Rehber HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 13 Ekim 2013

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Kod'a tıklayın.

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.

102035 · 4 Ocak 2020

Konuyla alakasız ancak SystemLookup yerine daha detaylı, hijackthis.de benzeri bu logları kontrol edeceğimiz site veya yazılım mevcut mudur? hijackthis.de erişime kapatılmış. Gerçi bu tarz yardımcı sitelere gerek duymuyorum fazla ama şüpheli bir şey gördüğümde kullanıcıdan dosyayı paylaşmasını istemek yerine dosyayı kontrol etmek daha güvenilir hissettiriyor.
@Murat5038

Murat5038 · 4 Ocak 2020

ilkansmsrl dedi:
hxoutlook.exe'nin zararlı olma ihtimali var mı ?

Hayır yok, MS üreticisi.

102035 dedi:
bu logları kontrol edeceğimiz site veya yazılım mevcut mudur?

Logları sitelerden kontrol etmiyoruz. En azından ben etmiyorum Bilgim dahilinde onarılacakları belirtiyorum.

102035 dedi:
kullanıcıdan dosyayı paylaşmasını istemek yerine dosyayı kontrol etmek daha güvenilir hissettiriyor.

Dosyayı isimle Google aramasıyla bulabilirsiniz genel bir adı yoksa dosya isteyip veya VT raporuyla kontrol edebilirsiniz.
Alternatif zararlı tanımlama yazılımlarını rehberlerimi biliyor olman lazım onları alternatif olarak arada kullandırıyorum kişilere.

102035 · 4 Ocak 2020

Murat5038 dedi:
Logları sitelerden kontrol etmiyoruz. En azından ben etmiyorum Bilgim dahilinde onarılacakları belirtiyorum.

Ben henüz yeni Hijackthis'in mantığını anladığımdan, bazı satırları kontrol etme gereksinimi duyuyorum emin olmak için. Halen doğru olduğuna emin olduğum halde satırları fixletirken tedirgin oluyorum istemsizce.

Murat5038 dedi:
Alternatif zararlı tanımlama yazılımlarını rehberlerimi biliyor olman lazım onları alternatif olarak arada kullandırıyorum kişilere.

Biliyorum, dediğim gibi demek istediğim o değildi. Yanlış ifade etmişim kendimi.

Orada asıl demek istediğim bu tür sitelerin databaseine bakıp süreci hızlandırmakla ilgiliydi. Zira kullanıcı bazen nasıl upload edeceğini anlamıyor, bazı işlemleri nasıl yapacağını bilmiyor. Bu da yaklaşık olarak yarım saat, kırk beş dakikalık yanıt gecikmelerine sebep oluyor.

Bana verilen, indirdiğim dosyayı Kaspersky Advisor, virustotal üzerinden kontrol ediyorum. Gereken durumlarda Hybrid Analysis veya kendi sanal makinem üzerinden genelde dinamik olarak analiz ediyorum. Regshot, Process Hacker, Capture Bat, Autoruns gibi çeşitli yazılımlarla.

raja70 · 5 Ocak 2020

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time:      05.01.2020 - 14:20 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    süleyman    (group: Administrator) on LAPTOP-7T6C30UQ, FirstRun: no

Chrome:  79.0.3945.88
Edge:    11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
  10  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
   3  C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
   1  C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
   1  C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
   1  C:\Program Files\CONEXANT\SAII\SmartAudio.exe
   1  C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
   1  C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
   1  C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
   1  C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
   1  C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
   1  C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
   1  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
   1  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
   1  C:\Users\süleyman\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
   1  C:\Users\süleyman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\süleyman\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\CxAudMsg64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SASrv.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\Taskmgr.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   3  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  78  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://lenovo17win10.msn.com/?pc=LCTE
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: is empty
O4 - HKCU\..\Run: [OneDrive] = C:\Users\süleyman\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2018/09/06)
O4 - HKLM\..\Run: [DAX2_APP] = C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe -Hide
O4 - HKLM\..\Run: [ForteConfig] = C:\Program Files\Conexant\ForteConfig\fmapp.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [ShadowPlay] = C:\Windows\system32\nvspcap64.dll C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [cAudioFilterAgent] = C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\StartupApproved\Run: [LenovoUtility] = C:\Program Files\Lenovo\LenovoUtility\utility.exe (2019/07/26)
O4 - HKLM\..\StartupApproved\Run: [SmartAudio] = C:\Program Files\CONEXANT\SAII\SACpl.exe /t /delay:30 (2018/09/06)
O17 - DHCP DNS 1: 178.233.140.110
O17 - DHCP DNS 2: 46.197.15.60
O17 - DHCP DNS 3: 176.240.150.250
O18 - HKLM\Software\Classes\Protocols\Handler\sacore: [CLSID] = {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O23 - Service R2: Conexant Audio Message Service - (CxAudMsg) - C:\WINDOWS\system32\CxAudMsg64.exe
O23 - Service R2: Conexant SmartAudio service - (SAService) - C:\WINDOWS\system32\SAsrv.exe
O23 - Service R2: CxUtilSvc - C:\Program Files\Conexant\SAII\CxUtilSvc.exe
O23 - Service R2: Dolby DAX2 API Service - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe


--
End of file - Time spent: 31,9 sec. - 21006 bytes, CRC32: FFFFFFFF. Sign: 㫤뷕

%100 disk sorunu ve kasma var sorun nedir sizce?

birtanıdık · 5 Ocak 2020

Performans düşüşü yaşıyorum sorun nedir acaba ?

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time:      05.01.2020 - 14:27 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Yavuz    (group: Administrator) on DESKTOP-30563B6, FirstRun: yes

Edge:    11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Users\Yavuz\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\GIGABYTE\SmartSwitch\GSBSVR.exe
   1  C:\Program Files\GIGABYTE\SmartSwitch\GSmartSwitch.exe
   1  C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
   1  C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
   1  C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
   1  C:\Program Files\Logitech Gaming Software\LCore.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingApp_1912.1001.6.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19111.85.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
   1  C:\Users\Yavuz\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\pacjsworker.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  76  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 redshell.io.
O1 - Hosts: 127.0.0.1 api.redshell.io.
O1 - Hosts: 127.0.0.1 treasuredata.com.
O1 - Hosts: 127.0.0.1 api.treasuredata.com.
O1 - Hosts: 127.0.0.1 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 redshell.io.
O1 - Hosts: 0.0.0.0 api.redshell.io.
O1 - Hosts: 0.0.0.0 treasuredata.com.
O1 - Hosts: 0.0.0.0 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 api.treasuredata.com
O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Yavuz\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/10/29)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2019/11/24)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Yavuz\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/10/29)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Yavuz\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2019/10/29)
O4 - HKCU\..\StartupApproved\Run: [Steam] = D:\steam\steam.exe -silent (2019/10/29)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\Yavuz\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2019/11/24)
O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run: [UrbanVPN] = C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe /checknow -minuseractions -startappfirst -restartapp "C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe" (file missing) (2019/11/24)
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 192.168.1.1
O23 - Service R2: GamingServices - C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: GamingServicesNet - C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: GigabyteStartButtonService - C:\Program Files\GIGABYTE\SmartSwitch\GSBSVR.exe
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: UrbanVPNServiceInteractive - C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: UrbanVPNUpdater - C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe /runservice


--
End of file - Time spent: 18,1 sec. - 16424 bytes, CRC32: FFFFFFFF. Sign: ⶈ㆖

kakaolupuding · 5 Ocak 2020

Bilgisayarda birşeyler cidden yanlış gidiyormuş gibi geliyor.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.18363.535 (ReleaseId: 1909), Service Pack: 0
Time:      05.01.2020 - 23:33 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    FarukMan    (group: Administrator) on XIAOMIGINEER, FirstRun: no

Chrome:  79.0.3945.88
Edge:    11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  10  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Nox\bin\nox_adb.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
   1  C:\Program Files (x86)\Steam\Steam.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
   1  C:\Program Files\Bitdefender Agent\ProductAgentService.exe
   1  C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
   3  C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
   1  C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
   3  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.113.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Users\Ömer Faruk\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\Ömer Faruk\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\esif_uf.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\ICEsoundService64.exe
  10  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   3  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\drivers\AdminService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  86  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\Temp\DPTF\esif_assist_64.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2261465 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2261465 - Yandex
O2 - HKLM\..\BHO: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll
O2 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2-32 - HKLM\..\BHO: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2-32 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O3 - HKLM\..\Toolbar: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll
O3-32 - HKLM\..\Toolbar: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Ömer Faruk\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O9 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll
O9-32 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O17 - DHCP DNS 1: 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 2: 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C98CD17-3A69-4864-BD36-4EE9A153602B}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C98CD17-3A69-4864-BD36-4EE9A153602B}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O22 - Task (.job): (Ready) update-S-1-5-21-2031535808-1963324558-1869793640-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Ready) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AtherosSvc - C:\WINDOWS\System32\drivers\AdminService.exe
O23 - Service R2: Bitdefender Auxiliary Service - (BDAuxSrv) - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe "settings/services/configs/bdauxsrv_config.json"
O23 - Service R2: Bitdefender Cihaz Yönetim Servisi - (DevMgmt Servisi) - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service R2: Bitdefender Desktop Update Service - (UPDATESRV) - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe /service
O23 - Service R2: Bitdefender Protected Service - (BDProtSrv) - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe "settings\services\configs\bdprotsrv_config.json"
O23 - Service R2: Bitdefender RedLine Service - (bdredline) - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service R2: Bitdefender Virus Shield - (VSSERV) - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe "settings/services/configs/bdshieldsrv_config.json"
O23 - Service R2: ESIF Upper Framework Service - (esifsvc) - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service R2: ICEsound Service - (ICEsoundService) - C:\WINDOWS\system32\ICEsoundService64.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: ProductAgentService - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\WINDOWS\system32\EasyAntiCheat.exe  (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe


--
End of file - Time spent: 23,5 sec. - 22644 bytes, CRC32: FFFFFFFF. Sign: ᙘ櫓

Yardımcı olabilirmisiniz?

karayel34 · 7 Ocak 2020

Murat5038 dedi:
https://support.microsoft.com/en-us/help/4529964/windows-10-update-history
Burada sol altta sürümü takip edebilirsin şu an sonu 535 ile biten sürüm çıkmış ortalama 1 ay sonra tekrar güncellenecek o zaman yaparsın.

@Murat5038 Merhaba hocam. Yaklaşık 1 ay önce sonu 535 ile biten sürüm tekrar güncellenecek demiştiniz. Bende bekledim. Şuan benim kullandığım 1903 sürümü. Dediğiniz sayfada: 10 Aralık 2019—KB4530684 (İS Derlemesi 18362.535 ve 18363.535) sol alt en üste bu sürüm çıkmış.
1 ay sonra tekrar güncellenecek dediğiniz sürüm bu mu?

https://support.microsoft.com/tr-tr/help/4529964/windows-10-update-history

Benim Windows uptade sayfamda: İsteğe bağlı güncelleştirmelerde Windows 10, sürüm 1909 özellik güncelleştirmesi hala duruyor.

Bu isteğe bağlı güncelleştirmeyi şimdi yapayım mı?
Ayrıca Windows update - Gelişmiş seçenek ayarlarımın böyle mi olması lazım? Ben hiç kurcalamadım.

SLYMN · 10 Ocak 2020

Merhaba, oyunlarda CPU yetersizliği yaşıyorum.

Paste ofCode

paste.ofcode.org

kakaolupuding · 10 Ocak 2020

SLYMN dedi:
Merhaba, oyunlarda CPU yetersizliği yaşıyorum.

Paste ofCode

paste.ofcode.org

Trend Micro Hijackthis değil. By Alex Dragokas Hijackthis Fork kullanman gerekli.
Bu link üzerinden indirebilirsin: MajorGeeks - By Alex Dragokas Hijackthis Fork 2.9.0.18

SLYMN · 10 Ocak 2020

kakaolupuding dedi:
Trend Micro Hijackthis değil. By Alex Dragokas Hijackthis Fork kullanman gerekli.
Bu link üzerinden indirebilirsin: MajorGeeks - By Alex Dragokas Hijackthis Fork 2.9.0.18

doğru olanı indirdim teşekkürler.

Rehber HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

102035

Kilopat

Murat5038

Yottapat!

102035

Kilopat

raja70

Centipat

birtanıdık

Decapat

kakaolupuding

Kilopat

karayel34

Hectopat

SLYMN

Kilopat

Paste ofCode

kakaolupuding

Kilopat

Paste ofCode

SLYMN

Kilopat

Benzer konular