Rehber HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 13 Ekim 2013

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Kod'a tıklayın.

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.

raver · 17 Mart 2020

pardon tamamı bu;

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Enterprise 2015 LTSB), 10.0.17763.1098 (ReleaseId: 1809), Service Pack: 0
Time:      16.03.2020 - 16:54 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    SeLim    (group: Administrator) on DESKTOP-I211Q8I, FirstRun: yes

Chrome:  80.0.3987.132
Firefox: 74.0.0.7373
Internet Explorer: 11.0.17763.771
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
  21  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\ESET\ESET Security\eguiProxy.exe
   1  C:\Program Files\ESET\ESET Security\ekrn.exe
  12  C:\Program Files\Mozilla Firefox\firefox.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Users\SeLim\Desktop\HiJackThis.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  62  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiApSrv.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\explorer.exe
   1  E:\Process Explorer v16.21\procexp64.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 acdid.acdsystems.com
O2 - HKLM\..\BHO: (no name) - AutorunsDisabled - (no file)
O2-32 - HKLM\..\BHO: (no name) - AutorunsDisabled - (no file)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
O4 - HKLM\..\SafeBoot: [AlternateShell] = (no file) (disabled)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - User Startup: C:\Users\SeLim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled (folder)
O9-32 - Button: HKLM\..\AutorunsDisabled: (no name) - (no file)
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\     AcronisDrive: (no name) - {5D74FD4B-4EFB-4586-8022-8637BBE40970} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\     AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\     AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\     AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE


--
End of file - Time spent: 14,6 sec. - 10062 bytes, CRC32: FFFFFFFF. Sign: 𣏕

Murat5038 · 17 Mart 2020

Tamamdır dediklerimi fixleyin yeterli.

Perceival · 19 Mart 2020

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18363.720 (ReleaseId: 1909), Service Pack: 0
Time:      19.03.2020 - 13:07 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    hasan    (group: Administrator) on DESKTOP-VDKH0O3, FirstRun: yes

Chrome:  80.0.3987.132
Edge:    11.0.18362.719
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
   1  C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
   1  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avpui.exe
   1  C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
   1  C:\Program Files\AMD\Performance Profile Client\RyzenMaster\AUEPRyzenMasterAC.exe
   3  C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe
   1  C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_1.39.6001.0_x64__8wekyb3d8bbwe\GamingServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_1.39.6001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
   6  C:\Users\hasan\AppData\Local\Discord\app-0.0.306\Discord.exe
   1  C:\Users\hasan\Desktop\HiJackThis.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  77  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiApSrv.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  D:\Launcher\Launcher.exe
   1  D:\Launcher\LauncherPatcher.exe
   1  D:\Launcher\RockstarService.exe
   1  D:\Steam\Steam.exe
   7  D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   2  D:\Ubisoft Game Launcher\UplayWebCore.exe
   1  D:\Ubisoft Game Launcher\upc.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [Discord] = C:\Users\hasan\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [Launcher] = D:\Launcher\LauncherPatcher.exe
O4 - HKCU\..\Run: [Steam] = D:\Steam\steam.exe -silent
O4 - HKCU\..\Run: [Ubisoft Game Launcher] = D:\Ubisoft Game Launcher\Uplay.exe -uplay_silent
O4 - HKCU\..\RunOnce: [Application Restart #2] = C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding (file missing)
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
O23 - Service R2: AMD User Experience Program Launcher - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe
O23 - Service R2: GamingServices - C:\Program Files\WindowsApps\Microsoft.GamingServices_1.39.6001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: GamingServicesNet - C:\Program Files\WindowsApps\Microsoft.GamingServices_1.39.6001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 20.0 - (AVP20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe -r
O23 - Service R2: Kaspersky Secure Connection Hizmeti 4.0 - (KSDE4.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe -r
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R2: SetupARService - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service R3: Rockstar Game Library Service - (Rockstar Service) - D:\Launcher\RockstarService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 20.0 - (klvssbridge64_20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\vssbridge64.exe


--
End of file - Time spent: 16,6 sec. - 17602 bytes, CRC32: FFFFFFFF. Sign: 懷

Bilgisayarım 2 kere mavi ekran hatası verdi. Biri Kernel Security Check Failure hatasıydı. Diğerini hatırlamıyorum. 2 gün önce Malwarebytes bilgisayarda trojan buldu. Denetim masasında Nvidia Physx yüklü olarak buldum halbuki ekran kartım Amd. Onu kaldırdım sonra Kaspersky Security Cloud Free kurdum ve tarama yaptım fakat bir şey çıkmadı. Ayrıca henüz trojani tam temizlemeden Kasypersky, Malwarebytesı kaldırmamı istedi bende kaldırdım.

Murat5038 · 19 Mart 2020

Bir sıkıntı görünmüyor. Kaspersky yüklerken kaldırması doğal. Mavi ekran AV yazılımları yüklediğin için olabilir. Gereksiz güvenlik yazılımı kullanmayın. Bir adet bulunduracaksanız bulundurun.

x4vi · 21 Mart 2020

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18363.720 (ReleaseId: 1909), Service Pack: 0
Time:      21.03.2020 - 22:02 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: English (0x409). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    emreo    (group: Administrator) on DESKTOP-BBQIPI3, FirstRun: yes

Edge:    11.0.18362.719
Internet Explorer: 11.0.18362.1
Default: "C:\Users\emreo\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   4  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\NisSrv.exe
   1  C:\Users\emreo\OneDrive\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5de485bfda7bb25\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiApSrv.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  D:\Origin\OriginWebHelperService.exe

O4 - HKCU\..\StartupApproved\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2020/03/21)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\emreo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/03/11)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\emreo\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2020/03/21)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/03/11)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4-32 - HKLM\..\Run: [amd_dc_opt] = C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5de485bfda7bb25\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5de485bfda7bb25\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R2: SetupARService - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 18.9 sec. - 13714 bytes, CRC32: FFFFFFFF. Sign: 䭏

Hız testinde yüksek ping sorunum var başka konuda önermiştiniz ordan gördüm.

Murat5038 · 22 Mart 2020

x4vi dedi:
Hız testinde yüksek ping sorunum var başka konuda önermiştiniz ordan gördüm.

Zararlı olarak bir şey görmüyorum. Ping için bir çözüm sunmaz sadece öneri olarak temiz önyükleme yapıp Defender yeren farklı bir AV kullanmanız yararlı olabilir diyelim.

x4vi · 22 Mart 2020

Murat5038 dedi:
Zararlı olarak bir şey görmüyorum. Ping için bir çözüm sunmaz sadece öneri olarak temiz önyükleme yapıp Defender yeren farklı bir AV kullanmanız yararlı olabilir diyelim.

Anladım teşekkür ederim.

Keri · 22 Mart 2020

Performans düşüşü ve eskisinden yüksek ping alıyorum.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17763.1098 (ReleaseId: 1809), Service Pack: 0
Time:      22.03.2020 - 22:25 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    warri    (group: Administrator) on DESKTOP-RDFDEVK, FirstRun: yes

Chrome:  80.0.3987.149
Edge:    11.0.17763.1098
Internet Explorer: 11.0.17763.771
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  15  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.81.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\NisSrv.exe
   1  C:\Users\warri\OneDrive\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\GameBarPresenceWriter.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  68  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  D:\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
   1  D:\MSI\Dragon Center\CC_Engine_x64.exe
   1  D:\MSI\Dragon Center\DragonCenter_Service.exe
   1  D:\MSI\Dragon Center\Mystic_Light\LEDKeeper2.exe
   1  D:\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe
   1  D:\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
   1  D:\Steam\GameOverlayUI.exe
   1  D:\Steam\Steam.exe
   9  D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\warri\AppData\Local\Discord\app-0.0.306\Discord.exe (2020/03/22)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\warri\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/03/22)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/09/03)
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{396fe815-dab3-4273-b8b6-ea4dabcdfe04}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{396fe815-dab3-4273-b8b6-ea4dabcdfe04}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O23 - Service R2: Dragon Center Service - (DragonCenter_Service) - D:\MSI\Dragon Center\DragonCenter_Service.exe
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: LightKeeperService - D:\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Rockstar Games\Launcher\RockstarService.exe


--
End of file - Time spent: 18,8 sec. - 17678 bytes, CRC32: FFFFFFFF. Sign: ꨐ햷

Murat5038 · 23 Mart 2020

Keri dedi:
Performans düşüşü ve eskisinden yüksek ping alıyorum.

Zararlı kaynaklı gözükmüyor. Defender düşürüyor olabilir temiz önyükleme yapıp kontrol edin defender kapatıp.

Gideon · 31 Mart 2020

Paste ofCode

paste.ofcode.org

Bilgisayar açılırken ve yeniden başlatığımda siyah ekranda kalıyor. Kapatma tuşuna bastığım zaman düzeliyor.

Rehber HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

raver

Hectopat

Murat5038

Yottapat!

Perceival

Megapat

Murat5038

Yottapat!

x4vi

Hectopat

Dosya Ekleri

Murat5038

Yottapat!

x4vi

Hectopat

Keri

Centipat

Murat5038

Yottapat!

Gideon

Megapat

Paste ofCode

Benzer konular