Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Murat5038 dedi:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 192.168.49.1:8282 (disabled)
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O1 - Hosts: 127.0.0.1 www.xilisoft.com
O1 - Hosts: 127.0.0.1 online.xilisoft.com
O1 - Hosts: 127.0.0.1 www.imtoo.com
O1 - Hosts: 127.0.0.1 online.imtoo.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 reg.wisecleaner.com
O1 - Hosts: 127.0.0.1 api.adguard.com
O1 - Hosts: 127.0.0.1 api-b.adguard.com
O1 - Hosts: 127.0.0.1 api-c.adguard.com
O1 - Hosts: 127.0.0.1 api-d.adguard.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O4 - HKCU\..\Run: [WİN7] = C:\Windows\explorer.exe http://exinariuminix.info
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32\Wbem
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32\WindowsPowerShell\v1.0
O23 - Service R2: Power Manager - (PowerManager) - C:\Windows\svchost.exe
O23 - Service R2: RemoteMouseService - C:\Program Files\Remote Mouse\RemoteMouseService.exe
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files\WinPcap\rpcapd.exe -d -f "C:\Program Files\WinPcap\rpcapd.ini"
O23 - Service S3: SHAREit Hotspot Service - (uSHAREitSvc) - C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe
Bunları fixleyin.

Seninki ayrı onunki ayrı :) Zararlı var bilgisayarında.
Genişletmek için tıkla...
Şimdi HijackThis programını kapatmıştım daha önce, fixlemek için tekrar mı Bilgisayarı yeniden açıp 3 dakika bekleyip tekrar mı yapıcam aynı işlemleri?
 
Murat5038 dedi:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 192.168.49.1:8282 (disabled)
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O1 - Hosts: 127.0.0.1 www.xilisoft.com
O1 - Hosts: 127.0.0.1 online.xilisoft.com
O1 - Hosts: 127.0.0.1 www.imtoo.com
O1 - Hosts: 127.0.0.1 online.imtoo.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 reg.wisecleaner.com
O1 - Hosts: 127.0.0.1 api.adguard.com
O1 - Hosts: 127.0.0.1 api-b.adguard.com
O1 - Hosts: 127.0.0.1 api-c.adguard.com
O1 - Hosts: 127.0.0.1 api-d.adguard.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O4 - HKCU\..\Run: [WİN7] = C:\Windows\explorer.exe http://exinariuminix.info
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32\Wbem
O7 - TroubleShooting: (EV) %PATH% has missing system folder: C:\Windows\System32\WindowsPowerShell\v1.0
O23 - Service R2: Power Manager - (PowerManager) - C:\Windows\svchost.exe
O23 - Service R2: RemoteMouseService - C:\Program Files\Remote Mouse\RemoteMouseService.exe
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files\WinPcap\rpcapd.exe -d -f "C:\Program Files\WinPcap\rpcapd.ini"
O23 - Service S3: SHAREit Hotspot Service - (uSHAREitSvc) - C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe
Bunları fixleyin.

Seninki ayrı onunki ayrı :) Zararlı var bilgisayarında.
Genişletmek için tıkla...
Sadece hocam olabilir diye fikrimi belirtmişim ama doğru cevabı vermişsiniz 😀
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Enterprise), 10.0.18363.836 (ReleaseId: 1909), Service Pack: 0
Time:      16.05.2020 - 12:58 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    lucitrash    (group: Administrator) on DESKTOP-CSHI5K7, FirstRun: yes

Chrome:  81.0.4044.92
Firefox: 72.0.2.7321
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Users\commu\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
   1  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
   1  C:\Users\commu\Desktop\HiJackThis\HiJackThis.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
  65  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
F2-32 - HKLM\..\WinLogon: [UserInit] = C:\WINDOWS\SysWOW64\userinit.exe,
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\AutorunsDisabled: (no name) - (no file)
O15 - HKCU\..\ESC Trusted IP range: http://192.168.1.1
O15 - HKCU\..\Trusted IP range: http://192.168.1.1
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (Not scheduled) update-S-1-5-21-1642105565-187308140-4139101683-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe  (file missing)
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe


--
End of file - Time spent: 35,1 sec. - 9978 bytes, CRC32: FFFFFFFF. Sign: 馁᪻
 
Zararlı yok ama bunları fixleyin yine de:
Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
F2-32 - HKLM\..\WinLogon: [UserInit] = C:\WINDOWS\SysWOW64\userinit.exe,
O9 - Button: HKLM\..\AutorunsDisabled: (no name) - (no file)
O15 - HKCU\..\ESC Trusted IP range: http://192.168.1.1
O15 - HKCU\..\Trusted IP range: http://192.168.1.1
O17 - DHCP DNS 1: 192.168.1.1
O23 - Service R3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.778 (ReleaseId: 1903), Service Pack: 0
Time:      17.05.2020 - 22:56 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    xxkar    (group: Administrator) on DESKTOP-ORVFSMT, FirstRun: yes

Chrome:  81.0.4044.138
Edge:    11.0.18362.752
Internet Explorer: 11.0.18362.1
Default: "C:\Users\xxkar\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
   1  C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  16  C:\Users\xxkar\AppData\Local\Programs\Opera GX\67.0.3575.130\opera.exe
   1  C:\Users\xxkar\AppData\Local\Programs\Opera GX\67.0.3575.130\opera_crashreporter.exe
   1  C:\Users\xxkar\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\SysWOW64\vmnat.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  81  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   2  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\StartupApproved\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2019/10/10)
O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Updater] = C:\Users\xxkar\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2020/05/04)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\xxkar\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/03/11)
O4 - HKCU\..\StartupApproved\Run: [com.blitz.app] = C:\Users\xxkar\AppData\Local\Blitz\Update.exe --processStart "Blitz.exe" --process-start-args "--hidden" (2019/11/02)
O4 - HKCU\..\StartupApproved\Run: [f.lux] = C:\Users\xxkar\AppData\Local\FluxSoftware\Flux\flux.exe /noshow (2020/05/04)
O4 - HKCU\..\StartupApproved\Run: [obfuscated(29)(1)] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\xxkar\AppData\Roaming\obfuscated(29)(1).js" (2020/03/04)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\xxkar\AppData\Roaming\uTorrent\uTorrent.exe (2019/10/04)
O4 - HKLM\..\StartupApproved\Run32: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (2020/04/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/11/02)
O4 - HKLM\..\StartupApproved\Run32: [obfuscated(29)(1)] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\xxkar\AppData\Roaming\obfuscated(29)(1).js" (2020/03/04)
O4 - HKLM\..\StartupApproved\Run32: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (2020/03/04)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2019/09/30)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run: [SoftEther VPN Client UI Helper] = C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /uihelp (2020/02/14)
O4 - HKLM\..\StartupApproved\Run: [XMouseButtonControl] = C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable /delay (2019/11/30)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk    ->    C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe -startup (2019/10/10)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk    ->    C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe /startup (2020/02/14)
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 195.175.39.50
O17 - DHCP DNS 2: 195.175.39.49
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O22 - Task (.job): (Not scheduled) update-S-1-5-21-1663258647-2655838421-568016187-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: VMware Authorization Service - (VMAuthdService) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service R2: VMware NAT Service - C:\WINDOWS\SysWOW64\vmnat.exe
O23 - Service R2: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service R2: VMware Workstation Server - (VMwareHostd) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -u "C:\ProgramData\VMware\hostd\config.xml"
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service S2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service S2: SoftEther VPN Client - (SEVPNCLIENT) - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /service
O23 - Service S2: VMware DHCP Service - (VMnetDHCP) - C:\WINDOWS\SysWOW64\vmnetdhcp.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Gameforge Client Service - (GameforgeClientService) - C:\Program Files (x86)\GameforgeClient\gfservice.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - D:\over\Overwolf\OverwolfUpdater.exe /RunningFrom SCM (file missing)
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"


--
End of file - Time spent: 32 sec. - 21892 bytes, CRC32: FFFFFFFF. Sign: �
 
Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Updater] = C:\Users\xxkar\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2020/05/04)
O4 - HKCU\..\StartupApproved\Run: [com.blitz.app] = C:\Users\xxkar\AppData\Local\Blitz\Update.exe --processStart "Blitz.exe" --process-start-args "--hidden" (2019/11/02)
O4 - HKCU\..\StartupApproved\Run: [f.lux] = C:\Users\xxkar\AppData\Local\FluxSoftware\Flux\flux.exe /noshow (2020/05/04)
O4 - HKCU\..\StartupApproved\Run: [obfuscated(29)(1)] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\xxkar\AppData\Roaming\obfuscated(29)(1).js" (2020/03/04)
O4 - HKLM\..\StartupApproved\Run32: [obfuscated(29)(1)] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\xxkar\AppData\Roaming\obfuscated(29)(1).js" (2020/03/04)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk    ->    C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe -startup (2019/10/10)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk    ->    C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe /startup (2020/02/14)
 
THE_MILLER dedi:
Eki Görüntüle 346215

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) http://dragokas.com/tools/HiJackThis.zip Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

Eki Görüntüle 346216

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

Eki Görüntüle 346202

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
Eki Görüntüle 346203

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

Eki Görüntüle 346206


*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Eki Görüntüle 346207
Kod'a tıklayın.

Eki Görüntüle 346208

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (performans düşüşü, malware varlığı şüphesi) belirterek konuyu cevaplayın.

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
Eki Görüntüle 346212
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.18362.836 (ReleaseId: 1903), Service Pack: 0
Time:      18.05.2020 - 12:28 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    serka    (group: Administrator) on DESKTOP-DA9KQO4, FirstRun: yes

Chrome:  81.0.4044.138
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Users\serka\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" -- "%1" (Yandex)

Boot mode: Normal

Running processes:
Number | Path
  26  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
   1  C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
   1  C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   2  C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
   1  C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
   2  C:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.88.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
   1  C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk2.exe
   1  C:\Users\serka\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  75  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O4 - HKCU\..\Run: [Spotify] = C:\Users\serka\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [YandexDisk2] = C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk2.exe -autostart
O4 - HKCU\..\RunOnce: [Application Restart #1] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/02/26)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\serka\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/02/26)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2018/11/21)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [SFAUpdater] = C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (2020/02/26)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/02/26)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/02/26)
O4-32 - HKLM\..\Run: [RadminVPN] = C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe /minimized
O4-32 - HKLM\..\Run: [Razer Synapse] = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk1 SyncDone: Yandex.Disk Icon Overlay (SyncDone) - {C5F6CDD1-FB7B-4971-A53F-4B00757F756B} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk2 SyncProgress: Yandex.Disk Icon Overlay (SyncProgress) - {75EF3512-D401-4172-BA0F-00E000DCBCE4} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk3 SyncDisabled: Yandex.Disk Icon Overlay (SyncDisabled) - {8EEE3CD5-1F70-4B63-B19D-A5F1457761DB} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk4 SyncError: Yandex.Disk Icon Overlay (SyncError) - {9CE04609-A360-4266-9937-9D799E8D2D5A} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk5 SyncPart: Yandex.Disk Icon Overlay (SyncPart) - {63ADB0D1-6DA0-46A2-89D0-E0CE44536E32} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task (.job): Yandex Browser güncelleme servisinin düzeltilmesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe  --repair
O22 - Task (.job): Yandex Browser güncellemesi.job - C:\Users\serka\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
O22 - Task (.job): Yandex Browser sistem güncellemesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe  --run-as-launcher
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: Radmin VPN Control Service - (RvControlSvc) - C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe /service
O23 - Service R2: Razer Game Scanner - (Razer Game Scanner Service) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Yandex.Browser Update Service - (YandexBrowserService) - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe --run-as-service
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Luminati Net Updater - (luminati_net_updater_win_alcohol_soft) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\lumsdk\net_updater32.exe Files (x86)\Alcohol Soft\Alcohol 120\lumsdk\net_updater32.exe --updater win_alcohol.soft (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 28,6 sec. - 20362 bytes, CRC32: FFFFFFFF. Sign: 헳뜎
Genişletmek için tıkla...
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.18362.836 (ReleaseId: 1903), Service Pack: 0
Time:      18.05.2020 - 12:28 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    serka    (group: Administrator) on DESKTOP-DA9KQO4, FirstRun: yes

Chrome:  81.0.4044.138
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Users\serka\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" -- "%1" (Yandex)

Boot mode: Normal

Running processes:
Number | Path
  26  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
   1  C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
   1  C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   2  C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
   1  C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
   2  C:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.88.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
   1  C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk2.exe
   1  C:\Users\serka\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  75  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O4 - HKCU\..\Run: [Spotify] = C:\Users\serka\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [YandexDisk2] = C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk2.exe -autostart
O4 - HKCU\..\RunOnce: [Application Restart #1] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/02/26)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\serka\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/02/26)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2018/11/21)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [SFAUpdater] = C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (2020/02/26)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/02/26)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/02/26)
O4-32 - HKLM\..\Run: [RadminVPN] = C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe /minimized
O4-32 - HKLM\..\Run: [Razer Synapse] = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk1 SyncDone: Yandex.Disk Icon Overlay (SyncDone) - {C5F6CDD1-FB7B-4971-A53F-4B00757F756B} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk2 SyncProgress: Yandex.Disk Icon Overlay (SyncProgress) - {75EF3512-D401-4172-BA0F-00E000DCBCE4} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk3 SyncDisabled: Yandex.Disk Icon Overlay (SyncDisabled) - {8EEE3CD5-1F70-4B63-B19D-A5F1457761DB} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk4 SyncError: Yandex.Disk Icon Overlay (SyncError) - {9CE04609-A360-4266-9937-9D799E8D2D5A} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\    YandexDisk5 SyncPart: Yandex.Disk Icon Overlay (SyncPart) - {63ADB0D1-6DA0-46A2-89D0-E0CE44536E32} - C:\Users\serka\AppData\Roaming\Yandex\YandexDisk2\3.1.18.3306\YandexDisk3ShellExt-1511.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task (.job): Yandex Browser güncelleme servisinin düzeltilmesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe  --repair
O22 - Task (.job): Yandex Browser güncellemesi.job - C:\Users\serka\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
O22 - Task (.job): Yandex Browser sistem güncellemesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe  --run-as-launcher
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: Radmin VPN Control Service - (RvControlSvc) - C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe /service
O23 - Service R2: Razer Game Scanner - (Razer Game Scanner Service) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Yandex.Browser Update Service - (YandexBrowserService) - C:\Program Files (x86)\Yandex\YandexBrowser\20.4.1.225\service_update.exe --run-as-service
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Luminati Net Updater - (luminati_net_updater_win_alcohol_soft) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\lumsdk\net_updater32.exe Files (x86)\Alcohol Soft\Alcohol 120\lumsdk\net_updater32.exe --updater win_alcohol.soft (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 28,6 sec. - 20362 bytes, CRC32: FFFFFFFF. Sign: 헳뜎
 
özellikle chrome'da iken kesik kesik donmalar yaşamaya başladım bilgisayarımda. 7700k 2080ti 16gb ram 850 watt psu 500 gb nvme ssd kullanmaktayım.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18363.836 (ReleaseId: 1909), Service Pack: 0
Time:      20.05.2020 - 09:42 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    ozgur    (group: Administrator) on DESKTOP-NF91H70, FirstRun: yes

Chrome:  81.0.4044.138
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
   1  C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
   1  C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
   1  C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
   1  C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
  37  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
   1  C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe
   1  C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
   2  C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
   1  C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
   1  C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
   1  C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
   1  C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
   1  C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe
   1  C:\Program Files\EVGA\Precision X1\PrecisionX_x64.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
   2  C:\Program Files\LGHUB\lghub.exe
   1  C:\Program Files\LGHUB\lghub_agent.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   1  C:\Program Files\LGHUB\logi_analytics_client.exe
   1  C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
   1  C:\Program Files\McAfee\WebAdvisor\browserhost.exe
   1  C:\Program Files\McAfee\WebAdvisor\servicehost.exe
   1  C:\Program Files\McAfee\WebAdvisor\uihost.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFT.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.88.0_x64__8wekyb3d8bbwe\YourPhone.exe
   5  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.132.618.0_x86__zpdnekdrzrea0\Spotify.exe
   1  C:\Users\ozgur\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\ozgur\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\CorsairGamingAudioCfgService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95bdb3a23d6478de\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\IPROSetMonitor.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   5  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\mfevtps.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  82  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: is empty
O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKCU\..\Run: [Battle.net] = C:\Program Files (x86)\Battle.net\Battle.net.exe --autostarted
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AADCE513363819F42595C33CE28C88E5] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKCU\..\Run: [OneDrive] = C:\Users\ozgur\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun
O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-mfe-ipt: [CLSID] = {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service R2: ASUS System Control Service - (AsSysCtrlService) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
O23 - Service R2: Corsair Gaming Audio Configuration Service - (CorsairGamingAudioConfig) - C:\Windows\system32\CorsairGamingAudioCfgService64.exe
O23 - Service R2: Corsair LLA Service - (CorsairLLAService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) PROSet Monitoring Service - C:\Windows\system32\IProsetMonitor.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: McAfee AP Service - (McAPExe) - C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe
O23 - Service R2: McAfee CSP Service - (mccspsvc) - C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe
O23 - Service R2: McAfee Module Core Service - (ModuleCoreService) - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service R2: McAfee PEF Service - (PEFService) - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
O23 - Service R2: McAfee Service Controller - (mfemms) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95bdb3a23d6478de\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95bdb3a23d6478de\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: TRIGONE Remote System Monitor Server - (RemoteSystemMonitorService) - C:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe
O23 - Service R3: McAfee Validation Trust Protection Service - (mfevtp) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
O23 - Service S3: McAfee Firewall Core Service - (mfefire) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: SAMSUNG Mobile USB Connectivity Launcher - (ss_conn_launcher_service) - C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe


--
End of file - Time spent: 12,8 sec. - 31136 bytes, CRC32: FFFFFFFF. Sign: 䁘賳
 
@serkankocaoglu Zararlıya yönelik bir şey gözükmüyor.
kill3rvib3 dedi:
chrome'da iken kesik kesik donmalar yaşamaya başladım bilgisayarımda.
Genişletmek için tıkla...
TRIGONE Remote System Monitor kaldır. Temiz önyükleme yapıp, Asus araçlarını kaldır. O kadar şey açıkken bende donarım. Gereksiz şeyleri kaldır.
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
543
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.685
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
999
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.002
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.510
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı