HijackThis Log Paylaşımı ve Çözümleri

ahmet2007 · 8 Mayıs 2024

Paste ofCode

paste.ofcode.org

bilgisayar ilk açıldığında drop giriyor ve windows etkin olmadığı halde kendi kendine bi anda arka plan değişti ve birkaç crackli program indirmiştim

Murat5038 · 10 Mayıs 2024

ahmet2007 dedi:
Bilgisayar ilk açıldığında drop giriyor ve Windows etkin olmadığı halde kendi kendine bir anda arka plan değişti ve birkaç crackli program indirmiştim.

Hosts dosyasını varsayılana sıfırlama - Microsoft Desteği

Bu makalede Hosts dosyasının varsayılanına nasıl sıfırlanacağı açıklanmaktadır.

support.microsoft.com

Host dosyasını sıfırlayın.
Bunun dışında bir sorun gözükmüyor.

penguerde · 28 Mayıs 2024

Paste ofCode

paste.ofcode.org

Bilgisayarın açılış hızı yavaşladı, ekran görüntüsü alma, dosya gezgininde dolaşma vs gibi durumlarda teklemeler var. Yardımcı olursanız çok sevinirim.

Murat5038 · 28 Mayıs 2024

penguerde dedi:
Bilgisayarın açılış hızı yavaşladı, ekran görüntüsü alma, dosya gezgininde dolaşma vs gibi durumlarda teklemeler var. Yardımcı olursanız çok sevinirim.

Temiz önyükleme yapın.
Windows Kits kaldırın. Chrome kaldırıp yeniden yükleyin.
Adobe reader kullanmıyorsanız kaldırın. Onun dışında bir zararlı vb. yok. One drive kullanmıyorsanız onu da kaldırın.

penguerde · 28 Mayıs 2024

Murat5038 dedi:
Temiz önyükleme yapın.
Windows Kits kaldırın. Chrome kaldırıp yeniden yükleyin.
Adobe reader kullanmıyorsanız kaldırın. Onun dışında bir zararlı vb. yok. One drive kullanmıyorsanız onu da kaldırın.

Teşşekkür ederim ilgilniz için. Visual studio kullandığım için sdk ları kaldırmam sağlıklı olmaz diye düşünüyorum. Adobe' yi kaldırdım, One drive' yi kullanıyorum ve Chrome yi de kaldırıp tekrar yükleyeceğim. Bir sorum daha olacaktı. Nasıl yaptığınızı öğrenmek için souyorum, verdiğiniz programların isimlerini neye göre belirlediniz? Kodları biraz inceledim fakat pek bir şey anlayamadım. Tekrardan uğraşınız için teşekkürler.

Murat5038 · 4 Haziran 2024

penguerde dedi:
Kodları biraz inceledim fakat pek bir şey anlayamadım. Tekrardan uğraşınız için teşekkürler.

penguerde dedi:
Visual studio kullandığım için sdk ları kaldırmam sağlıklı olmaz diye düşünüyorum.

Kaldırın doğru kaynaktan yükleyin o zaman imzasız sürücüler yüklemiş nereden yüklediyseniz.
Deneyimle oluyor bunlar, kodla değil

Kod ile herşey olsaydı yapay zeka ile herşeyi yapabilirlerdi.

penguerde · 4 Haziran 2024

Kaldırın doğru kaynaktan yükleyin o zaman imzasız sürücüler yüklemiş nereden yüklediyseniz.

Bilgisayar hocamın attığı ISO dosyasından kurulum yaptım, ondan olsa gerek.

Deneyimle oluyor bunlar, kodla değil Kod ile herşey olsaydı yapay zeka ile herşeyi yapabilirlerdi.

Doğru diyorsunuz

.

TheMustafaC · 8 Haziran 2024

Murat5038 dedi:
Eki Görüntüle 346215

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

Eki Görüntüle 346216

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

Eki Görüntüle 346202

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
Eki Görüntüle 346203

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

Eki Görüntüle 346206

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Eki Görüntüle 346207
Kod'a tıklayın.

Eki Görüntüle 346208

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
Eki Görüntüle 346212

benim pc de trafcyn var ve bir türlü kaldıramıyorum en son bu programı önerdiler görev yöneticisinden google a baktığım zaman (18-19) yeri geliyor hatta (309 bile gözüküyor arkada çalışan trafcyn sekmeler avg otomatik olarak engelliyor yoksa pop up olarak karşıma çıkıcak

Kod:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:50:14, on 8.06.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.4355)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\AVG\AntiTrack\AVGAntiTrack.exe
C:\Program Files (x86)\AVG\AntiTrack\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVG\AntiTrack\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVG\AntiTrack\EKAG20NT.EXE
C:\Program Files (x86)\AVG\AntiTrack\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVG\AntiTrack\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVG\AntiTrack\CefSharp.BrowserSubprocess.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Users\ITOPYA\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ed.yeditepe.edu.tr/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11TRTR/MCM_WCP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [WPSTool] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Autodesk Genuine Service ] C:\Program Files\Autodesk\Genuine Service\GenuineService.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ITOPYA\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\92.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKCU\..\Run: [Snap Camera] "C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe" --minimized-mode
O4 - HKCU\..\Run: [LGHUB] "C:\Program Files\LGHUB\lghub.exe" --background
O4 - HKCU\..\Run: [com.squirrel.WhatsApp.WhatsApp] C:\Users\ITOPYA\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_437DEB4DF9AE5953DEF8F4B819B9431B] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [EpicGamesLauncher] "D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKCU\..\Run: [Mathworks Service Host] C:\Users\ITOPYA\AppData\Local\MathWorks\ServiceHost\v2024.4.0.2\bin\win64\MathWorksServiceHost.exe service --realm-id companion@prod@production
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\92.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKUS\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKUS\S-1-5-80-2079297812-3395903788-2019235919-340588434-3960611093\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SQLTELEMETRY$TEW_SQLEXPRESS')
O4 - HKUS\S-1-5-80-2079297812-3395903788-2019235919-340588434-3960611093\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$TEW_SQLEXPRESS')
O4 - HKUS\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'MSSQL$SQLEXPRESS')
O4 - HKUS\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\92.0.0.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\92.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Global Startup: AVG Secure VPN.lnk = C:\Program Files\AVG\Secure VPN\Vpn.exe
O4 - Global Startup: SOLIDWORKS 2023 Hızlı Başlangıç.lnk = ?
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{a3aff727-64d9-4b91-a36a-a7b1871a8f7a}: NameServer = 100.122.0.0
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop Licensing Service (AdskLicensingService) - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe
O23 - Service: Autodesk Access Service Host - Autodesk, Inc. - C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
O23 - Service: AVG Antivirus - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG BreachGuard (AVG BreachGuard Service) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\BreachGuard\bgsvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service: AVG Tools - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: AVG AntiTrack Service (AVGAntiTrackSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AntiTrack\AntiTrackSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: AVG TuneUp (CleanupPSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\TuneUp\TuneupSvc.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3d62ea - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: AVG Driver Updater (DriverUpdSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Driver Updater\DriverUpdSvc.exe
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) - Epic Games, Inc. - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.142\elevation_service.exe
O23 - Service: GoogleUpdater InternalService 127.0.6490.0 (GoogleUpdaterInternalService127.0.6490.0) (GoogleUpdaterInternalService127.0.6490.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe
O23 - Service: GoogleUpdater Service 127.0.6490.0 (GoogleUpdaterService127.0.6490.0) (GoogleUpdaterService127.0.6490.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - Sophos B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HoudiniLicenseServer - Side Effects Software Inc. - C:\WINDOWS\system32\sesinetd.exe
O23 - Service: HoudiniServer - Side Effects Software Inc. - C:\WINDOWS\system32\hserver.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\1.00.35\LightingService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: MBVpnTunnelService - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_eed7905c74f2d7e6\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Solver for COSMOSFloWorks 2008 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1e9988599adb3e80\RtkAudUService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: AVG Secure VPN (SecureVPN) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Secure VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: SAMSUNG Mobile Connectivity Service V2 (ss_conn_service2) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
O23 - Service: SWVisualize2023.Queue.Server - Dassault Systèmes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Uncheater for BattleGrounds_GL (ucldr_battlegrounds_gl) - Wellbia.com Co., Ltd. - C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zakynthos Service (zksvc) - PUBG Corporation - C:\Program Files\Common Files\PUBG\zksvc.exe

--
End of file - 18719 bytes

lochos · 8 Haziran 2024

Birkaç gün önce CS oynarken fare kendi kendine hareket etmeye ve ileri geri oynamaya başladı. Kendi kendine masaüstüne geçti ve farenin kontrolünü alamadım. 1 saat içinde Format attım ama ne kadar işe yaradı bilmiyorum. Bi bakabilir misiniz?

Kod:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 22:39:33, on 8.06.2024

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.22621.3527)





Boot mode: Normal



Running processes:

C:\Users\ezgis\Downloads\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 必应

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 必应

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 必应

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=

O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\BHO\ie_to_edge_bho.dll

O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_1811F39578773FEF2C20457F896A148E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

O23 - Service: Intel  SGX AESM (AESMService) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_2b5cc6321ee5f534\aesm_service.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @oem23.inf,%AcpiBridge1.SVCDESC%;Control Center Hotkey Service (CCDCHUService) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\acpibridge1.inf_amd64_2a0208b3676c8a9c\DCHUService.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_23a1c1315f01c788\IntelCpHeciSvc.exe

O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_23a1c1315f01c788\IntelCpHDCPSvc.exe

O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)

O23 - Service: CredentialEnrollmentManagerUserSvc_76728 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)

O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\Windows\System32\GameInputSvc.exe (file missing)

O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe

O23 - Service: GoogleUpdater InternalService 127.0.6490.0 (GoogleUpdaterInternalService127.0.6490.0) (GoogleUpdaterInternalService127.0.6490.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

O23 - Service: GoogleUpdater Service 127.0.6490.0 (GoogleUpdaterService127.0.6490.0) (GoogleUpdaterService127.0.6490.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4789e47f6228caeb\OneApp.IGCC.WinService.exe

O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_71cc42bf8b620f67\igfxCUIService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe

O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)

O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe

O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)

O23 - Service: @oem27.inf,%ServiceName%;UWP RPC Service (UWPService) - Creative Technology Ltd - C:\Windows\SysWOW64\Creative.UWPRPCService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)



--

End of file - 8398 bytes

Murat5038 · Çarşamba 08:42

TheMustafaC dedi:
Benim PC'de trafcyn var ve bir türlü kaldıramıyorum en son bu programı önerdiler görev ...

Trafcn dediğin ney? Dediğinden bir şey anlaşılmıyor.
Sistemde zararlı yok. Sadece sorun oluşturabilecek SpyHunter, AVG yazılımları var onları kaldırın.
Solidworks yasal kullanıyorsanız şüpheli başka bir durum yok.

lochos dedi:
1 saat içinde Format attım ama ne kadar işe yaradı bilmiyorum. Bir bakabilir misiniz?

Format sonrası zararlı bir durum gözükmüyor. Bu raporu sorunlu sistemde çıkartmanız gerekirdi.
Antivirüs çözümlerinden birini kullanın korunmak istiyorsanız. Eski bir OS kullanıyor gibisiniz sisteminiz yeterliyse Win 10/11 geçmeniz daha sağlıklı olur.

HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

ahmet2007

Hectopat

Paste ofCode

Murat5038

Yottapat!

Hosts dosyasını varsayılana sıfırlama - Microsoft Desteği

penguerde

Hectopat

Paste ofCode

Murat5038

Yottapat!

penguerde

Hectopat

Murat5038

Yottapat!

penguerde

Hectopat

TheMustafaC

Hectopat

HiJackThis

HiJackThis

lochos

Zeptopat

Murat5038

Yottapat!

Benzer konular

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz