suleymandy
Centipat
- Katılım
- 29 Kasım 2020
- Mesajlar
- 2.246
- Makaleler
- 3
- Çözümler
- 9
Daha fazla
- Cinsiyet
- Erkek
Selamlar hepinize arkadaşlar!
Bugün internette gezinirken aniden ne olduysa bir rapor geldi Malwarebytes'ten ve miner virüsü olduğunu söyledi tam tarama yaptım 21 tane virüs buldu, 6 tanesi miner diğerleri Full trojandı. Gittiğinden nasıl emin olabilirim şu an tekrar tarama yapıyorum.
Rapor sonuçları:
İşlemci ve ekran kartı sıcaklıkları şu an bayağı yüksek laptopa dokunduğum gibi elim ısınıyor fanları Turbo ayarda boşta çalıştırırsam azıcık düzelme şansı olabilir mi?
Bugün internette gezinirken aniden ne olduysa bir rapor geldi Malwarebytes'ten ve miner virüsü olduğunu söyledi tam tarama yaptım 21 tane virüs buldu, 6 tanesi miner diğerleri Full trojandı. Gittiğinden nasıl emin olabilirim şu an tekrar tarama yapıyorum.
Rapor sonuçları:
Kod:
Malwarebytes.
www.malwarebytes.com
-Log details-
Scan date: 4/25/21
Scan time: 7:09 pm.
Log file: 93339ABC-A5E0-11EB-9A80-74e6E24CA1F8.json
-Software ınformation-
Version: 4.3.0.98
Components version: 1.0.1273
Update package version: 1.0.39797
License: Free.
-System ınformation-
OS: Windows 10 (Build 19042.928)
CPU: X64.
FILE_SYSTEM: NTFS.
User: DESKTOP-KVJSMK7\Kemal
-Scan summary-
Scan type: Threat scan.
Scan ınitiated by: Manual.
Result: Completed.
Objects scanned: 305522.
Threats detected: 21.
Threats quarantined: 21.
Time elapsed: 15min, 59 sec.
-Scan options-
Memory: Enabled.
Startup: Enabled.
Filesystem: Enabled.
Archives: Enabled.
Rootkits: Disabled.
Heuristics: Enabled.
PUP: Detect.
Pum: Detect.
-Scan details-
Process: 1
Trojan. Agent, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\STEALGPX.EXE, quarantined, 511, 30292, 4E86FE67E53C0BA292B2F47AF5cc5802, EB3989977F9fb8C5E485BAB25a4D2C26DB9A7bEE49E9C5e34D381BCC3eaB3105
Module: 1
Trojan. Agent, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\STEALGPX.EXE, quarantined, 511, 30292, 4E86FE67E53C0BA292B2F47AF5cc5802, EB3989977F9fb8C5E485BAB25a4D2C26DB9A7bEE49E9C5e34D381BCC3eaB3105
Registry Key: 5
Trojan. Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\stealgpx, quarantined, 511, 30292,
Trojan. Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E716DB76-FB03-4756-AF61-3205211B9098}, quarantined, 511, 30292,
Trojan. Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{E716DB76-FB03-4756-AF61-3205211B9098}, quarantined, 511, 30292,
Trojan. Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE fıle executıon OPTIONS\SVCHOST.EXE, quarantined, 511, 30292,
Trojan. Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE fıle executıon OPTIONS\SVCHOST.EXE, quarantined, 511, 30292,
Registry Value: 0
(No malicious items detected)
Registry data: 0
(No malicious items detected)
Data stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 14.
Trojan. Agent, C:\WINDOWS\SYSTEM32\TASKS\stealgpx, quarantined, 511, 30292, 6E951CB222C91830Aa59E48919D01D27, A77C639B9297637158C9dd3C56B729615F26841B2D102F04D714E90A50D7Cad1
Trojan. Agent, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\STEALGPX.EXE, quarantined, 511, 30292, 1.0.39797, ame, 4E86FE67E53C0BA292B2F47AF5cc5802, EB3989977F9fb8C5E485BAB25a4D2C26DB9A7bEE49E9C5e34D381BCC3eaB3105
Hacktool. Agent, C:\USERS\KEMAL\APPDATA\ROAMING\PROCESS.EXE, quarantined, 4007, 915640, 1.0.39797, daacEC232FDAb80e7F7ee734, dds, 01217679, AE7FA50A6734b6EA71CBBC9D42B775A7, 7E5053F23EB3946ABE5511B0681DC81628AAD802E489A33BC59C233451466DC0
Trojan. PowerShell, C:\USERS\KEMAL\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\DEFENDER.EXE, quarantined, 5649, 907335, 1.0.39797, bde3B831DD9EE88BFB0a23A9, dds, 01217679, A32174FC6008FF4A8E74608BD3491ACF, AB7948D3F7B00A906F0967CA7957CB73652D8C432A52a5E6524D977949F4E26D
Trojan. PowerShell, C:\USERS\KEMAL\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\PROCESS.EXE, quarantined, 5649, 907335, 1.0.39797, C78B3139CEe9B04E36A0def2, dds, 01217679, bfCE7290A7afd7B96B5A1e2C474A524D, 881BC742A25C188A8CF652E776E7A7AD17753AFD4902CAecc7D731664a0da155
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\5367.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\B5AB.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\1494.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\CCD8.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\EEB0.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Riskware. Bitcoinminer, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\D4B1.TMP\DEFENDER.EXE, quarantined, 909, 930555, 1.0.39797, 14154AE4B587CA9578ae3845, dds, 01217679, 3C9dCC91E05DC05A01FFF739E40474D7, 6dd7b3D944595429136366B908FD18D3cAC315C6F1453DD4Cb5bcafa9e9A95A6
Spyware. Lokibot, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\RAR$EXB3964.7266\VALORANT_BOT_2021 X32.EXE, quarantined, 4263, 861286, 1.0.39797, BB85ECCCdEF063964D982ed8, dds, 01217679, B0149AE6ceef6efdb7D4ED674F6B2872, 0A2547FD9188E8794CA33CC8E40D0cb3F5F9622BF8886A589212038C82423967
Riskware. Avdis. Msıl, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\RARSFX1\INJECTION-PATCHER.EXE, quarantined, 14855, 776730, 1.0.39797, dDC22EFCB7F208D5C9bb019e, dds, 01217679, B717AFB98cdd2BD66E91E1E02E57D0ba, 9292F5FEbAA31C693A62CB8025A5eb6ce9b7CD86F51E7CF0eaf8B02F57C13146
Trojan. Agent, C:\USERS\KEMAL\APPDATA\LOCAL\TEMP\RARSFX2\SVCHOST.EXE, quarantined, 511, 30292, 1.0.39797, ame, 4E86FE67E53C0BA292B2F47AF5cc5802, EB3989977F9fb8C5E485BAB25a4D2C26DB9A7bEE49E9C5e34D381BCC3eaB3105
Physical sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(End)
İşlemci ve ekran kartı sıcaklıkları şu an bayağı yüksek laptopa dokunduğum gibi elim ısınıyor fanları Turbo ayarda boşta çalıştırırsam azıcık düzelme şansı olabilir mi?