HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Bunları fixleyin:
Kod: 
O4 - HKU\.DEFAULT\..\RunOnce: [AccentColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [HttpAcceptLanguageOptOut] = C:\Windows\system32\REG.exe ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [StartColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0
O4 - User Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Open Shell.lnk    ->    C:\Program Files (x86)\Open-Shell\StartMenu.exe
O15 - HKCU\..\ProtocolDefaults:  - [@ivt] protocol is in Unknown Zone, should be Intranet Zone
O15 - HKCU\..\ProtocolDefaults:  - [file] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [ftp] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [http] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [https] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [knownfolder] protocol is in Unknown Zone, should be My Computer Zone
O15 - HKCU\..\ProtocolDefaults:  - [shell] protocol is in Unknown Zone, should be My Computer Zone
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Intelligent StandbyList Cleaner - C:\Program Files\Intelligent Standby List Cleaner\Intelligent standby list cleaner ISLC.exe
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1787238638-995825184-2828871149-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - (no file)
O23 - Service R2: Set Timer Resolution - (STR) - C:\Program Files\Set Timer Resolution Service\SetTimerResolutionService.exe
 
Hocam
Murat5038 dedi:
Bunları fixleyin:
Kod: 
O4 - HKU\.DEFAULT\..\RunOnce: [AccentColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [HttpAcceptLanguageOptOut] = C:\Windows\system32\REG.exe ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [StartColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0
O4 - User Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Open Shell.lnk    ->    C:\Program Files (x86)\Open-Shell\StartMenu.exe
O15 - HKCU\..\ProtocolDefaults:  - [@ivt] protocol is in Unknown Zone, should be Intranet Zone
O15 - HKCU\..\ProtocolDefaults:  - [file] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [ftp] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [http] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [https] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [knownfolder] protocol is in Unknown Zone, should be My Computer Zone
O15 - HKCU\..\ProtocolDefaults:  - [shell] protocol is in Unknown Zone, should be My Computer Zone
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Intelligent StandbyList Cleaner - C:\Program Files\Intelligent Standby List Cleaner\Intelligent standby list cleaner ISLC.exe
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1787238638-995825184-2828871149-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - (no file)
O23 - Service R2: Set Timer Resolution - (STR) - C:\Program Files\Set Timer Resolution Service\SetTimerResolutionService.exe
Genişletmek için tıkla...

Murat5038 dedi:
Bunları fixleyin:
Kod: 
O4 - HKU\.DEFAULT\..\RunOnce: [AccentColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [HttpAcceptLanguageOptOut] = C:\Windows\system32\REG.exe ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1
O4 - HKU\.DEFAULT\..\RunOnce: [StartColorMenu] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 0
O4 - HKU\.DEFAULT\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0
O4 - User Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Open Shell.lnk    ->    C:\Program Files (x86)\Open-Shell\StartMenu.exe
O15 - HKCU\..\ProtocolDefaults:  - [@ivt] protocol is in Unknown Zone, should be Intranet Zone
O15 - HKCU\..\ProtocolDefaults:  - [file] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [ftp] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [http] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [https] protocol is in Unknown Zone, should be Internet Zone
O15 - HKCU\..\ProtocolDefaults:  - [knownfolder] protocol is in Unknown Zone, should be My Computer Zone
O15 - HKCU\..\ProtocolDefaults:  - [shell] protocol is in Unknown Zone, should be My Computer Zone
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Intelligent StandbyList Cleaner - C:\Program Files\Intelligent Standby List Cleaner\Intelligent standby list cleaner ISLC.exe
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1787238638-995825184-2828871149-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - (no file)
O22 - Task: \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - (no file)
O23 - Service R2: Set Timer Resolution - (STR) - C:\Program Files\Set Timer Resolution Service\SetTimerResolutionService.exe
Genişletmek için tıkla...
Hocam sağolun. Bu yeni log sorun devam ediyor.

Paste ofCode

paste.ofcode.org paste.ofcode.org
 
Hocam Malwarebytes yüklüydü bilgisayarımda ve şu anda kaldırıldıgını gördüm.
Virüs varsada bulamıyorum artık.
Malwarebytes'in Support toolunu kullanarak Windows dosyalarını fixliyorum şu anda. Bu program düzeltir mi?
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Home), 10.0.19042.685 (ReleaseId: 2009), Service Pack: 0
Time:      19.12.2020 - 19:43 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    bayra    (group: Administrator) on DESKTOP-6G3QKQE, FirstRun: yes

Chrome:  87.0.4280.88
Edge:    11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Users\bayra\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
   1  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
   1  C:\Users\bayra\Downloads\HiJackThis.exe
   1  C:\Windows\SysWOW64\dllhost.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  68  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/22)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Hızlı Başlangıç.lnk    ->    C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (2020/11/14)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\Windows\system32\AcSignIcon.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin
O22 - Task: (disabled) GoogleUpdateTaskUserS-1-5-21-1856109106-4209357484-3766137279-1001Core - C:\Users\bayra\AppData\Local\Google\Update\GoogleUpdate.exe /c (file missing)
O22 - Task: (disabled) GoogleUpdateTaskUserS-1-5-21-1856109106-4209357484-3766137279-1001UA - C:\Users\bayra\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: (disabled) RTKCPL - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1856109106-4209357484-3766137279-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Opera GX scheduled Autoupdate 1591432756 - C:\Users\bayra\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\Windows\system32\usoclient.exe StartInstall (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\Windows\system32\amdfendrsr.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Remote Solver for COSMOSFloWorks 2008 - (RemoteSolverDispatcher) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe "SOFTWARE\SRAC\COSMOS_FloWorks 2019"
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe  (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: DTSInterops - (CoordinatorServiceHost) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe  (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHeciSvc.exe
O23 - Service S3: SolidWorks Licensing Service - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 27,2 sec. - 21614 bytes, CRC32: FFFFFFFF. Sign: ő簷
 
mahoni55555 dedi:
@Murat5038 Hocam sorun devam ediyor yeni log dosyası.

Paste ofCode

paste.ofcode.org paste.ofcode.org
Genişletmek için tıkla...
Kaldırdığım şeyleri kendin tekrar açarsan çözülmez.

Zararlı kaynaklı değil kullandığın yazılımdamn kaynaklı bilinçsiz olduğun için.
Bunu da fixle:
Kod: 
O23 - Service R2: Set Timer Resolution - (STR) - C:\Program Files\Set Timer Resolution Service\SetTimerResolutionService.exe

Bunları kaldır kullanma:
SetTimerResolution
Intelligent standby list cleaner
 
Murat5038 dedi:
Kaldırdığım şeyleri kendin tekrar açarsan çözülmez.

Zararlı kaynaklı değil kullandığın yazılımdamn kaynaklı bilinçsiz olduğun için.
Bunu da fixle:
Kod: 
O23 - Service R2: Set Timer Resolution - (STR) - C:\Program Files\Set Timer Resolution Service\SetTimerResolutionService.exe

Bunları kaldır kullanma:
Settimerresolution.
Intelligent standby list cleaner.
Genişletmek için tıkla...

Hocam benim attığımada bakar mısınız bir sorun var mı?
Windows 10'da çevrimdışı tarama ve gece ışığından sorun yaşıyorum.
bertony dedi:
Hocam Malwarebytes yüklüydü bilgisayarımda ve şu anda kaldırıldıgını gördüm.
Virüs varsada bulamıyorum artık.
Malwarebytes'in Support toolunu kullanarak Windows dosyalarını fixliyorum şu anda. Bu program düzeltir mi?
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26.

Platform: x64 Windows 10 (Home), 10.0.19042.685 (ReleaseId: 2009), Service Pack: 0.
Time: 19.12.2020 - 19:43 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: bayra (group: Administrator) on DESKTOP-6G3QKQE, FirstRun: yes.

Chrome: 87.0.4280.88.
Edge: 11.0.19041.546.
Internet Explorer: 11.0.19041.1.
Default: "C:\Users\bayra\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal.

Running processes:
Number | Path.
1 C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe.
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe.
1 C:\Program Files\Bonjour\mDNSResponder.exe.
1 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe.
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe.
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe.
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe.
1 C:\Program Files\Riot Vanguard\vgtray.exe.
1 C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe.
1 C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe.
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe.
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe.
1 C:\Users\bayra\Downloads\HiJackThis.exe.
1 C:\Windows\SysWOW64\dllhost.exe.
4 C:\Windows\System32\RuntimeBroker.exe.
1 C:\Windows\System32\SearchIndexer.exe.
1 C:\Windows\System32\SecurityHealthService.exe.
1 C:\Windows\System32\SettingSyncHost.exe.
1 C:\Windows\System32\SgrmBroker.exe.
2 C:\Windows\System32\WUDFHost.exe.
1 C:\Windows\System32\amdfendrsr.exe.
1 C:\Windows\System32\audiodg.exe.
2 C:\Windows\System32\conhost.exe.
2 C:\Windows\System32\csrss.exe.
1 C:\Windows\System32\ctfmon.exe.
1 C:\Windows\System32\dllhost.exe.
1 C:\Windows\System32\dwm.exe.
2 C:\Windows\System32\fontdrvhost.exe.
1 C:\Windows\System32\lsass.exe.
1 C:\Windows\System32\services.exe.
1 C:\Windows\System32\sihost.exe.
1 C:\Windows\System32\smartscreen.exe.
1 C:\Windows\System32\smss.exe.
1 C:\Windows\System32\spoolsv.exe.
68 C:\Windows\System32\svchost.exe.
1 C:\Windows\System32\taskhostw.exe.
1 C:\Windows\System32\wbem\WmiPrvSE.exe.
1 C:\Windows\System32\wininit.exe.
1 C:\Windows\System32\winlogon.exe.
1 C:\Windows\System32\wlanext.exe.
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe.
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe.
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe.
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe.
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe.
1 C:\Windows\explorer.exe.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local.
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/22)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe.
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Hızlı Başlangıç.lnk -> C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (2020/11/14)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade.
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade.
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll.
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\Windows\system32\AcSignIcon.dll.
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin.
O22 - Task: (disabled) GoogleUpdateTaskUserS-1-5-21-1856109106-4209357484-3766137279-1001Core - C:\Users\bayra\AppData\Local\Google\Update\GoogleUpdate.exe /c (file missing)
O22 - Task: (disabled) GoogleUpdateTaskUserS-1-5-21-1856109106-4209357484-3766137279-1001UA - C:\Users\bayra\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: (disabled) RTKCPL - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s.
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1856109106-4209357484-3766137279-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe.
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c.
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler.
O22 - Task: Opera GX scheduled Autoupdate 1591432756 - C:\Users\bayra\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\Windows\system32\usoclient.exe StartInstall (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\Windows\system32\amdfendrsr.exe.
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe.
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe.
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe.
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe.
O23 - Service R2: Remote Solver for COSMOSFloWorks 2008 - (RemoteSolverDispatcher) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe "SOFTWARE\SRAC\COSMOS_FloWorks 2019"
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc.
O23 - Service S2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe.
O23 - Service S3: DTSInterops - (CoordinatorServiceHost) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe.
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe.
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc.
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe.
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHeciSvc.exe.
O23 - Service S3: SolidWorks Licensing Service - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe.
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService.
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe.

--
End of file - Time spent: 27,2 sec. - 21614 bytes, CRC32: FFFFFFFF. Sign: ő簷
Genişletmek için tıkla...

+1.
 
bertony dedi:
Hocam Malwarebytes yüklüydü bilgisayarımda ve şu anda kaldırıldıgını gördüm.
Virüs varsada bulamıyorum artık.
Malwarebytes'in Support toolunu kullanarak Windows dosyalarını fixliyorum şu anda. Bu program düzeltir mi?
Genişletmek için tıkla...
Zararlı kaynaklı gözükmüyor. MBAM yüklü zaten. Performans için önereceklerim olacak fixlersiniz:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/22)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1856109106-4209357484-3766137279-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Opera GX scheduled Autoupdate 1591432756 - C:\Users\bayra\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\Windows\system32\usoclient.exe StartInstall (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\Windows\system32\amdfendrsr.exe
 
y
Murat5038 dedi:
Zararlı kaynaklı gözükmüyor. MBAM yüklü zaten. Performans için önereceklerim olacak fixlersiniz:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/22)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1856109106-4209357484-3766137279-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Opera GX scheduled Autoupdate 1591432756 - C:\Users\bayra\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\Windows\system32\usoclient.exe StartInstall (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\Windows\system32\amdfendrsr.exe
Genişletmek için tıkla...
Sağolun hocam teşekkür ederim
 
Bunları fixleyin:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.joygame.com/games.aspx?g=2001
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = http=127.0.0.1:8888 (disabled)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2018/11/10)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) Intel PTT EK Recertification.job - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
638
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı