Rehber HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 13 Ekim 2013

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Kod'a tıklayın.

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.

Murat5038 · 8 Ekim 2020

Zararlı olarak bir şey gözükmüyor. Sisteminiz eski gibi farklı konu açıp sorununuzu yazabilirsiniz. Temiz önyükleme deneyin ilk olarak konu açmadan önce.

AuthorR · 8 Ekim 2020

Eski bilgisayarımı kurdum çocukken hile yazılımları kullanırdım malware vb. yazılım var mı ? İnceler misiniz ?

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x32 Windows 7 (Ultimate), 6.1.7601.23642, Service Pack: 1
Time:      08.10.2020 - 18:01 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    EVEREST    (group: Administrator) on EVEREST-EVEREST, FirstRun: yes

Chrome:  85.0.4183.121
Firefox: 35.0.1 (x86 tr)
Internet Explorer: 11.0.9600.18538
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
   1  C:\Program Files\AMD\CNext\CNext\cnext.exe
   1  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
   8  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Users\EVEREST\Contacts\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
   1  C:\Windows\System32\ViakaraokeSrv.exe
   1  C:\Windows\System32\atieclxx.exe
   1  C:\Windows\System32\atiesrxx.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  15  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskeng.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=233&clid=1989273-1
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\2E604F22C0253A8959B21567CE59D000: [SuggestionsURL] = : - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\2E604F22C0253A8959B21567CE59D000: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\2E604F22C0253A8959B21567CE59D000: [URL] = https://yandex.com.tr/search/?win=233&clid=1989274-1&text={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\59093A7A91CA472C2A26235BDA29AF16: [URL] = http://haber.yandex.com.tr/search/?rpt=nnews2&grhow=clutop&win=199&clid=2234374-213&text={searchTerms} - Yandex.Haberler
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6A96891AE06A24BB4A1C1E96908D72A4: [SuggestionsURL_JSON] = http://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\6A96891AE06A24BB4A1C1E96908D72A4: [URL] = http://gorsel.yandex.com.tr/search/?win=199&clid=2234374-213&text={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\7DE590682A44E1D6FD04CEFE711DACC9: [SuggestionsURL_JSON] = http://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\7DE590682A44E1D6FD04CEFE711DACC9: [TopResultURL] = http://video.yandex.com.tr/#search?win=119&clid=1989191&text={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\ABD831E86D740A3BB875249575CAA69A: [TopResultURL] = http://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\CD855B27CA98DC612F3679A71B24AB58: [SuggestionsURL_JSON] = http://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\CD855B27CA98DC612F3679A71B24AB58: [TopResultURL] = http://gorsel.yandex.com.tr/yandsearch?win=119&clid=1989191&text={searchTerms} - Yandex.Görsel
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\EE826A7229714343B31E7711B1DE7C0D: [SuggestionsURL_JSON] = http://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\EE826A7229714343B31E7711B1DE7C0D: [URL] = http://video.yandex.com.tr/#search?win=199&clid=2234374-213&text={searchTerms} - Yandex.Video
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\FF36B0D7C5BFE1706EA1630F61E7C3AC: [TopResultURL] = http://haber.yandex.com.tr/yandsearch?rpt=nnews2&grhow=clutop&win=119&clid=1989191&text={searchTerms} - Yandex.Haberler
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: [SuggestionsURL] = https://ie.search.yahoo.com/os?command={searchTerms}&appid=chrie - Yahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: [TopResultURL] = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&fl=1&vl=lang_tr&ilc=12&type=591248&p={searchTerms} - Yahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1449C0C8-A0F6-47CE-9ED6-A4CE6FA132F8}: [TopResultURL] = https://www.google.com/search?q={searchTerms} - (www.google.com) Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1AC48193-ED0E-4971-945D-CF3DC8D0A44D}: [SuggestionsURL_JSON] = http://suggest.yandex.com.tr/suggest-ff.cgi?uil=tr&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1AC48193-ED0E-4971-945D-CF3DC8D0A44D}: [TopResultURL] = http://yandex.com.tr/yandsearch?win=135&clid=2025061&text={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: [URL] = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} - e
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searc - Goo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}: [SuggestionsURL_JSON] = http://www.search.ask.com/suggest.php?src=ieb&gct=ds&appid=9&systemid=2&v=n15946-747&apn_uid=4994357724304130&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&qu={searchTerms}&ft=json - Ask.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}: [TopResultURL] = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=2&v=a14978-592&apn_uid=1321122045434533&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} - Ask.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}: [URL] = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=9&systemid=2&v=n15946-747&apn_uid=4994357724304130&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} - Ask.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: [TopResultURL] = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: [URL] = http://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}: [SuggestionsURL_JSON] = http://www.search.ask.com/suggest.php?src=ieb&gct=ds&appid=9&systemid=2&v=n15946-747&apn_uid=4994357724304130&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&qu={searchTerms}&ft=json - Ask.com
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}: [URL] = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=9&systemid=2&v=n15946-747&apn_uid=4994357724304130&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} - Ask.com
O2 - HKLM\..\BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - HKLM\..\BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
O2 - HKLM\..\BHO: (no name) - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - (no file)
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - HKLM\..\BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O3 - HKLM\..\Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [StartCN] = C:\Program Files\AMD\CNext\CNext\cnext.exe atlogon
O4 - HKU\.DEFAULT\..\Run: [Skype] = C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk [backup] => C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (2015/06/12)
O4 - MSConfig\startupfolder: C:^Users^EVEREST^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Cs Serverları.lnk [backup] => C:\cs16_oyunyoneticisi\Cs Serverları.url (2020/10/07) (file missing)
O4 - MSConfig\startupfolder: C:^Users^EVEREST^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk [backup] => C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr (2014/05/03)
O4 - MSConfig\startupfolder: C:^Users^EVEREST^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^zzzzzzzzzzzzz .lnk [backup] => C:\Program Files\valve\platform\config\oyunyoneticisi_serverlistesi.exe (2016/08/15) (file missing)
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2014/05/03)
O4 - MSConfig\startupreg: Akamai NetSession Interface [command] = C:\Users\EVEREST\AppData\Local\Akamai\netsession_win.exe (HKCU) (2020/10/07)
O4 - MSConfig\startupreg: ApnTBMon [command] = C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (HKLM) (2014/05/03) (file missing)
O4 - MSConfig\startupreg: BearShare [command] = C:\Program Files\BearShare Applications\BearShare\BearShare.exe --lightmode (HKCU) (2015/07/16) (file missing)
O4 - MSConfig\startupreg: BlueStacks Agent [command] = C:\Program Files\BlueStacks\HD-Agent.exe (HKLM) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: Browser Manager [command] = C:\Users\EVEREST\AppData\Local\Yandex\BrowserManager\BrowserManager.exe (HKCU) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: CNAP2 Launcher [command] = C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE (HKLM) (2014/05/03)
O4 - MSConfig\startupreg: DAEMON Tools Pro Agent [command] = C:\Program Files\DAEMON Tools Pro\DTAgent.exe -autorun (HKCU) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: DAEMON Tools Ultra Agent [command] = c:\program files\daemon tools ultra\dtagent.exe -autorun (HKCU) (2014/03/31) (file missing)
O4 - MSConfig\startupreg: Desk 365 [command] = (HKCU) (2014/03/31) (no file)
O4 - MSConfig\startupreg: EADM [command] = D:\Origin\Origin.exe -AutoStart (HKCU) (2015/06/12) (file missing)
O4 - MSConfig\startupreg: Easy-Hide-IP [command] = C:\Program Files\Easy-Hide-IP\easy-hide-ip.exe (HKCU) (2015/06/12) (file missing)
O4 - MSConfig\startupreg: GenieFloater [command] = C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe (HKCU) (2015/12/13) (file missing)
O4 - MSConfig\startupreg: GrooveMonitor [command] = c:\program files\microsoft office\office12\groovemonitor.exe (HKLM) (2014/05/03)
O4 - MSConfig\startupreg: IDMan [command] = C:\Program Files\Internet Download Manager\IDMan.exe /onboot (HKCU) (2016/08/15)
O4 - MSConfig\startupreg: MediaGet2 [command] = (HKCU) (2014/03/31) (no file)
O4 - MSConfig\startupreg: NextLive [command] = C:\Windows\system32\rundll32.exe "C:\Users\EVEREST\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (HKCU) (2014/05/16)
O4 - MSConfig\startupreg: RaidCall [command] = c:\program files\raidcall\raidcall.exe (HKLM) (2014/03/31) (file missing)
O4 - MSConfig\startupreg: RazerGameBooster [command] = C:\Program Files\Razer\Razer Game Booster\RazerGameBooster.exe -autorun (HKLM) (2014/05/03) (file missing)
O4 - MSConfig\startupreg: SandboxieControl [command] = C:\Program Files\Sandboxie\SbieCtrl.exe (HKCU) (2015/06/12) (file missing)
O4 - MSConfig\startupreg: Skype [command] = (HKCU) (2014/01/15) (no file)
O4 - MSConfig\startupreg: StartCCC [command] = C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun (HKLM) (2015/12/13) (file missing)
O4 - MSConfig\startupreg: Steam [command] = D:\Steam\steam.exe -silent (HKCU) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files\Common Files\Java\Java Update\jusched.exe (HKLM) (2014/05/03)
O4 - MSConfig\startupreg: TTNET_McciTrayApp [command] = C:\Program Files\TTNET\pcTrayApp.exe (HKLM) (2014/05/03) (file missing)
O4 - MSConfig\startupreg: Tv-Plug-In [command] = C:\Program Files\Tv-Plug-In\Tv-Plug-In.exe nogui (HKLM) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: WTFast Tray [command] = C:\Program Files\WTFast\WTFast.exe trayonly (HKCU) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: Windows Mobile-based device management [command] = C:\Windows\WindowsMobile\wmdcBase.exe (HKLM) (2014/05/03)
O4 - MSConfig\startupreg: XMouseButtonControl [command] = C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable (HKLM) (2016/08/15) (file missing)
O4 - MSConfig\startupreg: avgnt [command] = C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min (HKLM) (2014/05/03) (file missing)
O4 - MSConfig\startupreg: gflauncher [command] = D:\Crytek\GFACE Launcher\live\gflauncher.exe --autostart (HKCU) (2020/10/07) (file missing)
O4 - MSConfig\startupreg: gmsd_tr_005010004 [command] = C:\Program Files\gmsd_tr_005010004\gmsd_tr_005010004.exe (HKLM) (2015/07/16) (file missing)
O4 - MSConfig\startupreg: iTunesHelper [command] = C:\Program Files\iTunes\iTunesHelper.exe (HKLM) (2015/12/13) (file missing)
O4 - MSConfig\startupreg: mbot_tr_014010004 [command] = C:\Program Files\mbot_tr_014010004\mbot_tr_014010004.exe (HKLM) (2015/07/16) (file missing)
O4 - MSConfig\startupreg: setting [command] = c:\program files\canli tv\setting.exe (HKLM) (2014/03/31) (file missing)
O4 - MSConfig\startupreg: uTorrent [command] = C:\Users\EVEREST\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (HKCU) (2015/12/13) (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free Download Manager ile indir: (default) = (no file)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free Download Manager ile seçileni indir: (default) = (no file)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free Download Manager ile tümünü indir: (default) = (no file)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Videoyu Free Download Manager ile indir: (default) = (no file)
O9 - Button: HKLM\..\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}: Skype Click to Call - (no file)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O17 - DHCP DNS 1: 192.168.2.1
O18 - HKLM\Software\Classes\Protocols\Handler\skype-ie-addon-data: [CLSID] = {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O21 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21 - HKLM\..\ShellIconOverlayIdentifiers\   IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files\Internet Download Manager\IDMShellExt.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\###MegaShellExtPending: (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\###MegaShellExtSynced: (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\###MegaShellExtSyncing: (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ExplorerEx: explorerEx - {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: AMD Updater - C:\Program Files\AMD\CIM\Bin\InstallManagerApp.exe /AUTOUPDATEIN
O22 - Task: ASC6_PerformanceMonitor - C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe (file missing)
O22 - Task: ASC7U_SkipUac_EVEREST - C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /SkipUac (file missing)
O22 - Task: Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: Driver Booster Scan - C:\Program Files\IObit\Driver Booster\Scheduler.exe /scan (file missing)
O22 - Task: Game_Booster_AutoUpdate - C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe /AUTORUN (file missing)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: IHSelfDeleteTASK - C:\Windows\system32\CMD.exe /C DEL C:\Users\EVEREST\AppData\Local\Temp\IHUF70.tmp.exe
O22 - Task: IHUninstallTrackingTASK - C:\Windows\system32\CMD.exe /C DEL C:\Users\EVEREST\AppData\Local\Temp\IHUDE8.tmp.exe
O22 - Task: LaunchPreSignup - C:\Program Files\OLBPre\OLBPre.exe signup (file missing)
O22 - Task: McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
O22 - Task: RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - C:\Program Files\Rising\RAV\rsdelaylauncher.exe (file missing)
O22 - Task: SmartDefrag_AutoAnalyze - C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe /AUTOANALYZE (file missing)
O22 - Task: SpyHunter4Startup - C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe /s (file missing)
O22 - Task: Tweaking.com - Windows Repair Tray Icon - C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (file missing)
O22 - Task: Uninstaller_SkipUac_Administrator - C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer (file missing)
O22 - Task: \Microsoft\VisualStudio\Updates\BackgroundDownload - C:\Program Files\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (Microsoft)
O22 - Task: avastBCLRestartS-1-5-21-3650978884-1219389724-781205445-1000 - C:\Program Files\Google\Chrome\Application\chrome.exe
O22 - Task: {035A9150-8080-4BDC-BBCF-908A93F2B21D} - C:\Users\EVEREST\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {064A4606-11F2-43D0-8A81-E75C0CEB6E5B} - C:\Users\EVEREST\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {09C471D3-D310-4C44-AFD1-5B33916EA640} - C:\Joygame\Goley\Goley.exe (file missing)
O22 - Task: {15110E63-EC03-4DF5-850E-920E7C88764E} - C:\Users\EVEREST\Downloads\Youda Survivor.exe (file missing)
O22 - Task: {25E133B6-3B4E-4C16-898F-48F8569C2E9A} - C:\Windows\system32\pcalua.exe -a C:\Users\EVEREST\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=smt
O22 - Task: {377070D0-1DA6-4EA6-A245-59A85F62F2AA} - C:\Joygame\Goley\Goley.exe (file missing)
O22 - Task: {4603560D-DD6E-4367-9F6E-01A562772E71} - D:\Joygame\Goley\Goley.exe (file missing)
O22 - Task: {58871D34-A5EB-4155-93DE-43E72C55DDE3} - C:\Windows\system32\msiexec.exe /package "E:\COD2.msi"
O22 - Task: {64D37169-491A-4AA9-9C67-0D47A889CE60} - C:\Users\EVEREST\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {6F5B79C4-CB71-4E5C-BC6E-932A1C29C732} - C:\Program Files\BlueStacks\HD-StartLauncher.exe (file missing)
O22 - Task: {6F7B1F6A-CF70-4121-9C14-55A3ED4B0C5B} - C:\Users\EVEREST\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {75C59147-BF18-4C25-8522-66B194AF2329} - C:\Program Files\Monte Cristo\Medieval Lords\BIN\Medieval_lords.exe (file missing)
O22 - Task: {75CE2EBA-1DED-4EA6-90E0-234085DFD145} - D:\Everest\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {93E60FA7-11E9-4DC7-AB73-7D53D0C11D9E} - C:\Users\EVEREST\Desktop\Minecraft.exe (file missing)
O22 - Task: {9566399C-FE50-44DE-92BD-13820C4151EB} - D:\Everest\AppData\Roaming\.minecraft\name_change_launcher.exe (file missing)
O22 - Task: {98CC7B12-5FA4-43C0-AC09-AC38EA94B229} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Attack on Pearl Harbor\Setup.exe" -d "C:\Program Files\Attack on Pearl Harbor"
O22 - Task: {9E1F8C54-0F14-465A-9361-6EA6C4C43920} - C:\Users\EVEREST\AppData\Roaming\.minecraft\Launcher.exe (file missing)
O22 - Task: {B3224210-C910-4650-92AB-EDE3408DFC9E} - C:\Program Files\BlueStacks\HD-StartLauncher.exe (file missing)
O22 - Task: {E3AA323F-16CA-442C-BE12-994AB2F1A370} - C:\Users\EVEREST\Contacts\Desktop\64 Bit NetCAD Full\NetCAD Full Kurulum Dosyaları 2016\NETCAD 5.1.0.962\Netcad_Moduller\Netcad Surf Versiyon 5.0.0.186\Netcad Surf Versiyon 5.0.0.186\setup.exe (file missing)
O22 - Task: {E80249DA-A96A-479C-8E91-D36EC0FA59CF} - C:\Program Files\Joygame\Goley\Goley.exe (file missing)
O22 - Task: {E8DB6963-B4AB-408D-AE9B-E8B476CBFF21} - C:\Program Files\Monte Cristo\Medieval Lords\BIN\Medieval_lords.exe (file missing)
O22 - Task: {EB3787D8-019A-4C50-83F6-B47451DBE4B6} - C:\Windows\system32\pcalua.exe -a "C:\Users\EVEREST\Desktop\Yeni klasör\Setup.exe" -d "C:\Users\EVEREST\Desktop\Yeni klasör"
O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
O23 - Service R2: AMD FUEL Service - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe /launchService
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: VIA Karaoke digital mixer Service - (VIAKaraokeService) - C:\Windows\system32\viakaraokesrv.exe
O23 - Service R2: Windows Mobile 2003 tabanlı aygıt bağlantısı - (WcesComm) - C:\Windows\system32\svchost.exe -k WindowsMobile; "ServiceDll" = C:\Windows\WindowsMobile\wcescomm.dll
O23 - Service R2: Windows Mobile tabanlı aygıt bağlantısı - (RapiMgr) - C:\Windows\system32\svchost.exe -k WindowsMobile; "ServiceDll" = C:\Windows\WindowsMobile\rapimgr.dll
O23 - Service S2: Advanced SystemCare Service 6 - (AdvancedSystemCareService6) - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe Files\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service S2: Advanced SystemCare Service 7 - (AdvancedSystemCareService7) - C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe (file missing)
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Anti-Virus Hizmeti 16.0.0 - (AVP16.0.0) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe -r
O23 - Service S2: Microsoft .NET Framework NGEN v4.0.30319_X86 - (clr_optimization_v4.0.30319_32) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service S2: RzKLService - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe Files\Razer\Razer Game Booster\RzKLService.exe (file missing)
O23 - Service S2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe  (file missing)
O23 - Service S2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files\Wondershare\WAF\2.3.1.1\WsAppService.exe Files\Wondershare\WAF\2.3.1.1\WsAppService.exe (file missing)
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: EasyAntiCheat - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: McAfee Security Scan Component Host Service - (McComponentHostService) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service S3: Steam Client Service - C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Windows Etkinleştirme Teknolojileri Hizmeti - (WatAdminSvc) - C:\Windows\system32\Wat\WatAdminSvc.exe
O23 - Service S3: Wondershare Driver Install Service - (WsDrvInst) - C:\Program Files\Wondershare\Dr.Fone for Android\DriverInstall.exe  (file missing)
O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\Windows\system32\GameMon.des -service



Debug information:

- 08.10.2020 18:00:45 - IsWinServiceFileName - #457 (This key is already associated with an element of this collection) LastDllError = 0 File: C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

--
End of file - Time spent: 18.7 sec. - 58932 bytes, CRC32: FFFFFFFF. Sign: ⱴ䠚

Murat5038 · 8 Ekim 2020

O bilgisayar formatlık, önüne ne gelirse yüklemişsin.

AuthorR · 8 Ekim 2020

Murat5038 dedi:
O bilgisayar formatlık, önüne ne gelirse yüklemişsin.

O kadar mı kötü hocam Çocukluk aklı işte bir elden geçireyim teşekkürler.

sahbugra · 12 Ekim 2020

Merhaba.
Bilgisayarım masaüstünde boşta iken bile çok ısınıyor ve dolayısıyla fanları da son hızda çalışıyordu. Sonra fark ettim ki görev yöneticisini açtığımda cpu kullanımı %90 lardan %3 %5 civarlarına düşüyor bir saniye bile olmadan. Aynı zamanda bilgisayar uykudayken ara ara kendiliğinden açılıyordu. Ben de bu sebeplerden acaba bilgisayarımda mining virüsü mü var düşüncesi oluştu ve format atmaya karar verdim. Bugün cmd ile diskpart" komutunu kullanarak C ve D sürücüsünü tamamen sildim ve okulun bizlere sağladığı Windows 10 pro yükledim. Lakin yukarıda bahsettiğim cpu kullanımı ile ilgili gariplik devam etmekte. Bilgisayarı "Hitman Pro" adlı uygulamanın 30 günlük deneme sürümü ile tarattım birkaç kez ama virüs ya da malware bulmadı. Şimdilik bilgisayarıma "Hitman Pro" ve "HijackThis" ve yine okulun sağlamış olduğu "MS Office 2019" dışında hiç bir şey yüklemedim. Ne yapmam gerektiğini bilmiyorum artık. Umarım bana yardım edebilirsiniz. Şimdiden zamanınız ve yardımlarınız için teşekkürler.

---------------------------------------------------------------------------------

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.18363.418 (ReleaseId: 1909), Service Pack: 0
Time:      12.10.2020 - 18:32 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    BUGRA    (group: Administrator) on DESKTOP-C6G2CUO, FirstRun: yes

Edge:    11.0.18362.418
Internet Explorer: 11.0.18362.1
Default: "C:\Windows\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Windows Defender\MsMpEng.exe
   1  C:\Program Files\Windows Defender\NisSrv.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Users\BUGRA\Desktop\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  73  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

O4 - HKLM\..\StartupApproved\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui (2020/10/12)
O4 - HKLM\..\StartupApproved\Run: [Logitech Download Assistant] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (2020/10/12)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2020/10/12)
O17 - DHCP DNS 1: 46.197.15.60
O17 - DHCP DNS 2: 178.233.140.110
O17 - DHCP DNS 3: 176.240.150.250
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (Microsoft)
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE


--
End of file - Time spent: 11,9 sec. - 8358 bytes, CRC32: FFFFFFFF. Sign: 䴾虯

Murat5038 · 13 Ekim 2020

Sistem dediğin gibi daha yeni formatlı olduğundan Logitech hariç yüklü yüzükmüyor.
Bu yüzden zararlı benzeri gözükmüyor.
Anlık kaynak kullanımı yükselir bu normaldir Win 10'da.

Donanımsal bakım yaptırmadıysanız yaptırın bilgisayara yakın zamanda. Zararlı kaynaklı olmadığından kendi konunuzu açıp sorunuzu yazabilirsiniz dediğimi yapıp düzelmediğinde.

slrofw · 16 Ekim 2020

Sistemimde bariz bir yavaşlama söz konusu.
Önceki mesajımı kaldırılması için raporladım yanlış konuya paylaştığım için.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Enterprise), 10.0.19042.508 (ReleaseId: 2009), Service Pack: 0
Time:      16.10.2020 - 17:53 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    oztur    (group: Administrator) on BILGISAYAR, FirstRun: yes

Chrome:  86.0.4240.75
Edge:    11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1 (Brave)

Boot mode: Normal

Running processes:
Number | Path
   2  C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fshoster64.exe
   1  C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fsorsp64.exe
   1  C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fsulprothoster.exe
   3  C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Users\oztur\Desktop\HiJackThis.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\VSSVC.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wuauclt.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.504_none_e781e76525fb2269\TiWorker.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe

O2 - HKLM\..\BHO: Browsing Protection by F-Secure - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1602159555\browser\fs_ie_https\fs_ie_https64.dll
O2-32 - HKLM\..\BHO: Browsing Protection by F-Secure - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1602159555\browser\fs_ie_https\fs_ie_https.dll
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2020/09/28)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = D:\EPİC GAMES\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/09/16)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/10/07)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2020/09/03)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\F-Secure DataGuard Icon Overlay: DataGuardIconOverlay Class - {CA789262-D278-40F7-AC12-19C0395F9DD9} - C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-617431913-2091601371-2883267938-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: BlueStacksHelper - C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O22 - Task: BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Opera scheduled Autoupdate 1599407111 - C:\Users\oztur\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1599407381 - C:\Users\oztur\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oztur\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: \F-Secure\F-Secure Hotfix - C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe
O23 - Service R2: F-Secure Hoster (Restricted) - (fsnethoster) - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe --service --namespace default --id 2
O23 - Service R2: F-Secure Hoster - (fshoster) - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe --service --namespace default --id 0
O23 - Service R2: F-Secure Ultralight Hoster - (fsulhoster) - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fshoster64.exe --service --namespace ul_default
O23 - Service R2: F-Secure Ultralight Network Hoster - (fsulnethoster) - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fshoster64.exe --service --namespace ul_default --id 2
O23 - Service R2: F-Secure Ultralight ORSP Client - (fsulorsp) - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fsorsp64.exe
O23 - Service R2: F-Secure Ultralight Protected Hoster - (fsulprothoster) - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1602225647\fsulprothoster.exe --service --namespace ul_default --id 5
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 24,5 sec. - 18680 bytes, CRC32: FFFFFFFF. Sign: 五魾

Murat5038 · 16 Ekim 2020

Zararlı kaynaklı bir durum yok. AV ullanıyorsun bu yavaşlatıyor olabilir. Temiz önyükleme yapın. Sürücüler güncel değilse güncelle.

slrofw · 16 Ekim 2020

Yanıt için teşekkürler. Sürücüleri Windows Update aracılığıyla mı güncellemeliyim? F Secure nasıl bir AV? önerdiğiniz Anti Virüsler nelerdir?

Murat5038 · 16 Ekim 2020

Win Update standart sürücüleri yükler. Üreticinizden yükleyin bilmiyorsanız konu açın yönlendiririz.

slrofw dedi:
F Secure nasıl bir AV?

İdare eder.

slrofw dedi:
önerdiğiniz Anti Virüsler nelerdir?

Sosyalde birçok kez yazdık. Araştırabilirsin, öneri olarak Kaspersky öneririm ilk öncelik.

Rehber HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

Murat5038

Yottapat!

AuthorR

Centipat

Murat5038

Yottapat!

AuthorR

Centipat

sahbugra

Femtopat

Murat5038

Yottapat!

slrofw

Kilopat

Murat5038

Yottapat!

slrofw

Kilopat

Murat5038

Yottapat!

Benzer konular