Arkadaşlar bilgisayar yavaş

**madcows7** · #1 17 Nisan 2008, 12:59

bu son bir ay içinde arkadaşlarım bilgisayar extremly yavaş ve birçok şekilde arabası ve onun bir virüs benim sızmak diğer yardımcı giriş heres düşünmek var sayesinde mutluluk duyacağız

Logfile Trend Micro HijackThis v2.0.2 ve
Tarama 4:00:42 at 4/17/2008 kayıtlı
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot modu: Normal

Çalışan süreçleri:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Program Files \ Alwil Software \ Avast4 \ ashDisp.exe
C: \ Program Files \ Common Files \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Windows \ System32 \ CtHelper.exe
C: \ Windows \ System32 \ CTXFIHLP.EXE
C: \ Windows \ System32 \ rundll32.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Windows \ System32 \ CTxfispi.exe
C: \ Users \ İşaretle JR \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Windows \ system32 \ searchfilterhost.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = yaklaşık: boş
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Ayarlar, ProxyOverride = *. yerel
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts: 72.233.61.2 L2authd.lineage2.com
O1 - Hosts: 72.233.61.2 L2testauthd.lineage2.com
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: RealPlayer Download ve Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ (dosya eksik) yiesrvc.dll
O2 - BHO: SSVHelper Sınıf - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-Yardımcı yılında - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - (bf00e119-21a3-4fd1-b178-3b8537e75c92) - C: \ Program Files \ Megaupload \ Mega Yöneticisi \ MegaIEMn.dll
O3 - Toolbar: (no name) - (E0E899AB-F487-11d5-8D29-0050BA6940E3) - (no file)
O4 - HKLM \ .. \ Run: [avast!] C: \ progra ~ 1 \ intern ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe gizle
O4 - HKLM \ .. \ Run: [Tablo Servis] "C: \ Program Files \ GridService \ peer.exe"-n Izgara
O4 - HKLM \ .. \ Run: [VMware-tepsi] "C: \ Program Files \ VMware \ VMware Workstation \ VMware-tray.exe"
O4 - HKLM \ .. \ Run: [VMware hqtray] "C: \ Program Files \ VMware \ VMware Workstation \ hqtray.exe"
O4 - HKLM \ .. \ Run: [Symantec pif AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [UpdReg] C: \ Windows \ UpdReg.EXE
O4 - HKLM \ .. \ Run: [AsioReg] Regsvr32.exe / S CTASIO.DLL
O4 - HKLM \ .. \ Run: [CTHelper] CTHELPER.EXE
O4 - HKLM \ .. \ Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM \ .. \ Run: [CtxfiReg] CTXFIREG.EXE
O4 - HKLM \ .. \ Run: [NvSvc] Rundll32.exe C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [NeroCheck] C: \ Windows \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [InCD] C: \ Program Files \ Ahead \ InCD \ InCD.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Users \ İşaretle JR \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
O4 - HKCU \ .. \ Run: [Buhar] "C: \ Program Files \ buhar \ steam.exe"-sessiz
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O8 - Extra menü öğesi: İndir Mega Yöneticisi'ni kullanarak bağlantı ... - C: \ Program Files \ Megaupload \ Mega Yöneticisi \ mm_file.htm
O9 - Extra düğmesi: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra düğmesi: Yahoo! Hizmetler - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ (dosya eksik) yiesrvc.dll
O10 - Winsock LSP olarak Bilinmeyen dosya: c: \ windows \ system32 \ prxernsp.dll
O13 - Gopher Prefix:
O16 - DPF: (0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75) (CKAVWebScan Nesne) -- http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (YouTube Yükleyiciyi Kontrol) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A) (GameLauncher Kontrol) -- http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: (A4110378-789B-455F-AE86-3A1BFC402853) (ZPA_SHVL Nesne) -- http://zone.msn.com/bingame/zpagames...l.cab55579.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: (FFB3A759-98B1-446F-BDA9-909C6EB18CC7) (PCPitstop Sınavı) -- http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O20 - Winlogon Notify: GoToAssist - C: \ Program Files \ Citrix \ GoToAssist \ 480 \ G2AWinLogon.dll (eksik) dosyası
O23 - Service: avast! iAVS4 Kontrol Servisi (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: # # Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 # # (Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect servisi (CLTNetCnService) - Bilinmeyen sahibi - C: \ Program Files \ Common Files \ Symantec Shared \ (dosya eksik) ccSvcHst.exe
O23 - Service: Creative Service CDROM Access - Creative Technology Ltd - C: \ Windows \ system32 \ CTsvcCDA.exe
O23 - Service: FLEXnet Lisans Servisi - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Yayıncı \ FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, Citrix Systems bir bölümü, Inc - C: \ Program Files \ Citrix \ GoToAssist \ 480 \ g2aservice.exe
O23 - Service: InstallDriver Tablo Yöneticisi (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C: \ Program Files \ Ahead \ InCD \ InCDsrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ progra ~ 1 \ intern Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Uyarı Servisi Ex (LiveUpdate Notice Ex) - Bilinmeyen sahibi - C: \ Program Files \ Common Files \ Symantec Shared \ (dosya eksik) ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MySQL - Bilinmeyen sahibi - C: \ Program.exe (eksik) dosyası
O23 - Service: PnkBstrA - Bilinmeyen sahibi - C: \ Windows \ system32 \ PnkBstrA.exe
O23 - Service: StarWind AE Servisi (StarWindServiceAE) - Bilinmeyen sahibi - C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ StarWind \ StarWindServiceAE.exe (eksik) dosyası
O23 - Service: Buhar Müşteri Servisi - Valve Corporation - C: \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Bilinmeyen sahibi - C: \ Program Files \ VMware \ VMware Workstation \ VMware-ufad.exe (dosya eksik)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc - C: \ Windows \ system32 \ vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - Bilinmeyen sahibi - C: \ Program Files \ Common Files \ VMware \ VMware Virtual Image Editing \ (dosya eksik) vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc - C: \ Windows \ system32 \ vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c: \ wamp \ bin \ Apache \ apache2.2.8 \ bin \ httpd.exe
O23 - Service: wampmysqld - Bilinmeyen sahibi - c: \ wamp \ bin \ MySQL \ mysql5.0.51a \ bin \ mysqld-nt.exe

--
Dosya sonu - 9561 byte

**evilfantasy** · #2 17 Nisan 2008, 15:41

Sizin diğer iki tarama yapmak gerekir BURAYA ve bu günlükleri yazı. Sonra yeni bir HJT tarama ve günlük yazı çalıştırın.

**KanoakaVirus** · #3 17 Nisan 2008, 16:18

Onu kayıt için işler daha kolay ve net olur sor?

**madcows7** · #4 18 Nisan 2008, 15:49

ah var o kullanmak hangi 10 tarayıcıları gibi

**evilfantasy** · #5 18 Nisan 2008, 15:52

SUPERAntiSpyware
Malwarebytes' Anti-Malware (MBAM)

**madcows7** · #6 18 Nisan 2008, 16:32

bana log vermek didnt superantispyware

**evilfantasy** · #7 18 Nisan 2008, 16:34

Kaldırma bilgileri aşağıdaki lütfen almak için:

Yeniden doğmuş sonra, masaüstünüzde çift tıklayın SUPERAntiSpyware simgesi.
Tıklayın Tercihler. Tıklayın İstatistikler / Logs sekmesini seçin.
Tarayıcı Kayıtlar çift altında tıklayın SUPERAntiSpyware Tarama Giriş yapın.
Bu varsayılan metin editöründe (tercihen) Not Defteri açılacaktır.

**madcows7** · #8 18 Nisan 2008, 16:35

SUPERAntiSpyware Scan Girişi
http://www.superantispyware.com

04/18/2008 07:25 at Generated AM

Uygulama Sürüm: 4.0.1154

Temel Kurallar Veritabanı Sürüm: 3441
İz Kurallar Veritabanı Sürüm: 1433

Tarama tipi: Tam Tarama
Toplam Tarama Saat: 00:27:10

Hafıza öğeler taranan: 617
Hafıza tehditleri tespit: 0
Kayıt Defteri öğeleri Taranan: 5920
Kayıt Defteri tehditleri tespit: 0
Dosya öğeleri taranabilir: 29182
Dosya tehditleri tespit: 0