Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...

Rehber: DDU ile Sürücü Kaldırma Rehberi

Display Driver Uninstaller (DDU), zamanla bilgisayara takılan farklı monitörler, üst üste güncellenen sürücüler ve Windows güncellemeleri sonrası biriken kayıt defteri ve sürücü dosyalarını silerek temiz bir sürücü kurulumunun yolunu açan kullanışlı bir araçtır. Adım adım sürücü temizliği...
www.technopat.net www.technopat.net
Rehbere göre dediğimi yapın.
Ersina dedi:
güncelleme mesajı geldiğinde hızlı yükleme diyip yapıyordum
Genişletmek için tıkla...
O şekilde yapılmayacak, sitesinden güncel olanı kendiniz indireceksiniz.
 
Murat5038 dedi:

Rehber: DDU ile Sürücü Kaldırma Rehberi

Display Driver Uninstaller (DDU), zamanla bilgisayara takılan farklı monitörler, üst üste güncellenen sürücüler ve Windows güncellemeleri sonrası biriken kayıt defteri ve sürücü dosyalarını silerek temiz bir sürücü kurulumunun yolunu açan kullanışlı bir araçtır. Adım adım sürücü temizliği...
www.technopat.net www.technopat.net
Rehbere göre dediğimi yapın.

O şekilde yapılmayacak, sitesinden güncel olanı kendiniz indireceksiniz.
Genişletmek için tıkla...
Tamamdır, rehbere göre yapacağım. Çok teşekkür ederim.
 
EmreSploit dedi:
Hello yerine Emre diye hitap edebilir misiniz alındığımdan değil saçma geliyor da :D THE_MİLLER Technopatı bıraktı mı?
Genişletmek için tıkla...
Aklıma maalesef tutamam :) Kullanıcı isminizi değiştirin sıkıntı oluyorsa. MILLER'den bayağıdır haber yok, büyük ihtimal bırakmış olabilir.
 
Sistemimde zararlı yazılım(trojan,rat) olduğunu düşünüyorum. Ayrıca; oyun oynarken performans düşüklüğü oluyor. İncelerseniz sevinirim.
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.295 (ReleaseId: 1903), Service Pack: 0
Time:      17.09.2019 - 01:03 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    COM-2518521121    (group: Administrator) on DESKTOP-ROI667C, FirstRun: yes

Chrome:  76.0.3809.132
Edge:    11.0.18362.267
Internet Explorer: 11.0.18362.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
   1  C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
   1  C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
   1  C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
  15  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
   2  C:\Program Files\COMODO\COMODO Internet Security\cis.exe
   2  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.53.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Users\COM-2518521121\Downloads\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://yandex.com.tr/?clid=2052686
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}: [URL] = http://yandex.com.tr/yandsearch?text={searchTerms}&clid=2052687 - AdTrustMedia Powered by Yandex
O2 - HKLM\..\BHO: IeUrlFilter Class - {2DD257A3-5028-41AE-A1E7-A12F76A08893} - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll
O2-32 - HKLM\..\BHO: IeUrlFilter Class - {2DD257A3-5028-41AE-A1E7-A12F76A08893} - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\COM-2518521121\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/07/22)
O4 - HKCU\..\StartupApproved\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background (2019/07/18)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\COM-2518521121\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/07/18)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2019/07/18)
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [Razer Synapse] = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (2019/07/18)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (2019/08/30)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk    ->    C:\Program Files (x86)\Killer Networking\Network Manager\NetworkManager.exe -minimize (2019/07/18)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [IseUI] = C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4-32 - HKLM\..\Run: [vdcss] = C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe -tray
O17 - DHCP DNS 1: 46.197.15.60
O17 - DHCP DNS 2: 178.233.140.110
O17 - DHCP DNS 3: 176.240.150.250
O23 - Service R2: COMODO Dragon Update Service - (DragonUpdater) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: csssrv - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe -service
O23 - Service R2: isesrv - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe -service
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 25,5 sec. - 16950 bytes, CRC32: FFFFFFFF. Sign: ﱟ�
 
Sistemde zararlı vb. yok. Comodo kullandığınız için performansa etki ediyor olmalı.

Ek olarak bunları fixleyin yine de:
Kod: 
O17 - DHCP DNS 1: 46.197.15.60
O17 - DHCP DNS 2: 178.233.140.110
O17 - DHCP DNS 3: 176.240.150.250
 
Benim sorunum sistem dosyalarının sürekli bozulması ve klavye / fare gecikmesi. Ayrıca çoğu zaman renkler soluklaşıyor. Sonra birden bir PC açıkken düzeliyor. Genelde aynı saatlerde. Windows kurulumundan bir kaç gün sonra sfc /scannow yaptığımda sürekli bozulma alıyorum. Dün de Kaspersky Free kuramayınca paylaşayım istedim.

Sistemde crack hiç bir program yok. Kulandığım müzik, oyun ve video yazılımları hep lisanslı.

Zone Alarm Firewall, Malware Bytes free ve AVG free kurulu. Taramalarda bir sıkıntı çıkmıyor. Eset Rescue CD ile tarama yaptım, o da bir şey bulmadı.

Kod: 
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
   1  C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
   1  C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
   1  C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
   1  C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
   1  C:\Program Files (x86)\RocketDock\RocketDock.exe
   1  C:\Program Files\AVG\Antivirus\AVGSvc.exe
   1  C:\Program Files\AVG\Antivirus\AVGUI.exe
   1  C:\Program Files\AVG\Antivirus\aswEngSrv.exe
   1  C:\Program Files\AVG\Antivirus\aswidsagent.exe
   1  C:\Program Files\AVG\Antivirus\wsc_proxy.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Users\DJ_MuSiCPrO\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\PnkBstrA.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\sppsvc.exe
  63  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

O4 - HKCU\..\Run: [RocketDock] = C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4-32 - HKLM\..\Run: [ZaAntiRansomware] = C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
O4-32 - HKLM\..\Run: [ZoneAlarm] = C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ac082bce-7fad-4c6e-a646-010dde0c8a30}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ac082bce-7fad-4c6e-a646-010dde0c8a30}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Check Point Endpoint EFR - (CPEFR) - C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
O23 - Service R2: Check Point Endpoint Remediation - (RemediationService) - C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
O23 - Service R2: Check Point SandBlast Agent Threat Emulation - (TESvc) - C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe -s
O23 - Service R2: Check Point Sandblast Agent Cipolla - (CpSbaCipolla) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service R2: Check Point Sandblast Agent Updater - (CpSbaUpdater) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: TrueVector Internet Monitor - (vsmon) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -service
O23 - Service R2: ZAAR Update Service - (ZAARUpdateService) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
O23 - Service R2: ZoneAlarm ICM NET Service - (ZA NET ICM Service) - C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: ZoneAlarm Privacy Service - (ZAPrivacyService) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe


--
End of file - Time spent: 12,1 sec. - 13546 bytes, CRC32: FFFFFFFF. Sign

En son dün Kaspersky kuramayınca sfc / scannow yaptım ve bozuk düzeltilemez uyarısı aldım. Bir kaç kez PC'yi yeniden başlatıp denememe rağmen olmadı. Bunun üzerine aşağıdaki komutu kullanarak windows diskinden yaptım;

DISM /Online /Cleanup-Image /RestoreHealth /Source:Z:\sources\install.wim

Yeniden başlatıp sfc /scannow yaptığımda ise dosya bozulması uyarısı almadım. Bu raporuda ondan sonra aldım. Fakat dosyaları ne bozuyor anlamadım. Kaspersky yine kurulamadı ben de AVG kurdum.

Yalnız ilginç bir şey anlatayım; diske normal format atıp windows kurduğumda, C / $Recycle.Bin içerisnde S-1.20........ bu şekilde uzayıp giden bir klasör görüyorum. Henüz internet bağlantısı bile olmamışken. Sanki bir kullanıcı gibi. Ben 2. bir kullanıcı tanımlamıyorum.

Eğer Secure Erase atıp, anakart pilini çıkartıp yeniden bios atıp windows yüklersem, o her ne ise gelmiyor. $Recycle.Bin içi boş.

Son bir sfc /scan yaptım

C:\Windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations
 
Bu kadar güvenlik yazılımı kurmanız sistem hatalarına sebep olması doğaldır. 3/4 Farklı güvenlik yazılımı kurulmaz bir sisteme.
Kaspersky free ve normal güvenlik duvarı açık olması yeterlidir. Checkpoint Endpoint Security ve AVG gereksiz.
 
Oyunlarda ani FPS drop yaşıyorum. Yardım ederseniz sevinirim.

Kod: 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:48:46, on 20.09.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Users\growt\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [BPInstaller.exe_1018890] C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe  -install  -kitpath="C:\WINDOWS\TEMP\bd_DDE2.tmp\pbgDDE3.tmp" /source:web (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [BPInstaller.exe_1018890] C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe  -install  -kitpath="C:\WINDOWS\TEMP\bd_DDE2.tmp\pbgDDE3.tmp" /source:web (User 'Default user')
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service 20.0 (AVP20.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f02a6686365638a8\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f02a6686365638a8\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_30a5b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HotKey Clipboard Service (HKClipSvc) - Insyde Software Corp. - C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_93239c65f222d453\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kaspersky Volume Shadow Copy Service Bridge. 20.0 (klvssbridge64_20.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PowerBiosServer - CLEVO CO. - C:\Program Files (x86)\Hotkey\HotkeyService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: SetupARService - Unknown owner - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Uncheater for BattleGroundsLite_SE (uncheater_bgl) - Wellbia.com Co., Ltd. - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - Unknown owner - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11913 bytes
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
548
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.686
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.001
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.005
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.534
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı