Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Selamlar hocam. Film siteleri ve öncesinde indirdiğim korsan oyunlar nedeniyle Malware varlığından şüpheleniyorum. Halihazırda AV kullanıyorum zaten ama içim rahat etmedi. Müsait bir vaktinizde raporuma bakarsanız sevinirim.
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.19042.1083 (ReleaseId: 2009), Service Pack: 0
Time:      13.07.2021 - 16:58 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    pc    (group: Administrator) on DESKTOP-3NDVFHJ, FirstRun: yes

Chrome:  91.0.4472.124
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   1  C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21052.122.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21061.10121.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Users\pc\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0366490.inf_amd64_c0dea8a43cb81731\B366217\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0366490.inf_amd64_c0dea8a43cb81731\B366217\atiesrxx.exe
  10  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.67\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.67\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\StartupApproved\Run: [com.squirrel.Teams.Teams] = C:\Users\pc\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" (2020/06/09)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk    ->    C:\Users\pc\AppData\Roaming\Twitch\Bin\Twitch.exe /startup (2020/07/13)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (2019/10/23)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/02/25)
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{36090c50-880a-4476-832f-28e0a3e11721}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{36090c50-880a-4476-832f-28e0a3e11721}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3609187233-276318567-930105902-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-3609187233-276318567-930105902-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMD ThankingURL - C:\Program Files\AMD\CIM\Bin64\Setup.exe -LAUNCHTHQURL
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0366490.inf_amd64_c0dea8a43cb81731\B366217\atiesrxx.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe  (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe


--
End of file - Time spent: 10,8 sec. - 24606 bytes, CRC32: FFFFFFFF. Sign: 퓨
 
yolcuhan dedi:
-"AV olmadan denediniz mi?" derken anlamadım.
Genişletmek için tıkla...
AC eset yani Olmadan denendi mi?
yolcuhan dedi:
-Eset normal sürümünü kullanıyordum normalde ama 6-7 ay öncesinde endpointi kullanmaya başladım özel bir sebebi yok.
Genişletmek için tıkla...
Normali kullanın lisansınız yoksa.
yolcuhan dedi:
Kusura bakmayın biraz uzun oldu ve zamanınızı aldım, hakkınızı helal edin.
Genişletmek için tıkla...
Estağfirullah. Gereksiz uzun yazmadığınız sürece okunaklıysa uzun yakmak tam tersi yararlıdır.

Dediklerimi fixlemeni yapıldıysa bunu da uygulayın dediğim gibi yazılımsal ve dnanımsal bakımları yaptırın.
Bunları yükleyin:
Arrandale0 dedi:
Murat hocam biliyorsunuz bende kapserksy tarama yaparken ya da hiçbir şey yapılmasa bile 13 dk sonra donuyor. Yaklaşık 2 hafta önce tekrar kurmuştum sorun aynıydı. Bende güvenli modda tam tarama yaptım " heur trojan winlnk. Rundel. B" adlı bir trojan buldu ve sildim ama sorun hala devam ediyor.
Malware şüphem var.
Atarsam bakar mısınız?
Genişletmek için tıkla...
Bakarım tabi, onları dedikten sonra bile atabilirdin sormaya gerek yok :) Birşey görünmeyecek büyük ihtimal Kaspersky devamlı koruduğundan onun takılmaları olabilir sizde de ama bakalım bir.
231561 dedi:
Halihazırda AV kullanıyorum zaten ama içim rahat etmedi. Müsait bir vaktinizde raporuma bakarsanız sevinirim.
Genişletmek için tıkla...
Bunları fixleyin. Zararlı yok dediğiniz gibi. Sadece tek sorum var GTA üreticisine ait bişey yüklü değilse Rockstar klasörü içlerini denetleyin. Yüklü ise sıkıntı yok.
Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.67\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\StartupApproved\Run: [com.squirrel.Teams.Teams] = C:\Users\pc\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" (2020/06/09)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk    ->    C:\Users\pc\AppData\Roaming\Twitch\Bin\Twitch.exe /startup (2020/07/13)
O4 - HKLM\..\StartupApproved\Run32: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (2019/10/23)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/02/25)
O15 - Trusted Zone: *.localhost
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3609187233-276318567-930105902-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-3609187233-276318567-930105902-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMD ThankingURL - C:\Program Files\AMD\CIM\Bin64\Setup.exe -LAUNCHTHQURL
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
 
Son düzenleme:
Murat5038 dedi:
Bunları fixleyin. Zararlı yok dediğiniz gibi. Sadece tek sorum var GTA üreticisine ait bir şey yüklü değilse Rockstar klasörü içlerini denetleyin. Yüklü ise sıkıntı yok.
Genişletmek için tıkla...
İlginiz için teşekkür ederim. Belirttiğiniz satırları fixledim.

Rockstar'a ait uygulamalarım vardı ama yine de işimi garantiye alıp ilgili klasörleri kontrol ettim. Sorun yok gibi gözüküyor. Herhangi bir uyarı da almadım taramalarda. Tekrardan teşekkürler.
 
Son düzenleyen: Moderatör:
Murat5038 dedi:
AC eset yani Olmadan denendi mi?

Normali kullanın lisansınız yoksa.

Estağfirullah. Gereksiz uzun yazmadığınız sürece okunaklıysa uzun yakmak tam tersi yararlıdır.

Dediklerimi fixlemeni yapıldıysa bunu da uygulayın dediğim gibi yazılımsal ve dnanımsal bakımları yaptırın.
Bunları yükleyin:
Genişletmek için tıkla...
Tekrar merhabalar, kaç gündür şu sistemle uğraşıyorum. Bugün tekrar bir kaç malware programı ile önce normal sonra güvenli mod da tarattım iki tane problem buldu ve sildim. Ama yine de netteki yavaşlamaya olumlu etkisi olmadı. Sonra endpointi kaldırayım dedim ve sorunlar başladı programlardan silinmesine rağmen arka planda çalışmayı sürdürdü, technopat.net ten program kaldırma aygıtını indirdim, normal mod da silemedi güvenli mod da denedim sildi. Lakin ben yine de emin olmak adına tekrar format attım. Nette halen bir ağırlık vardı amma sizin şu son -"bunları yükleyin", dediklerinizden sonra galiba biraz daha iyi oldu. Halen tam anlamış değilim neden yavaşladı bu kadar.
Teşekkürler yardımlarınız için.
Formattan sonraki hali ise aşağıda.

Paste ofCode

paste.ofcode.org paste.ofcode.org
 
Son düzenleme:
Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Gülşah&Murat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Intel PTT EK Recertification - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

İnternet ile ilgili yeni konu açıp sorabilirsiniz. Yazılımsal gözükmüyor. Sürücülerinizi güncellemeyi deneyebilirsiniz. Sürücü bulucu vb. kulalnıyorsanız bu da etkiler.
 
Kod: 
 1  C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
   1  C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
   1  C:\Program Files (x86)\PHotkey\HCSynApi.exe
   1  C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
   1  C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
   1  C:\Program Files (x86)\PHotkey\PHotkey.exe
   1  C:\Program Files (x86)\PHotkey\POsd.exe
   1  C:\Program Files (x86)\PHotkey\PVDAgent.exe
   1  C:\Program Files (x86)\PHotkey\PVDesktop.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Users\PC\Desktop\HiJackThis.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  11  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskeng.exe
   1  C:\Windows\System32\taskhost.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=237&clid=2255506-966
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\19A5A0D04D1968ABD019FF34DBD72622: [URL] = https://haber.yandex.com.tr/search/?rpt=nnews2&grhow=clutop&win=237&clid=2255507-966&text={searchTerms} - Yandex.Haberler
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\4A35A604FDCD5E9350DABD51DB4FCC50: [URL] = https://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [URL] = https://gorsel.yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [URL] = https://video.yandex.com.tr/#search?win=237&clid=2255507-966&text={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL] =  - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [URL] = https://yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex
O1 - Hosts: is empty
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - MSConfig\startupreg: EpicGamesLauncher [command] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (HKCU) (2021/05/27)
O4 - MSConfig\startupreg: TuneupUI.exe [command] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui (HKLM) (2021/04/24) (file missing)
O4 - MSConfig\startupreg: cmsc [command] = c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun (HKLM) (2020/05/03) (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachinecore1d3f824f3535ac9 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachineua - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) {1BC38D72-82AA-417F-89AE-C44E7EADC7E7} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {95543615-B7E3-4BFA-A43F-11AA62878517} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {EFB56893-E201-4B26-8B17-A14A4C730165} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (file missing)
O22 - Task: \Games\UpdateCheck_S-1-5-21-3383503878-2164740582-3198765699-1000 - {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} - C:\Windows\System32\gameux.dll
O22 - Task: {6D897C67-9646-4F6A-BC43-9F2803F18657} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Downloads\GameDownload_gamedownload_i18n_hw-by6_100505_1.0.8746.123.exe -d C:\Users\PC\Downloads
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service R2: GFNEX Service - (GFNEXSrv) - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service S2: CodeMeter Runtime Server - (CodeMeter.exe) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe  (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

Bu arada şuan CCleaner ve Avast TuneUp ve MEGA kullanmıyorum hocam.
Şimdiden teşekkür ederim.
 
Arrandale0 dedi:
Bu arada şuan CCleaner ve Avast TuneUp ve MEGA kullanmıyorum hocam.
Genişletmek için tıkla...
Tuneup kullandıysanız bu etkileyebilir. Dikkatli kullanılmadığında sistemin içine edebiliyor.

Bunları bir fixleyin bakalım:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=237&clid=2255506-966
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\19A5A0D04D1968ABD019FF34DBD72622: [URL] = https://haber.yandex.com.tr/search/?rpt=nnews2&grhow=clutop&win=237&clid=2255507-966&text={searchTerms} - Yandex.Haberler
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\4A35A604FDCD5E9350DABD51DB4FCC50: [URL] = https://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [URL] = https://gorsel.yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [URL] = https://video.yandex.com.tr/#search?win=237&clid=2255507-966&text={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL] =  - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [URL] = https://yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex
O1 - Hosts: is empty
O4 - MSConfig\startupreg: TuneupUI.exe [command] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui (HKLM) (2021/04/24) (file missing)
O4 - MSConfig\startupreg: cmsc [command] = c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun (HKLM) (2020/05/03) (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachinecore1d3f824f3535ac9 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachineua - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) {1BC38D72-82AA-417F-89AE-C44E7EADC7E7} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {95543615-B7E3-4BFA-A43F-11AA62878517} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {EFB56893-E201-4B26-8B17-A14A4C730165} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: {6D897C67-9646-4F6A-BC43-9F2803F18657} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Downloads\GameDownload_gamedownload_i18n_hw-by6_100505_1.0.8746.123.exe -d C:\Users\PC\Downloads
O23 - Service S2: CodeMeter Runtime Server - (CodeMeter.exe) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (file missing)
 
Murat5038 dedi:
Tuneup kullandıysanız bu etkileyebilir. Dikkatli kullanılmadığında sistemin içine edebiliyor.

Bunları bir fixleyin bakalım:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=237&clid=2255506-966
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\19A5A0D04D1968ABD019FF34DBD72622: [URL] = https://haber.yandex.com.tr/search/?rpt=nnews2&grhow=clutop&win=237&clid=2255507-966&text={searchTerms} - Yandex.Haberler
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\4A35A604FDCD5E9350DABD51DB4FCC50: [URL] = https://www.google.com/search?q={searchTerms} - Google.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6365B8DF809DF887C1DED4B8A2562514: [URL] = https://gorsel.yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6C993DFD6239673D506795AF0D1D5F3E: [URL] = https://video.yandex.com.tr/#search?win=237&clid=2255507-966&text={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL] = - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05D40DF8-3B39-461F-9EC1-FD68E875202A}: [URL] = https://yandex.com.tr/search/?win=237&clid=2255507-966&text={searchTerms} - Yandex.
O1 - Hosts: is empty.
O4 - MSConfig\startupreg: TuneupUI.exe [command] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui (HKLM) (2021/04/24) (file missing)
O4 - MSConfig\startupreg: cmsc [command] = c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun (HKLM) (2020/05/03) (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (disabled) (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachinecore1d3f824f3535ac9 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) googleupdatetaskmachineua - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler.
O22 - Task: (disabled) {1BC38D72-82AA-417F-89AE-C44E7EADC7E7} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {95543615-B7E3-4BFA-A43F-11AA62878517} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (disabled) {EFB56893-E201-4B26-8B17-A14A4C730165} - C:\Users\PC\Desktop\Minecraft.exe (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: {6D897C67-9646-4F6A-BC43-9F2803F18657} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Downloads\GameDownload_gamedownload_i18n_hw-by6_100505_1.0.8746.123.exe -d C:\Users\PC\Downloads
O23 - Service S2: CodeMeter Runtime Server - (CodeMeter.exe) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (file missing)
Genişletmek için tıkla...

Bunları fixlemeden önce de başta yazdığınız adımları uyguluyorum değil mi?
 
Arrandale0 dedi:
Bunları fixlemeden önce de başta yazdığınız adımları uyguluyorum değil mi?
Genişletmek için tıkla...
Başta dediğim bir şey yok size diğer kişilerin alıntılarını kaırştırmayın :) Tuneup filan kaldırın.
Sonra fixleyin.
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
548
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.687
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.001
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.006
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.538
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı