HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Hocam merhaba. Pc çok geç açılıyor büyük bir performans düşüşü var bu konuda yardımcı olur musunuz ?

[CODE title="Performans Düşüşü , Geç açılma"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Home), 10.0.19042.1288 (ReleaseId: 2009, 20H2), Service Pack: 0
Time: 19.10.2021 - 20:21 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: ramaz (group: Administrators) on DESKTOP-0N2DBPT, FirstRun: yes

Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Scheduler.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\WindowsApps\microsoft.yourphone_1.21084.78.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
1 C:\Users\ramaz\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\FileCoAuth.exe
1 C:\Users\ramaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\ramaz\Downloads\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d2488852c7b45a0\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_afa18c61a36f2728\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_afa18c61a36f2728\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvtfsi.inf_amd64_4df9899dee232447\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
71 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\Creative.UWPRPCService.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe

O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_2B75B4D99B0AE9C989F2B76E269A0ECF] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [OneDrive] = C:\Users\ramaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Scheduler.exe /scheduler
O22 - Task: Driver Booster SkipUAC (ramaz) - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe /skipuac
O22 - Task: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\AutoUpdate.exe /auto
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_afa18c61a36f2728\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d2488852c7b45a0\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvtfsi.inf_amd64_4df9899dee232447\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvtfsi.inf_amd64_4df9899dee232447\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: UWP RPC Service - (UWPService) - C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_afa18c61a36f2728\IntelCpHeciSvc.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe


--
End of file - Time spent: 66,1 sec. - 16524 bytes, CRC32: FFFFFFFF. Sign: 㙠芹[/CODE]
 
rmzntly dedi:
Hocam merhaba. PC çok geç açılıyor büyük bir performans düşüşü var bu konuda yardımcı olur musunuz?
Genişletmek için tıkla...
Sürücü bulucu kullanmışssın o bilgisayara format atmadan zor sorunların çözülmesi ancak yine de küçük bir fix önereyim:
Kod: 
O4 - HKCU\..\Run: [OneDrive] = C:\Users\ramaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Scheduler.exe /scheduler
O22 - Task: Driver Booster SkipUAC (ramaz) - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe /skipuac
O22 - Task: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\AutoUpdate.exe /auto
 
Murat5038 dedi:
Sürücü bulucu kullanmışssın o bilgisayara format atmadan zor sorunların çözülmesi ancak yine de küçük bir fix önereyim:
Kod: 
O4 - HKCU\..\Run: [OneDrive] = C:\Users\ramaz\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Scheduler.exe /scheduler
O22 - Task: Driver Booster SkipUAC (ramaz) - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe /skipuac
O22 - Task: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\8.7.0\AutoUpdate.exe /auto
Genişletmek için tıkla...
Hocam pc'yi 1 hafta kadar kullanmamıştım. Kullanmak istediğim zaman geç açılma ve yavaşlama problemi ile karşılaştım. Öncelikle tüm uygulamaları silerek format attım daha sonrasında ise tüm her şeyi silerek formatladım fakat durum değişmedi. Açılış süresi 10 saniyelerdeyken şu anda neredeyse dakikayı buluyor. Bu problem yazılımsal bir problem midir SSD ile alakalı donanımsal bir problem mi o konuda belirsiz kaldım.
 
Program silerek formatlamakla, her şeyi silerek formatlamak ne demek?
Format tek biçimdir imajı yazarsın post ekranından başlatırsın bootable olarak formatlarsın.
Bilen birine format attırın ve sürücü bulucu kurmasın kim kuruyorsa. Saçma bilgisayarcılar kurar genelde onu.
Sonrasındaki sorunları burada değil sosyal içinde konu açıp sorabilirsiniz.
 
Murat5038 dedi:
Program silerek formatlamakla, her şeyi silerek formatlamak ne demek?
Format tek biçimdir imajı yazarsın post ekranından başlatırsın bootable olarak formatlarsın.
Bilen birine format attırın ve sürücü bulucu kurmasın kim kuruyorsa. Saçma bilgisayarcılar kurar genelde onu.
Sonrasındaki sorunları burada değil sosyal içinde konu açıp sorabilirsiniz.
Genişletmek için tıkla...
[CODE title="şimdiden teşekkür ederim"]ogfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Pro), 10.0.19043.1320 (ReleaseId: 2009, 21H1), Service Pack: 0
Time: 30.10.2021 - 02:37 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Emrek (group: Administrators) on DESKTOP-OKQPLFS, FirstRun: no

Chrome: 95.0.4638.54
Internet Explorer: 11.0.19041.1202
Default: "C:\Users\Emrek\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1 C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
1 C:\Program Files (x86)\Origin\EASteamProxy.exe
1 C:\Program Files (x86)\Origin\Origin.exe
1 C:\Program Files (x86)\Origin\OriginClientService.exe
1 C:\Program Files (x86)\Origin\OriginWebHelperService.exe
5 C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
10 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\GameOverlayUI.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files (x86)\Steam\steamapps\common\FIFA 22\FIFA22.exe
1 C:\Program Files (x86)\Steam\steamapps\common\FIFA 22\FIFASetup\fifaconfig.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.58.28003.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.58.28003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21084.79.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
6 C:\Users\Emrek\AppData\Local\Discord\app-1.0.9003\Discord.exe
1 C:\Users\Emrek\AppData\Local\Programs\Opera\80.0.4170.63\opera_crashreporter.exe
32 C:\Users\Emrek\AppData\Local\Programs\Opera\opera.exe
1 C:\Users\Emrek\AppData\Local\Temp\B8539694-DB22-4C30-84F9-8306784F6D61\DismHost.exe
1 C:\Users\Emrek\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CompPkgSrv.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GameBarPresenceWriter.exe
1 C:\Windows\System32\lsass.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
83 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsAdminFlows.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1310_none_7e15ec207c87d405\TiWorker.exe

R1 - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:1080 (enabled)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...32156 bytes, CRC32: FFFFFFFF. Sign: ٿ[/CODE]
 
[CODE title="Muhtemelen Virüs Var, Bilgisayarım Çok Yavaş"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Home Single Language), 10.0.19042.1288 (ReleaseId: 2009, 20H2), Service Pack: 0
Time: 13.11.2021 - 16:39 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Çağan Çakmak (group: Administrators) on MSI, FirstRun: yes

Chrome: 95.0.4638.69
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adguard\AdguardSvc.exe
10 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\SCM\MSIService.exe
1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
1 C:\Program Files\McAfee\WebAdvisor\servicehost.exe
1 C:\Program Files\McAfee\WebAdvisor\uihost.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21092.149.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
4 C:\Users\Çağan Çakmak\AppData\Local\Google\Chrome\User Data\SwReporter\94.274.200\software_reporter_tool.exe
1 C:\Users\Çağan Çakmak\Downloads\HiJackThis.exe
2 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\audiodg.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
1 C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
1 C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHeciSvc.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\ICEsoundService64.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\rundll32.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
81 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\dllhost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://oem15.msn.com/?pc=NMTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=262&clid=2255506-213
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...75052 bytes, CRC32: FFFFFFFF. Sign: 鞝빽[/CODE]
 
[CODE title="Merhabalar. Bilgisayarımda performans düşüşü var. Crackli dosyalar kullanmıştım, galiba zararlı yazılım bulaştırdım. Yardımlarınızı bekliyorum."]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Pro), 10.0.19043.1348 (ReleaseId: 2009, 21H1), Service Pack: 0
Time: 17.11.2021 - 21:41 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: lenovo (group: Administrators) on LENOVO-PC, FirstRun: yes

Chrome: 96.0.4664.45
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
1 C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
1 C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
1 C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
2 C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe
5 C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe
2 C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
1 C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
1 C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
1 C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
1 C:\Program Files (x86)\RescueTime\RescueTime.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe
4 C:\Program Files\Cold Turkey\eowp.exe
1 C:\Program Files\Cold Turkey\ServiceHub.Power.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
1 C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
1 C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
1 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
1 C:\Program Files\Elantech\ETDCtrl.exe
1 C:\Program Files\Elantech\ETDCtrlHelper.exe
1 C:\Program Files\Elantech\ETDIntelligent.exe
1 C:\Program Files\Elantech\ETDService.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21084.79.0_x64__8wekyb3d8bbwe\YourPhone.exe
2 C:\Users\lenovo\AppData\Local\Programs\Opera\launcher.exe
1 C:\Users\lenovo\Desktop\HiJackThis.exe
1 C:\Windows\dglvrsvc.exe
1 C:\Windows\explorer.exe
2 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
2 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
3 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\RTFTrack.exe
1 C:\Windows\System32\audiodg.exe
3 C:\Windows\System32\backgroundTaskHost.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\CxAudMsg64.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_3d3405e2f3440970\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\dxgiadaptercache.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\LenovoWiFiHotspotSvr.exe
1 C:\Windows\System32\lsass.exe
4 C:\Windows\System32\rundll32.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
86 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wermgr.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\SASrv.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://lenovo13.msn.com/?pc=LCJB
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...80620 bytes, CRC32: FFFFFFFF. Sign: 滖蔜[/CODE]
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
637
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı