43.103 www.docs.google.com 
  O1 - Hosts: 74.125.43.103 clients1.google.com 
  O1 - Hosts: 74.125.43.103 clients1.google.com.tr 
  O1 - Hosts: 74.125.43.103 www.clients1.google.com 
  O1 - Hosts: 74.125.43.103 www.clients1.google.com.tr 
  O1 - Hosts: 74.125.43.103 translate.google.com 
  O1 - Hosts: 74.125.43.103 translate.google.com.tr 
  O1 - Hosts: 74.125.43.103 www.translate.google.com 
  O1 - Hosts: 74.125.43.103 www.translate.google.com.tr 
  O1 - Hosts: 74.125.43.105 google-analytics.com 
  O1 - Hosts: 74.125.43.105 www.google-analytics.com 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll 
  O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\ahmet\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll 
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
  O3 - Toolbar: HypreCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll 
  O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe 
  O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin 
  O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" 
  O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun 
  O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files (x86)\DNA\btdna.exe" 
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service') 
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service') 
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') 
  O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe 
  O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\ahmet\AppData\Roaming\FlashGetBHO\GetAllUrl.htm 
  O8 - Extra context menu item: Download by FlashGet3 - C:\Users\ahmet\AppData\Roaming\FlashGetBHO\GetUrl.htm 
  O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL 
  O13 - Gopher Prefix:  
  O15 - Trusted Zone:http://software.kuaiche.com 
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab 
  O17 - HKLM\System\CCS\Services\Tcpip\..\{9B3DC282-EA34-4E89-A3C3-E5C9CAF646FF}: NameServer = 8.8.8.8,8.8.4.4 
  O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe 
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
  O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe 
  O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe 
  O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 
  O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 
  O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) 
  O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 
  O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe 
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) 
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
  O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe 
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 
   
  -- 
  End of file - 10615 bytes 
  

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 19:55:52, on 14.06.2010 
  Platform: Windows XP SP2 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) 
  Boot mode: Normal 
   
  Running processes: 
  C:\windows\system32\csrss.exe 
  C:\windows\system32\winlogon.exe 
  C:\windows\system32\services.exe 
  C:\windows\system32\lsass.exe 
  C:\windows\system32\Ati2evxx.exe 
  C:\windows\system32\svchost.exe 
  C:\windows\System32\svchost.exe 
  C:\windows\system32\svchost.exe 
  C:\windows\system32\svchost.exe 
  C:\windows\system32\svchost.exe 
  C:\windows\system32\Ati2evxx.exe 
  C:\windows\system32\spoolsv.exe 
  C:\windows\Explorer.EXE 
  C:\Program Files\Winamp\winampa.exe 
  C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 
  C:\Program Files\Common Files\Java\Java Update\jusched.exe 
  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe 
  C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe 
  C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe 
  C:\windows\RTHDCPL.EXE 
  C:\windows\system32\ctfmon.exe 
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe 
  C:\Program Files\Messenger\msmsgs.exe 
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe 
  C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe 
  C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe 
  C:\Program Files\CDBurnerXP\NMSAccessU.exe 
  C:\windows\system32\svchost.exe 
  G:\Program Files\Mozilla Firefox\firefox.exe 
  C:\windows\system32\svchost.exe 
  C:\WINDOWS\system32\imapi.exe 
  C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 
  C:\WINDOWS\system32\wbem\wmiapsrv.exe 
  C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 
  C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe 
  C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe 
  C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 
  C:\Documents and Settings\Tahsin\Desktop\Action\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  F2 - REG:system.ini: UserInit=userinit.exe,C:\windows\system32\sdra64.exe, 
  O1 - Hosts: 74.125.43.103 youtube.com 
  O1 - Hosts: 74.125.43.103 www.youtube.com 
  O1 - Hosts: 74.125.43.103 www.docs.google.com 
  O1 - Hosts: 74.125.43.103 www.clients1.google.com.tr 
  O1 - Hosts: 74.125.43.103 www.translate.google.com.tr 
  O1 - Hosts: 74.125.43.103 docs.google.com 
  O1 - Hosts: 74.125.43.103 clients1.google.com.tr 
  O1 - Hosts: 74.125.43.103 translate.google.com.tr 
  O1 - Hosts: 74.125.43.105 www.google-analytics.com 
  O1 - Hosts: 74.125.43.105 google-analytics.com 
  O1 - Hosts: 74.125.43.105 suggestqueries.google.com 
  O1 - Hosts: 74.125.43.105 sites.google.com 
  O1 - Hosts: 74.125.43.105 books.google.com.tr 
  O1 - Hosts: 74.125.43.105 books.google.com 
  O1 - Hosts: 74.125.43.105 groups.google.com.tr 
  O1 - Hosts: 74.125.43.105 groups.google.com 
  O1 - Hosts: 74.125.43.105 code.google.com 
  O1 - Hosts: 74.125.43.105 answers.google.com 
  O1 - Hosts: 74.125.43.105 labs.google.com 
  O1 - Hosts: 74.125.43.105 pages.google.com 
  O1 - Hosts: 74.125.43.105 video.google.com 
  O1 - Hosts: 74.125.43.105 moon.google.com 
  O1 - Hosts: 74.125.43.105 earth.google.com 
  O1 - Hosts: 74.125.43.105 catalogs.google.com 
  O1 - Hosts: 74.125.43.105 sketchup.google.com 
  O1 - Hosts: 74.125.43.105 documents.google.com 
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\SplitCam Toolbar\tbcore3.dll 
  O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll 
  O3 - Toolbar: SplitCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\SplitCam Toolbar\tbcore3.dll 
  O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE 
  O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" 
  O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" 
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice 
  O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" 
  O4 - HKLM\..\Run: [sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe 
  O4 - HKLM\..\Run: [Ovt Wia] C:\windows\OV530EM.exe 
  O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles 
  O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart 
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" 
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" 
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe 
  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE 
  O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE 
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme 
  O4 - HKCU\..\Run: [uTorrent] "G:\Program Files\uTorrent\uTorrent.exe" 
  O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun 
  O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash 
  O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe 
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background 
  O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray 
  O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\herss.exe 
  O4 - HKCU\..\Run: [nod32] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\nodqq.exe 
  O4 - HKCU\..\Run: [RGSC] G:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent 
  O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\dsoqq.exe 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [uTorrent] "G:\Program Files\uTorrent\uTorrent.exe" (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [cdoosoft] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\herss.exe (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [nod32] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\nodqq.exe (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [RGSC] G:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (User '?') 
  O4 - HKUS\S-1-5-21-1214440339-1788223648-839522115-1004\..\Run: [dso32] C:\DOCUME~1\Tahsin\LOCALS~1\Temp\dsoqq.exe (User '?') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - S-1-5-21-1214440339-1788223648-839522115-1004 Startup: ServerList.lnk = C:\Program Files\Valve\platform\config\otomatik_list.exe (User '?') 
  O4 - Startup: ServerList.lnk = C:\Program Files\Valve\platform\config\otomatik_list.exe 
  O4 - Global Startup: AirTies ADSL Hizmet Programı.lnk = ? 
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab 
  O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab 
  O17 - HKLM\System\CCS\Services\Tcpip\..\{957F0850-C830-4A39-A335-977B3D477E1F}: NameServer = 8.8.8.8,8.8.4.4 
  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe 
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe 
  O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe 
  O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe 
  O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 
  O23 - Service: Google Update Service (gupdate1ca6ae5bacee33a) (gupdate1ca6ae5bacee33a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe 
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 
  O23 - Service: hpdj - HP - C:\DOCUME~1\Tahsin\LOCALS~1\Temp\hpdj.exe 
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe 
  O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 
  O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 
  O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe 
  O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 
  O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (file missing) 
   
  -- 
  End of file - 13347 bytes 
  

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 17:56:17, on 18.06.2010 
  Platform: Unknown Windows (WinNT 6.01.3504) 
  MSIE: Internet Explorer v8.00 (8.00.7600.16385) 
  Boot mode: Normal 
   
  Running processes: 
  C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe 
  C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe 
  C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 
  C:\Users\Xanadu\Desktop\kısayollar\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  F2 - REG:system.ini: UserInit=userinit.exe 
  O1 - Hosts: 98.129.238.10 richarddawkins.net 
  O1 - Hosts: 205.188.234.120 yp.shoutcast.com 
  O1 - Hosts: 62.41.85.97 media.shoutcast.com 
  O1 - Hosts: 205.188.216.8 shoutcast.com 
  O1 - Hosts: 207.200.100.5 www.shoutcast.com 
  O1 - Hosts: 74.125.4.16 r1.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.17 r2.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.18 r3.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.19 r4.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.20 r5.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.21 r6.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.22 r7.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.23 r8.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.24 r9.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.25 r10.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.26 r11.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.27 r12.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.28 r13.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.29 r14.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.30 r15.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.31 r16.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.32 r17.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.33 r18.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.34 r19.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.35 r20.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.36 r21.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.37 r22.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.38 r23.lhr1.c.youtube.com 
  O1 - Hosts: 74.125.4.39 r24.lhr1.c.youtube.com 
  O1 - Hosts: 213.146.171.16 r1.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.17 r2.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.18 r3.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.19 r4.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.20 r5.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.21 r6.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.22 r7.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.23 r8.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.24 r9.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.25 r10.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.26 r11.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.27 r12.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.28 r13.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.29 r14.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.30 r15.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.31 r16.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.32 r17.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.33 r18.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.34 r19.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.35 r20.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.36 r21.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.37 r22.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.38 r23.lhr2.c.youtube.com 
  O1 - Hosts: 213.146.171.39 r24.lhr2.c.youtube.com 
  O1 - Hosts: 206.132.73.16 r1.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.17 r2.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.18 r3.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.19 r4.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.20 r5.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.21 r6.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.22 r7.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.23 r8.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.24 r9.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.25 r10.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.26 r11.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.27 r12.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.28 r13.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.29 r14.lhr3.c.youtube.com 
  O1 - Hosts: 206.132.73.30 r15.lhr3.c.youtube.com 
  O1 - Hosts: 74.125.4.208 r1.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.209 r2.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.210 r3.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.211 r4.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.212 r5.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.213 r6.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.214 r7.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.215 r8.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.216 r9.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.217 r10.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.218 r11.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.219 r12.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.220 r13.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.221 r14.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.222 r15.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.223 r16.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.224 r17.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.225 r18.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.226 r19.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.227 r20.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.228 r21.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.229 r22.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.230 r23.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.231 r24.lhr4.c.youtube.com 
  O1 - Hosts: 74.125.4.80 r1.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.81 r2.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.82 r3.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.83 r4.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.84 r5.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.85 r6.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.86 r7.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.87 r8.lhr5.c.youtube.com 
  O1 - Hosts: 74.125.4.88 r9.lhr5.c.youtube.com 
  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll 
  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll 
  O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll 
  O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) 
  O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot 
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service') 
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service') 
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') 
  O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm 
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 
  O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm 
  O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm 
  O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll 
  O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll 
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL 
  O9 - Extra button: HP Smart Web Printing göster veya gizle - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll 
  O13 - Gopher Prefix:  
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
  O17 - HKLM\System\CCS\Services\Tcpip\..\{AA248F22-1A0C-4C6A-8B31-3F0FF35876F6}: NameServer = 193.140.100.210,193.140.100.215 
  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll 
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
  O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
  O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) 
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe 
  O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe 
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) 
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe 
  O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe 
  O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe 
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 
   
  -- 
  End of file - 13313 bytes