HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
429905 dedi:
AnyDesk ve Chrome uçtu hocam bunları sildikten sonra :DTtekrar setup yaptım.
Genişletmek için tıkla...
Dediklerini sadece başlangıçtan kapattım doğru olanı seçtiysen sadece açılışı kapatır. Kendin açabilirdin. Başlangıçtan kapat onları.
 
Murat5038 dedi:
Hayır.

Rehberi okuyun. "şurayada bakar mısnız" bir soru değil.
Genişletmek için tıkla...

Uzun zamandır PC kullanmıyordum, Windows 10 güncellemeler ile birlikte birçok takip kayıt ve geri bildirim vb sistem uygulaması eklemiş.
Birçoğuna hakim değilim.
Gelişen güvenlik ile birlikte zararlı yazılımlarında gizlenmesi arttırılmış olacaktır. Güncel bilgim yetersiz kalıyor ve bu yüzden ayırt edemiyorum.
Attığım kayıtlarda sizce sorun teşkil eden araçlar var mı?

Not: Üst düzey bir şekilde, sisteme izinsiz, uzaktan, IP yolu veya modem aracılığı ile giriş yapılıp yapılmadığını, aktif veya de-aktif bir virüs olup olmadığını tespit edebileceğim bir rehber önerir misiniz?
 
Yusuf Ozer dedi:
Not: Üst düzey bir şekilde, sisteme izinsiz, uzaktan, IP yolu veya modem aracılığı ile giriş yapılıp yapılmadığını, aktif veya de-aktif bir virüs olup olmadığını tespit edebileceğim bir rehber önerir misiniz?
Genişletmek için tıkla...
Bunu sağlam bir AV yapar normal bir kullanıcı edemez.

Yusuf Ozer dedi:
Gelişen güvenlik ile birlikte zararlı yazılımlarında gizlenmesi arttırılmış olacaktır. Güncel bilgim yetersiz kalıyor ve bu yüzden ayırt edemiyorum.
Attığım kayıtlarda sizce sorun teşkil eden araçlar var mı?
Genişletmek için tıkla...
Bunlara göre inceleme yapacağım, bunları fixleyin:
Kod: 
O4 - HKLM\..\StartupApproved\Run: [SVLoadSense] = c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe (2022/04/14)
O22 - BITS Job: (download) {DA80DC54-1F7B-4E3A-8F55-E6ABF8BE2341} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dflyaas7ksvjsoycgrumpapqqq_327/lmelglejhemejginpboagddgdfbepgmp_327_all_ZZ_adfmgp62ft4h2ezygp5hg7nocytq.crx3 -> C:\Users\grlth\AppData\Local\Temp\chrome_BITS_3892_207595091\lmelglejhemejginpboagddgdfbepgmp_327_all_ZZ_adfmgp62ft4h2ezygp5hg7nocytq.crx3
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \ASUS\ASUSUpdateTaskMachineCore1d8518c89cdbdea - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (file missing)
O22 - Task: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: SS2Svc32Run - C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7)
O22 - Task: SS2Svc64Run - C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7)
O22 - Task: SS2UILauncherRun - C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7)
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.17

Platform:  x64 Windows 10 (Pro), 10.0.19044.1645 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      27.04.2022 - 03:00 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    iakpn    (group: Administrators) on ISMAIL, FirstRun: yes

Chrome:  100.0.4896.127
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  12  C:\Program Files\Google\Chrome\Application\chrome.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\PCHealthCheck\PCHealthCheck.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
   6  C:\Users\iakpn\AppData\Local\Discord\app-1.0.9004\Discord.exe
   6  C:\Users\iakpn\AppData\Roaming\Spotify\Spotify.exe
   1  C:\Users\iakpn\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\RtkBtManServ.exe
   1  C:\Windows\servicing\TrustedInstaller.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_0bd6acc6adc82042\ICEsoundService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_b16f8c7f597d113d\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHeciSvc.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6cb77604611009e1\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\Intel\DPTF\dptf_helper.exe
   1  C:\Windows\System32\Intel\DPTF\esif_uf.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  80  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wuauclt.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1677_none_7dfadea07c9b7349\TiWorker.exe

O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\iakpn\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/03/31)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2022/03/31)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\iakpn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Deskjet 1510 series.lnk    ->    C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41O174Y805XJ;CONNECTION=USB;MONITOR=1; (2022/04/01)
O4 - Startup: C:\Users\iakpn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk    ->    C:\Users\iakpn\AppData\Local\MEGAsync\MEGAsync.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\iakpn\AppData\Local\MEGAsync\ShellExtX64.dll
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \MEGA\MEGAsync Update Task S-1-5-21-140924118-2646599860-4282078365-1001 - C:\Users\iakpn\AppData\Local\MEGAsync\MEGAupdater.exe (file missing)
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore{226933E6-E810-49A5-A837-7E627AE57559} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA{BB189AE9-44B4-40D0-8077-21AFE68F02D2} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: RtHDVBg_ListenToDevice - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /AECBYLISTENTOSTATUS
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /runcplsilence
O23 - Service R2: "Realtek Bluetooth Device Manager Service"    ;RtkServ - (RtkBtManServ) - C:\Windows\RtkBtManServ.exe
O23 - Service R2: ESIF Upper Framework Service - (esifsvc) - C:\Windows\system32\Intel\DPTF\esif_uf.exe
O23 - Service R2: ICEsoundService - C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_0bd6acc6adc82042\ICEsoundService64.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_b16f8c7f597d113d\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6cb77604611009e1\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6cb77604611009e1\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\100.0.4896.127\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: ProtonVPN Service - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service S3: ProtonVPN Update Service - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe C:\ProgramData\ProtonVPN\WireGuard\ProtonVPN.conf
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 50,6 sec. - 28264 bytes, CRC32: FFFFFFFF. Sign: 铮泓
Hocam bakar mısınız? Herhangi bir virüs veya başka bir şey var mı ? Teşekkürler.
 
Hocam incelerseniz sevinirim. Sorunum şu bilgisayar nedenini bilmediğim sebepten dolayı ara sıra kasıyor ve en basitinden windows penceresinin sağa sola sürüklerken takıla takıla gidiyor.
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform:  x64 Windows 10 (Home), 10.0.19044.1645 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      17.05.2022 - 20:46 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    hawk    (group: Administrators) on DESKTOP-14Q4N0P, FirstRun: yes

Internet Explorer: 11.789.19041.0
Default: "C:\Users\oguzh\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   2  C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Users\oguzh\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  D:\Steam\steam.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2021/09/21)
O5 - Applet: C:\Windows\System32\RTSnMg64.cpl (Sign: 'Realtek Semiconductor Corp')
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (Realtek HD Audio Control Panel)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) Opera GX scheduled assistant Autoupdate 1628163321 - C:\Users\oguzh\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oguzh\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (file missing)
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (file missing)
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (file missing)
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (file missing)
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (file missing)
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (file missing)
O22 - Task: Opera GX scheduled Autoupdate 1626915330 - C:\Users\oguzh\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService


--
End of file - Time spent: 24 sec. - 18944 bytes, CRC32: FFFFFFFF. Sign: 碻Ἂ
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
637
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı