bilgisayarim temiz mi ?????

Logfile of HijackThis v1.99.1
Scan saved at 14:01:00, on 29-4-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Common Files\Sony Shared\GMR\GMRMan.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Admin\Bureaublad\Legal XP\Legal_XP.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\ir_ext_temp_0\autorun.exe
C:\Documents and Settings\Admin\Bureaublad\Legal XP\Legal_XP.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\ir_ext_temp_1\autorun.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijack This\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [BeFaster] C:\Program Files\BeFaster Lite\bflite.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\RegClean.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Kies als &Messenger-avatar - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com ... uid=1870&cat_uid=11
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by130w.bay130.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.ms ... toSwap/PhtPkMSN.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

mcinst.exe        C:\Documents and Settings\Admin\Local Settings\Temp\vspt10enus.tmp\Apps\MPF        Probably BACKDOOR.Trojan        Moved.
mcinst.exe        C:\Documents and Settings\Admin\Local Settings\Temp\vspt10enus.tmp\Apps\MSAD        Probably BACKDOOR.Trojan        Moved.
mcinst.exe        C:\Documents and Settings\Admin\Local Settings\Temp\vspt10enus.tmp\Apps\MSC        Probably BACKDOOR.Trojan        Moved.
RemoveWGA.exe        C:\Program Files        Tool.RemoveWGA        Moved.
cleaner.log        C:\Program Files\Microsoft AntiSpyware        Probably MACRO.SCRIPT.IRC.WORM.Virus        Moved.
VBAOL11.CHM\html/olobjAddressEntries.htm        C:\Program Files\Microsoft Office\OFFICE11\1043\VBAOL11.CHM        Modification of VBS.Petik       
VBAOL11.CHM        C:\Program Files\Microsoft Office\OFFICE11\1043        Archive contains infected objects        Moved.
00018206.rbf        C:\RECYCLER\NPROTECT        Probably DLOADER.Trojan        Moved.
00018394.rbf        C:\RECYCLER\NPROTECT        Probably DLOADER.Trojan        Moved.
A0175381.EXE        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP672        Adware.Msearch        Moved.
A0184204.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP681        Adware.Relevant        Moved.
A0196464.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0196519.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0196579.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197453.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197478.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197480.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197482.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197528.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0197572.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.
A0197691.dll        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0197716.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0197764.dll        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0198155.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably DLOADER.Trojan        Moved.
A0198301.exe        C:\System Volume Information\_restore{3D9FC327-241B-43C3-815A-D7BA4C63E700}\RP701        Probably BACKDOOR.Trojan        Moved.

eger bu bilgilerden bana pc min iceriginde zararli ve gereksiz seylerin oldugunu soylerseniz sevinirim.

tsk ederim

yazıdığın yazılarda gördüğün gibi trojan moved diye yazılar yazıyor.Bunlar sisteminde trojan downloader ve benzeri trojan lar bulunduğunu ifade ediyor.Bu yüzdenpc ni bir virüs tarama programı ile tarat.Bunun dışında bir antispyware indirmeni tavsiye ederim.

[url][/url]www.inndir.com

bu adresten anti-virüs ve anti-spyware yükleyebilirsin.

Burada tüm yazdığın dosyalar virüs olmayabilir.Messenger le ilgili bazı isimler var bunlar trojan veya bir virüs değildir.

Sende svchost32.exe virüsüde bulunuyor olabilir.Bunu bulmak içide başlat/çalıştır/o yere regedit yaz çalıştıra bas/sonra gelen yerdeki düzen e bas/bul a bas/oraya svchost32.exe yaz/arattır.Eğer bişeler bulursa onları sil.

[*<](ÇOK ÖNEMLİ UYARI!!=sakın svhost.exe ile karıştırma eğer svhost.exe yi silersen sistemin açılmayabilir.)[*<]

yani sistemin çok ağır ve sorunlu çalışıyorsa formatla sorada kaspersk ile bi tarat ayrıca pc de muhakka bir anti spamda çalıştır.ama kaspersk 'yi sana kesinlikle tavsiye ederim

bilgisayarın temiz olup olmadığını nasıl biliyorsunuz??

bundan oncesini bi baska programla ve asagidakini bi baska programla baktim.

assagida cidden virus yani trojan bulunmus ve yok edilmis.

C:\System Volume Information  < burda da goruldugu gibi system kartinda bulunuyo tekrar calistirdigimda ses kaybini kayip ettim. sag alt kosede saatin yaninda hardware bulundu elle arama yaptigimda tekrar kendiliginden ses kartini yukledi.
ama nasil olurda orginal cd den trojan ???? bu biraz sacma geldi.
mcinst.exe C:\Documents and Settings\Admin\Local Settings\Temp\vspt10enus.tmp\Apps\MPF Probably BACKDOOR.Trojan Moved.
mcinst.exe C:\Documents and Settings\Admin\Local

mirsefqan teklifin icin tsk ama sunu bilir sunu soylerim format hic bir cozum degil. kullanmasini bileceksin.

format iyi degil ayrica pc icinde yararli degil.

Kasper+Bonusu Ad aware programlarını yükle sırtın yere gelmez.

adware var zaten ama kasper + bonus ne ise yaradigini aydinlatirsan sevinirim

hayalgozlum

adware var zaten ama kasper + bonus ne ise yaradigini aydinlatirsan

gerek konu içersinde gerekse özel mesaj yoluyla paylaşımı forum kurallarınca yasaktır!

hmmm peki bana bunun sayfasini nerden indirecegim i de link olarak verirseniz sevinirim bi bakayim ne ise yariyormus.
tsk

kaspersky kur o halleder
yasal keyde var,konuda...
kaspersky linki burada: