"Exinariuminix. İnfo" zararlı mı?

OdaKokusu · 29 Ağustos 2023

Arkadaşlar bilgisayar her açıldığında exinariuminix. İnfo diye bir site açılıyor ama site boş. "bu sayfaya ulaşılamıyor" hatası veriyor. Bunun bilgisayara bir zararı var mıdır? Yoksa sadece otomatik açılmaya kodlanan bir site mi? System32\Tasks\PC dosyasını silmeme rağmen gitmedi.

Alder Lake · 29 Ağustos 2023

Reklam virüsü tarzı bir şey yemişsiniz. Kaspersky veya Malwarebytes ile tarama yap. AdwCleaner'da olabilir.

OdaKokusu · 29 Ağustos 2023

Alder Lake dedi:
Reklam virüsü tarzı bir şey yemişsiniz. Kaspersky veya Malwarebytes ile tarama yap. AdwCleaner'da olabilir.

Taramayı bugün yapacağım. Fakat diyelim ki yapmadım, bilgisayara bir şey olur mu? Herhangi bir zararı var mı?

Windows Güvenliği · 29 Ağustos 2023

OdaKokusu dedi:
Arkadaşlar bilgisayar her açıldığında exinariuminix. İnfo diye bir site açılıyor ama site boş. "bu sayfaya ulaşılamıyor" hatası veriyor. Bunun bilgisayara bir zararı var mıdır? Yoksa sadece otomatik açılmaya kodlanan bir site mi? System32\Tasks\PC dosyasını silmeme rağmen gitmedi.

Evet kendisi reklam virüsü.

OdaKokusu · 29 Ağustos 2023

Windows Güvenliği dedi:
Evet kendisi reklam virüsü.

Tamam da bilgisayarı yavaşlatmak, verilerimi çalmak gibi vasıfları var mı? Yoksa sadece reklam gösteren boş bir virüs mü?

Alder Lake · 29 Ağustos 2023

OdaKokusu dedi:
Tamam da bilgisayarı yavaşlatmak, verilerimi çalmak gibi vasıfları var mı? Yoksa sadece reklam gösteren boş bir virüs mü?

Genelde zararsızlar. Müsait olduğunuzda halledersiniz.

Windows Güvenliği · 29 Ağustos 2023

OdaKokusu dedi:
Tamam da bilgisayarı yavaşlatmak, verilerimi çalmak gibi vasıfları var mı? Yoksa sadece reklam gösteren boş bir virüs mü?

Sadece reklam virüsü verilerinizi çalamaz, bilgisayarınıza erişemez ama sinir bozucu bi virüs. Eğer AdwCleaner ile tarama yaptıktan sonra çözülmezse yazın başka yöntemler var.

Murat5038 · 29 Ağustos 2023

Sadece reklam değil mining de beraberinde gelen bir durum oluyor.

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir...

www.technopat.net

İlk olarak bunun sonucunu paylaşın bakalım.

OdaKokusu · 30 Ağustos 2023

Murat5038 dedi:
Sadece reklam değil mining de beraberinde gelen bir durum oluyor.

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir...

www.technopat.net

İlk olarak bunun sonucunu paylaşın bakalım.

Unutmazsam yarın yapacağım. Teşekkürler.

OdaKokusu dedi:
Unutmazsam yarın yapacağım. Teşekkürler.

Ayrıca bilgisayar açılınca bu sitenin açılmasını engellemeyi başardım. C:Windows/System32/Tasks/PC dosyasını sildim daha sonra bununla ilgili olan regedit kaydını sildim ve sorun çözüldü. Yine de attığınız programla tarama yapmam gerekir mi?

Murat5038 dedi:
Sadece reklam değil mining de beraberinde gelen bir durum oluyor.

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir...

www.technopat.net

İlk olarak bunun sonucunu paylaşın bakalım.

Şuan attığınız şeyi yapıyorum da bittiğinde log dosyasını buraya mı atacağım? Yoksa verdiğiniz konuya mı?

Murat5038 dedi:
Sadece reklam değil mining de beraberinde gelen bir durum oluyor.

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir...

www.technopat.net

İlk olarak bunun sonucunu paylaşın bakalım.

Tarama bitti log dosyamı ekledim. Ayrı şekilde verdiğiniz konuya da atmam gerekir mi?

Kod:

Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.1.0.2

Platform:  x64 Windows 11 (Pro), 10.0.22621.2134 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      30.08.2023 - 14:23 (UTC+02:00)
Language:  OS: Turkish (0x41F). Display: English (0x409). Non-Unicode: Turkish (0x41F)
Memory:    13281 MiB Free (20 %). CPU Loading: (1 %)
Elevated:  Yes
Ran by:    PC    (group: Administrators; type: Local) on DESKTOP-892IM8S, FirstRun: yes

Chrome:  116.0.5845.140
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
   1  C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   2  C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe
   1  C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23062.153.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
   1  C:\ProgramData\MB3Install\MBAMIService.exe
   1  C:\Users\PC\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\cmd.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0393367.inf_amd64_6fba1387e8658583\B393268\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0393367.inf_amd64_6fba1387e8658583\B393268\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\GigabyteUpdateService.exe
   1  C:\Windows\System32\lsass.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\Sgrm\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
   1  C:\Windows\Windows Driver Foundation (WDF).exe
   1  C:\Windows\WUDNet.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = 56145
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = 77.28.96.196
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 77.28.96.196:56145 (disabled)
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 056145
F2 - HKLM\..\WinLogon: [Shell] = explorer.exe,Windows Driver Foundation (WDF).exe
O1 - Hosts: is empty
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre-1.8\bin\ssv.dll (sign: 'Oracle America, Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\116.0.5845.140\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2023/08/27) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/07/29) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/07/29) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe -background (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2023/08/04) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/08/04) (sign: 'Oracle America, Inc.')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerCCT_CERT_EXPIRY_MITIGATION] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui /instversion "22.22.9" (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_23_5] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui /instversion "22.23.5" (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{2e130e96-30ad-11ee-ae5e-74563c54b5cc}\shell\AutoRun\command: (default) = "D:\setup.EXE" /AUTORUN (file missing)
O4-32 - HKLM\..\RunOnce: [PreRun] = C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine\22.23.5.106\buShell.dll (sign: 'NortonLifeLock Inc.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine32\22.23.5.106\buShell.dll (sign: 'NortonLifeLock Inc.')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (disabled) PC - C:\WINDOWS\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC /t REG_SZ /d "explorer.exe http://exinariuminix.info" (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Norton Security\Norton Security Autofix - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /ui (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton Security\Norton Security Error Analyzer - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /analyze (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton Security\Norton Security Error Processor - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /submit (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe /upgrade /user_logon (sign: 'NortonLifeLock Inc.')
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore{F031F8C2-A8B2-4C7E-84C8-FF00E4ACBE36} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{473E1E96-31B1-4E18-B26D-6D09B121F10B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: MicrosoftEdgeUpdateTaskUserS-1-5-21-2087598649-374239066-1986169749-1001Core{CC0B1E65-A601-44CB-8DCF-DBE577463AD0} - C:\Users\PC\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (sign: 'Microsoft')
O22 - Tasks: MicrosoftEdgeUpdateTaskUserS-1-5-21-2087598649-374239066-1986169749-1001UA{00B95578-EA0A-474A-8EBC-FE997E1FB502} - C:\Users\PC\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (sign: 'Microsoft')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: Norton WSC Integration - C:\Program Files\Norton Security\Engine\22.23.5.106\WSCStub.exe /taskschd (sign: 'NortonLifeLock Inc.')
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Norton Security\Norton Security Autofix - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /ui (file missing)
O22 - Tasks_Migrated: \Norton Security\Norton Security Error Analyzer - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /analyze (file missing)
O22 - Tasks_Migrated: \Norton Security\Norton Security Error Processor - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /submit (file missing)
O22 - Tasks_Migrated: \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe /upgrade /user_logon (sign: 'NortonLifeLock Inc.')
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{5A9067AF-6257-4A2A-8B1C-1C7BDCBC2354} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{B78E6D13-D275-405A-ADEC-1EEE790F8E33} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks_Migrated: MicrosoftEdgeUpdateTaskUserS-1-5-21-2087598649-374239066-1986169749-1001Core{CC0B1E65-A601-44CB-8DCF-DBE577463AD0} - C:\Users\PC\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (sign: 'Microsoft')
O22 - Tasks_Migrated: MicrosoftEdgeUpdateTaskUserS-1-5-21-2087598649-374239066-1986169749-1001UA{00B95578-EA0A-474A-8EBC-FE997E1FB502} - C:\Users\PC\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (sign: 'Microsoft')
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: Norton WSC Integration - C:\Program Files\Norton Security\Engine\22.19.8.65\WSCStub.exe /taskschd (file missing)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0393367.inf_amd64_6fba1387e8658583\B393268\atiesrxx.exe (sign: 'Microsoft')
O23 - Service R2: GIGABYTE Adjust - (MyService1) - C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (not signed)
O23 - Service R2: GIGABYTE Update Service - (GigabyteUpdateService) - C:\WINDOWS\system32\GigabyteUpdateService.exe 쀀   (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe (sign: 'Microsoft')
O23 - Service R2: Malwarebytes IService - (MBAMIService) - C:\ProgramData\MB3Install\MBAMIService.exe (sign: 'Malwarebytes Inc')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service R2: Norton Security - (NortonSecurity) - C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.23.5.106\diMaster.dll" /prefetch:1 (sign: 'NortonLifeLock Inc.')
O23 - Service R2: Norton WSC Service - (nsWscSvc) - C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe (sign: 'NortonLifeLock Inc.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe (sign: 'Microsoft')
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: OpenVPN Agent agent_ovpnconnect - (agent_ovpnconnect) - C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1692705797176.exe (file missing)
O23 - Service S2: OpenVPN Connect Helper Service - (ovpnhelper_service) - C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\116.0.5845.140\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\23.158.0730.0001\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: Twitch Service - (TwitchService) - C:\Program Files\Common Files\Twitch\TwitchService.exe (sign: 'Twitch Interactive, Inc.')
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe (sign: 'Wellbia.com Co., Ltd.')
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe (sign: 'KRAFTON, Inc.')
O23 - Driver R0: Symantec Extended File Attributes (SI) - (SymEFASI) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SYMEFASI64.SYS (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: BHDrvx64 - C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\BASHDefs\20221102.011\BHDrvx64.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: IDSVia64 - C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\IPSDefs\20220922.063\IDSVia64.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: NGC Settings Manager - (ccSet_NGC) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\ccSetx64.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: Symantec Eraser Control driver - (eeCtrl) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: Symantec Iron Driver - (SymIRON) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\Ironx64.SYS (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: Symantec Network Security WFP Driver - (SymNetS) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\symnets.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R1: Symantec Real Time Storage Protection (PEL) x64 - (SRTSPX) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSPX64.SYS (sign: 'Microsoft' - Broadcom)
O23 - Driver R2: MBAMChameleon - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\drivers\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\drivers\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: amdwddmg - C:\WINDOWS\System32\DriverStore\FileRepository\u0393367.inf_amd64_6fba1387e8658583\B393268\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: EraserUtilRebootDrv - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R3: gdrv3 - C:\Windows\System32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver R3: Intel(R) HID Event Filter - (HidEventFilter) - C:\WINDOWS\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_11ad2b4276308b53\HidEventFilter.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Management Engine Interface  - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_6467379f0b0f181f\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: MBAMSwissArmy - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: ovpn-dco - C:\WINDOWS\System32\drivers\ovpn-dco.sys (sign: 'Microsoft' - OpenVPN, Inc)
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Symantec Eventing Platform - (SymEvnt) - C:\Program Files\Norton Security\NortonData\22.23.5.106\SymPlatform\SymEvnt.sys (sign: 'Microsoft' - Broadcom)
O23 - Driver R3: Symantec Real Time Storage Protection x64 - (SRTSP) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSP64.SYS (sign: 'Microsoft' - Broadcom)
O23 - Driver R3: SymEvent - C:\Windows\system32\Drivers\SYMEVENT64x86.SYS (sign: 'Microsoft' - Broadcom)
O23 - Driver R3: TAP-Windows Adapter V9 for OpenVPN Connect - (tap_ovpnconnect) - C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver R3: Unirsdt - (unirsdt) - C:\WINDOWS\system32\drivers\unirsdt.sys (+safe mode) (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\WINDOWS\System32\drivers\bthmodem.sys (not signed)
O23 - Driver S3: FairplayKD - C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys (sign: 'Hans Roes')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: NortonLifeLock Split Tunneling WFP Callout driver - (nsvst_NGC) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\nsvst.sys (sign: 'NortonLifeLock Inc.')
O23 - Driver S3: NortonLifeLock Webcam Control functional driver - (wpCtrlDrv_NGC) - C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\wpCtrlDrv.sys (sign: 'NortonLifeLock Inc.')
O23 - Driver S3: UniFairy_x64 - C:\Windows\system32\drivers\UniFairy_x64.sys (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S3: xhunter1 - C:\WINDOWS\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tap_ovpnconnect'


--
End of file - Time spent: 15,5 sec. - 61672 bytes, CRC32: FFFFFFFF. Sign: 誝祃

Murat5038 · 30 Ağustos 2023

Bunları fixleyin:

Kod:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = 56145
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = 77.28.96.196
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 77.28.96.196:56145 (disabled)
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 056145
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/07/29) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/08/04) (sign: 'Oracle America, Inc.')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerCCT_CERT_EXPIRY_MITIGATION] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui /instversion "22.22.9" (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_23_5] = C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON~1.EXE /m /noui /instversion "22.23.5" (file missing) (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{2e130e96-30ad-11ee-ae5e-74563c54b5cc}\shell\AutoRun\command: (default) = "D:\setup.EXE" /AUTORUN (file missing)
O4-32 - HKLM\..\RunOnce: [PreRun] = C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine\22.23.5.106\buShell.dll (sign: 'NortonLifeLock Inc.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine32\22.23.5.106\buShell.dll (sign: 'NortonLifeLock Inc.')
O22 - Tasks: (disabled) PC - C:\WINDOWS\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC /t REG_SZ /d "explorer.exe http://exinariuminix.info" (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: \Norton Security\Norton Security Autofix - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /ui (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton Security\Norton Security Error Analyzer - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /analyze (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton Security\Norton Security Error Processor - C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe /submit (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe /upgrade /user_logon (sign: 'NortonLifeLock Inc.')
O22 - Tasks: Norton WSC Integration - C:\Program Files\Norton Security\Engine\22.23.5.106\WSCStub.exe /taskschd (sign: 'NortonLifeLock Inc.')
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks_Migrated: \Norton Security\Norton Security Autofix - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /ui (file missing)
O22 - Tasks_Migrated: \Norton Security\Norton Security Error Analyzer - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /analyze (file missing)
O22 - Tasks_Migrated: \Norton Security\Norton Security Error Processor - C:\Program Files\Norton Security\Engine\22.19.8.65\SymErr.exe /submit (file missing)
O22 - Tasks_Migrated: \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe /upgrade /user_logon (sign: 'NortonLifeLock Inc.')
O22 - Tasks_Migrated: Norton WSC Integration - C:\Program Files\Norton Security\Engine\22.19.8.65\WSCStub.exe /taskschd (file missing)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-2087598649-374239066-1986169749-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O23 - Driver S3: FairplayKD - C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys (sign: 'Hans Roes')

"Exinariuminix. İnfo" zararlı mı?

Ayrıntılı düzenleme

OdaKokusu

Decapat

Alder Lake

Femtopat

OdaKokusu

Decapat

Windows Güvenliği

Hectopat

OdaKokusu

Decapat

Alder Lake

Femtopat

Windows Güvenliği

Hectopat

Murat5038

Yottapat!

Rehber: HijackThis Log Paylaşımı ve Çözümleri

OdaKokusu

Decapat

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Rehber: HijackThis Log Paylaşımı ve Çözümleri

Murat5038

Yottapat!

Benzer konular

Technopat Haberler

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz