Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Murat5038 dedi:
Zararlı tam olarak olmasa da şüpheliler var ve geresiz olabilecekler var bunları fixleyin:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?pc=UE01&ocid=UE01DHP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
O4 - HKCU\..\Run: [BingWallpaperApp] = C:\Users\bserd\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
O4 - HKCU\..\Run: [CyberGhost] = C:\Program Files\CyberGhost 6\CyberGhost.exe /autostart /min (file missing)
O4 - HKCU\..\Run: [ut] = C:\Users\bserd\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/02/16)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2019/12/19)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/06/11)
O4 - HKCU\..\StartupApproved\Run: [Lync] = C:\Program Files\Microsoft Office\root\Office16\lync.exe /fromrunkey (file missing) (2021/05/09)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = c:\users\bserd\appdata\local\programs\opera\assistant\browser_assistant.exe (2020/03/04)
O4 - HKCU\..\StartupApproved\Run: [Reverso] = C:\Users\bserd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reverso\Reverso.appref-ms -minimized (2021/05/09)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\bserd\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2021/06/11)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\bserd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xilinx Information Center.lnk    ->    C:\Xilinx\xic\xic.exe -c -t (2021/05/09)
O4 - HKLM\..\Run: [CDAServer] = C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\StartupApproved\Run32: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (2020/05/19)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/02/15)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk    ->    C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2021/05/09)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk    ->    C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O7 - Policy: HKCU\..\Policies\Explorer\DisallowRun: [1] = irsetup.exe (disabled)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster Scheduler" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster SkipUAC (bserd)" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceCheckTask" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceStartupTask" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\RTKCPL" /ENABLE (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED28604-6893-4D09-BE60-93D52484DF0D} -  (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED28604-6893-4D09-BE60-93D52484DF0D} (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Remover (empty)
O22 - Task: (disabled) IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: (disabled) IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: (disabled) USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O22 - Task: \CareCenter\SACMonitor_Reg_HKLMRun - C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe
O22 - Task: Driver Booster SkipUAC (bserd) - C:\Program Files (x86)\Driver Booster\DriverBooster.exe /skipuac
O22 - Task: NIUpdateServiceCheckTask - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task
O22 - Task: NIUpdateServiceStartupTask - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -startupTask
O22 - Task: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe

Sürücü bulucu ve önerilmeyen yazılımlar kullanıyorsunuz.
Genişletmek için tıkla...
Tamamdır teşekkür ederim.
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13
Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   6  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
   1  C:\Users\Taha\AppData\Local\Programs\Opera GX\81.0.4196.61\opera_crashreporter.exe
  15  C:\Users\Taha\AppData\Local\Programs\Opera GX\opera.exe
   1  C:\Users\Taha\Downloads\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   3  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   1  C:\Windows\System32\rundll32.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  79  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.joygame.com/games.aspx?g=2001
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKCU\..\Run: [Voicemod] = C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Taha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/04/26)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2021/05/16)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/05/21)
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_455420D7B808869FE27B2B57E42A080D] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (2021/06/24)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\Taha\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2021/11/16)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/04/26)
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2021/09/04)
O4 - HKLM\..\StartupApproved\Run32: [amd_dc_opt] = C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (2021/09/04)
O4 - HKLM\..\StartupApproved\Run32: [EpicPen] = C:\Program Files (x86)\Epic Pen\EpicPen.exe -startup (2021/11/16)
O4 - HKLM\..\StartupApproved\Run32: [Razer Synapse] = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (2021/05/29)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/04/26)
O17 - DHCP DNS 1: 192.168.1.1
O22 - BITS Job: (download) {5271632A-25A5-4777-8FB4-DE468539D165} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adht3vk47dehzzy5twtbkj3cddsq_7030/hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3 -> C:\Users\Taha\AppData\Local\Temp\chrome_BITS_10964_1880865846\hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3275502404-2627277998-3887654420-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\Office Subscription Maintenance - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-3275502404-2627277998-3887654420-500 - C:\Users\Taha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-3620144467-4133877577-726863005-500 - C:\Users\Taha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: Opera GX scheduled assistant Autoupdate 1631810302 - C:\Users\Taha\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Taha\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Task: Opera GX scheduled Autoupdate 1630704311 - C:\Users\Taha\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe -r
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\96.0.4664.93\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe


--
End of file - Time spent: 32,4 sec. - 28192 bytes, CRC32: FFFFFFFF. Sign: ⦸ᦎ

Sistemim de Performans düşüşü hissettiğimi düşünüyorum ve zararlı yazılım şüphem yok ama onun için de bakarsanız çok makbule geçer. Belirtmem gereken bir diğer şey, bilgisayar da çok görülmeyen 2-3 saniyelik donmalar yaşanıyor ve ekran siyahlaşıp geri geliyor ve ekran teması değişiyor (ekran kartı resetleniyor galiba), ve nadiren siteler donuyor. sanırsam HDD kaynaklı ama. İncelemenizi rica edeceğim, teşekkür ediyorum bu arada yararlı bir yazılım olmuş. Ben bir göz attım ama işi bilene bırakıyorum, en fazla görev yöneticisinde ki ayrıntılardan incelemiştim ama bu biraz daha ayrıntılı ve güzelmiş.
 
Son düzenleme:
Bunları fixleyin, Zararlı bulunmuyor:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.joygame.com/games.aspx?g=2001
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Taha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/04/26)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2021/05/16)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/05/21)
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_455420D7B808869FE27B2B57E42A080D] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (2021/06/24)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\Taha\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2021/11/16)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/04/26)
O4 - HKLM\..\StartupApproved\Run32: [amd_dc_opt] = C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (2021/09/04)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/04/26)
O22 - BITS Job: (download) {5271632A-25A5-4777-8FB4-DE468539D165} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adht3vk47dehzzy5twtbkj3cddsq_7030/hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3 -> C:\Users\Taha\AppData\Local\Temp\chrome_BITS_10964_1880865846\hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3
 
Murat5038 dedi:
Bunları fixleyin, Zararlı bulunmuyor:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.joygame.com/games.aspx?g=2001
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Taha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/04/26)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2021/05/16)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/05/21)
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_455420D7B808869FE27B2B57E42A080D] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (2021/06/24)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\Taha\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2021/11/16)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/04/26)
O4 - HKLM\..\StartupApproved\Run32: [amd_dc_opt] = C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (2021/09/04)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/04/26)
O22 - BITS Job: (download) {5271632A-25A5-4777-8FB4-DE468539D165} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adht3vk47dehzzy5twtbkj3cddsq_7030/hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3 -> C:\Users\Taha\AppData\Local\Temp\chrome_BITS_10964_1880865846\hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3
Genişletmek için tıkla...
Bilgisayarı yeniden başlatıp 3 dakika bir şey yapmadıktan sonra taratıp öyle dediklerinizi fixleyeyim değil mi ? yanlışlık olmasın sonra.
 
fenomenale dedi:
Bilgisayarı yeniden başlatıp 3 dakika bir şey yapmadıktan sonra taratıp öyle dediklerinizi fixleyeyim değil mi? Yanlışlık olmasın sonra.
Genişletmek için tıkla...
İstediğiniz gibi yapabilirsiniz.
 
Murat5038 dedi:
İstediğiniz gibi yapabilirsiniz.
Genişletmek için tıkla...
Dediklerinizi fix checked yaptım ama şu;
Kod: 
O22 - BITS Job: (download) {5271632A-25A5-4777-8FB4-DE468539D165} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adht3vk47dehzzy5twtbkj3cddsq_7030/hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3 -> C:\Users\Taha\AppData\Local\Temp\chrome_BITS_10964_1880865846\hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3
Tekrar tarattığımda gözükmedi ?
 
fenomenale dedi:
Dediklerinizi fix checked yaptım ama şu;
Kod: 
O22 - BITS Job: (download) {5271632A-25A5-4777-8FB4-DE468539D165} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adht3vk47dehzzy5twtbkj3cddsq_7030/hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3 -> C:\Users\Taha\AppData\Local\Temp\chrome_BITS_10964_1880865846\hfnkpimlhhgieaddgfemjhofmfblmnib_7030_all_aca4gxlhgfsr2glics3qfti4j72a.crx3
Tekrar tarattığımda gözükmedi ?
Genişletmek için tıkla...
Tempi sürekli silen biriyseniz ondandır.
 
insann dedi:
Tempi sürekli silen biriyseniz ondandır.
Genişletmek için tıkla...
Nasıl yani, anlamadım tam olarak.
@Murat5038 Dediklerinizi fix checked yaptım ve işaretlediğim tüm programlar pcden silinmiş neden böyle oldu ?
Neyse hocam Epic Games i onararak geri getirebildim 200GBlık oyun gidiyordu, şimdi Google, Discord ve Origini tekrar yüklüyorum.
 
Son düzenleme:
Selamlar hocam. Öncelikle sistemim; R3 2200G, 16 GB 3200 MHz PNY MD16GK2D4320016AXR, 1 TB PNY CS2130, 250 GB Samsung 870 EVO.
Bu sistem ile genel bir performans düşüklüğü hissediyorum, tarayıcıda ve videolarda kasma hissiyatı oluşuyor. Raporu aşağıya ekliyorum. Teşekkürler.
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform:  x64 Windows 10 (Pro), 10.0.19044.1415 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      16.12.2021 - 20:32 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Rezerve    (group: Administrators) on DESKTOP-JMG8J17, FirstRun: yes

Chrome:  96.0.4664.110
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Users\Rezerve\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  21  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Rezerve\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/12/06)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/12/06)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\96.0.4664.110\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O26 - Debugger: HKLM\..\mpcmdrun.exe: [Debugger] = C:\Windows\System32\systray.exe (Microsoft)


--
End of file - Time spent: 7,1 sec. - 10542 bytes, CRC32: FFFFFFFF. Sign: 㧟冿
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
548
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.687
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.001
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.006
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.534
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı