Rehber HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 13 Ekim 2013

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Kod'a tıklayın.

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.

Murat5038 · 24 Nisan 2020

@Uppermost Bir sorun gözükmüyor zararlı olarak.
@xray1640
Bunları fixleyin:

Kod:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Search: [Default_Search_URL] = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main: [SearchAssistant] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
F2 - HKCU\..\WinLogon: [Shell] = explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe"
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 ars.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 az361816.vo.msecnd.net
O1 - Hosts: 0.0.0.0 az512334.vo.msecnd.net
O1 - Hosts: 0.0.0.0 blob.weather.microsoft.com
O1 - Hosts: 0.0.0.0 candycrushsoda.king.com
O1 - Hosts: 0.0.0.0 cdn.content.prod.cms.msn.com
O1 - Hosts: 0.0.0.0 cdn.onenote.net
O1 - Hosts: 0.0.0.0 choice.microsoft.com
O1 - Hosts: 0.0.0.0 choice.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 client.wns.windows.com
O1 - Hosts: 0.0.0.0 client-s.gateway.messenger.live.com
O1 - Hosts: 0.0.0.0 clientconfig.passport.net
O1 - Hosts: 0.0.0.0 deploy.static.akamaitechnologies.com
O1 - Hosts: 0.0.0.0 device.auth.xboxlive.com
O1 - Hosts: 0.0.0.0 dmd.metaservices.microsoft.com
O1 - Hosts: 0.0.0.0 dns.msftncsi.com
O1 - Hosts: 0.0.0.0 feedback.microsoft-hohm.com
O1 - Hosts: 0.0.0.0 feedback.search.microsoft.com
O1 - Hosts: 0.0.0.0 feedback.windows.com
O1 - Hosts: 0.0.0.0 img-s-msn-com.akamaized.net
O1 - Hosts: 0.0.0.0 insiderppe.cloudapp.net
O1 - Hosts: 0.0.0.0 licensing.mp.microsoft.com
O1 - Hosts: 0.0.0.0 mediaredirect.microsoft.com
O1 - Hosts: 0.0.0.0 msftncsi.com
O1 - Hosts: 0.0.0.0 officeclient.microsoft.com
O1 - Hosts: 0.0.0.0 oneclient.sfx.ms
O1 - Hosts: 0.0.0.0 pti.store.microsoft.com
O1 - Hosts: 0.0.0.0 query.prod.cms.rt.microsoft.com
O1 - Hosts: 0.0.0.0 register.cdpcs.microsoft.com
O1 - Hosts: 0.0.0.0 s0.2mdn.net
O1 - Hosts: 0.0.0.0 sO.2mdn.net
O1 - Hosts: 0.0.0.0 search.msn.com
O1 - Hosts: 0.0.0.0 settings-ssl.xboxlive.com
O1 - Hosts: 0.0.0.0 static.2mdn.net
O1 - Hosts: 0.0.0.0 store-images.s-microsoft.com
O1 - Hosts: 0.0.0.0 storeedgefd.dsx.mp.microsoft.com
O1 - Hosts: 0.0.0.0 support.microsoft.com
O1 - Hosts: 0.0.0.0 tile-service.weather.microsoft.com
O1 - Hosts: 0.0.0.0 time.windows.com
O1 - Hosts: 0.0.0.0 tk2.plt.msn.com
O1 - Hosts: 0.0.0.0 urs.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 wdcp.microsoft.com
O1 - Hosts: 0.0.0.0 wdcpalt.microsoft.com
O1 - Hosts: 0.0.0.0 win10-trt.msedge.net
O1 - Hosts: 0.0.0.0 wscont.apps.microsoft.com
O1 - Hosts: 0.0.0.0 www.msftconnecttest.com
O1 - Hosts: 0.0.0.0 www.msftncsi.com
O1 - Hosts: 0.0.0.0 a-0001.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 a-0002.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0003.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0004.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0005.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0006.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0007.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0008.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0009.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0010.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0011.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0012.a-msedge.net
O1 - Hosts: 0.0.0.0 a-msedge.net
O1 - Hosts: 0.0.0.0 a.ads1.msn.com
O1 - Hosts: 0.0.0.0 a.ads2.msads.net
O1 - Hosts: 0.0.0.0 a.ads2.msn.com
O1 - Hosts: 0.0.0.0 a.rad.msn.com
O1 - Hosts: 0.0.0.0 ac3.msn.com
O1 - Hosts: 0.0.0.0 activity.windows.com
O1 - Hosts: 0.0.0.0 adnexus.net
O1 - Hosts: 0.0.0.0 adnxs.com
O1 - Hosts: 0.0.0.0 ads.msn.com
O1 - Hosts: 0.0.0.0 ads1.msads.net
O1 - Hosts: 0.0.0.0 ads1.msn.com
O1 - Hosts: 0.0.0.0 aidps.atdmt.com
O1 - Hosts: 0.0.0.0 aka-cdn-ns.adtech.de
O1 - Hosts: 0.0.0.0 array101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array102-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array103-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array104-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array202-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array203-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array204-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array402-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array403-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array404-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array405-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array406-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array407-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array408-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 b.ads1.msn.com
O1 - Hosts: 0.0.0.0 b.ads2.msads.net
O1 - Hosts: 0.0.0.0 b.rad.msn.com
O1 - Hosts: 0.0.0.0 bingads.microsoft.com
O1 - Hosts: 0.0.0.0 bl3301-a.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-c.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-g.1drv.com
O1 - Hosts: 0.0.0.0 bn1304-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-a.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-g.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn3p-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor003.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor004.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2wns1.wns.windows.com
O1 - Hosts: 0.0.0.0 bn3sch020022328.wns.windows.com
O1 - Hosts: 0.0.0.0 by3301-a.1drv.com
O1 - Hosts: 0.0.0.0 by3301-c.1drv.com
O1 - Hosts: 0.0.0.0 by3301-e.1drv.com
O1 - Hosts: 0.0.0.0 bs.serving-sys.com
O1 - Hosts: 0.0.0.0 c.atdmt.com
O1 - Hosts: 0.0.0.0 c.msn.com
O1 - Hosts: 0.0.0.0 c-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 ca.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 cache.datamart.windows.com
O1 - Hosts: 0.0.0.0 cdn.atdmt.com
O1 - Hosts: 0.0.0.0 cds1204.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds1293.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds20417.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20431.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20450.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20457.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20475.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds21244.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds26.ams9.msecn.net
O1 - Hosts: 0.0.0.0 cds425.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds459.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds494.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds965.lon.llnw.net
O1 - Hosts: 0.0.0.0 ch1-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch1-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-e.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-g.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-e.1drv.com
O1 - Hosts: 0.0.0.0 compatexchange.cloudapp.net
O1 - Hosts: 0.0.0.0 compatexchange1.trafficmanager.net
O1 - Hosts: 0.0.0.0 continuum.dds.microsoft.com
O1 - Hosts: 0.0.0.0 corp.sts.microsoft.com
O1 - Hosts: 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
O1 - Hosts: 0.0.0.0 cp101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cs1.wpc.v0cdn.net
O1 - Hosts: 0.0.0.0 db3aqu.atdmt.com
O1 - Hosts: 0.0.0.0 db3wns2011111.wns.windows.com
O1 - Hosts: 0.0.0.0 db5.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100127.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100831.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100917.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100925.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100928.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100938.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101001.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101022.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101024.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101031.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101034.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101042.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101044.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101123.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101125.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101128.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101129.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101133.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101145.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101209.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101221.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101228.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101231.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101237.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101317.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101324.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101329.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101333.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101334.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101338.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101424.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101426.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101427.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101430.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101445.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101511.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101519.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101529.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101535.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101541.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101543.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101608.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101629.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101631.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101633.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101640.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101711.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101722.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101739.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101745.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101813.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101820.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101826.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101837.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101844.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101907.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101914.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101929.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101939.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101941.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102015.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102017.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102019.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102023.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102025.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102032.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102033.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110108.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110109.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110114.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110135.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110142.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110204.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110206.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110214.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110225.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110232.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110245.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110315.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110323.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110325.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110328.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110331.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110341.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110343.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110345.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110403.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110438.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110442.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110501.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110527.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110533.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110622.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110624.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110626.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110634.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110705.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110724.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110740.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110810.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110816.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110821.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110822.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110825.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110828.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110919.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110921.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110923.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110929.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103081814.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082011.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082111.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082308.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082406.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082409.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082609.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082611.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082709.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082712.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103082806.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090115.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090415.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090513.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090515.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090608.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090806.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090814.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103090906.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091011.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091012.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091106.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091108.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091212.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091311.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091414.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091511.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091617.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091715.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091817.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091908.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103091911.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092010.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092108.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092109.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092209.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092210.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103092509.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100117.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100121.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100221.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100313.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100314.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100510.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100511.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100611.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103100712.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101105.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101208.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101212.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101314.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101411.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101413.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101513.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101610.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101611.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101705.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101711.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101909.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103101914.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102009.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102112.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102203.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102209.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102310.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102404.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102609.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102610.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch103102805.wns.windows.com
O1 - Hosts: 0.0.0.0 db5wns1d.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090104.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090112.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090116.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090122.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090203.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090206.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090208.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090209.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090211.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090305.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090306.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090308.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090311.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090313.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090410.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090412.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090504.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090510.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090512.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090513.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090514.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090519.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090613.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090619.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090810.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090811.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090902.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090905.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090907.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090908.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090910.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102090911.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091003.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091007.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091008.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091009.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091011.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091103.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091105.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091204.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091209.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091305.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091307.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091308.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091309.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091314.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091412.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091503.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091507.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091602.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091603.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091606.wns.windows.com
O1 - Hosts: 0.0.0.0 db6sch102091607.wns.windows.com
O1 - Hosts: 0.0.0.0 dev.virtualearth.net
O1 - Hosts: 0.0.0.0 df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 disc101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 disc201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 disc401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 diagnostics.support.microsoft.com
O1 - Hosts: 0.0.0.0 ec.atdmt.com
O1 - Hosts: 0.0.0.0 ecn.dev.virtualearth.net
O1 - Hosts: 0.0.0.0 eu.vortex.data.microsoft.com
O1 - Hosts: 0.0.0.0 flex.msn.com
O1 - Hosts: 0.0.0.0 fs.microsoft.com
O1 - Hosts: 0.0.0.0 g.msn.com
O1 - Hosts: 0.0.0.0 geo-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 geover-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 h1.msn.com
O1 - Hosts: 0.0.0.0 h2.msn.com
O1 - Hosts: 0.0.0.0 i-bl6p-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-by3p-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-by3p-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-ch1-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-ch1-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-sn2-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i-sn2-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 i1.services.social.microsoft.com
O1 - Hosts: 0.0.0.0 i1.services.social.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 inference.location.live.net
O1 - Hosts: 0.0.0.0 kv101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 kv201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 kv401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 lb1.www.ms.akadns.net
O1 - Hosts: 0.0.0.0 live.rads.msn.com
O1 - Hosts: 0.0.0.0 ls2web.redmond.corp.microsoft.com
O1 - Hosts: 0.0.0.0 m.adnxs.com
O1 - Hosts: 0.0.0.0 mobile.pipe.aria.microsoft.com
O1 - Hosts: 0.0.0.0 msedge.net
O1 - Hosts: 0.0.0.0 msntest.serving-sys.com
O1 - Hosts: 0.0.0.0 oca.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 pre.footprintpredict.com
O1 - Hosts: 0.0.0.0 preview.msn.com
O1 - Hosts: 0.0.0.0 rad.msn.com
O1 - Hosts: 0.0.0.0 redir.metaservices.microsoft.com
O1 - Hosts: 0.0.0.0 reports.wes.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 schemas.microsoft.akadns.net
O1 - Hosts: 0.0.0.0 secure.adnxs.com
O1 - Hosts: 0.0.0.0 secure.flashtalking.com
O1 - Hosts: 0.0.0.0 services.wes.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 settings-sandbox.data.microsoft.com
O1 - Hosts: 0.0.0.0 settings-win.data.microsoft.com
O1 - Hosts: 0.0.0.0 settings-win-ppe.data.microsoft.com
O1 - Hosts: 0.0.0.0 settings.data.glbdns2.microsoft.com
O1 - Hosts: 0.0.0.0 settings.data.microsoft.com
O1 - Hosts: 0.0.0.0 sn3301-c.1drv.com
O1 - Hosts: 0.0.0.0 sn3301-e.1drv.com
O1 - Hosts: 0.0.0.0 sn3301-g.1drv.com
O1 - Hosts: 0.0.0.0 spynet2.microsoft.com
O1 - Hosts: 0.0.0.0 spynetalt.microsoft.com
O1 - Hosts: 0.0.0.0 spyneteurope.microsoft.akadns.net
O1 - Hosts: 0.0.0.0 sqm.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 storecatalogrevocation.storequality.microsoft.com
O1 - Hosts: 0.0.0.0 survey.watson.microsoft.com
O1 - Hosts: 0.0.0.0 t0.ssl.ak.dynamic.tiles.virtualearth.net
O1 - Hosts: 0.0.0.0 t0.ssl.ak.tiles.virtualearth.net
O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 telemetry.appex.bing.net
O1 - Hosts: 0.0.0.0 telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 telemetry.urs.microsoft.com
O1 - Hosts: 0.0.0.0 test.activity.windows.com
O1 - Hosts: 0.0.0.0 tsfe.trafficshaping.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 v10.vortex-win.data.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 v10.vortex-win.data.microsoft.com
O1 - Hosts: 0.0.0.0 version.hybrid.api.here.com
O1 - Hosts: 0.0.0.0 view.atdmt.com
O1 - Hosts: 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex-db5.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex-hk2.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex-sandbox.data.microsoft.com
O1 - Hosts: 0.0.0.0 vortex-win.data.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex-win.data.microsoft.com
O1 - Hosts: 0.0.0.0 vortex.data.glbdns2.microsoft.com
O1 - Hosts: 0.0.0.0 vortex.data.metron.live.com.nsatc.net
O1 - Hosts: 0.0.0.0 vortex.data.microsoft.com
O1 - Hosts: 0.0.0.0 watson.microsoft.com
O1 - Hosts: 0.0.0.0 watson.ppe.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 web.vortex.data.microsoft.com
O1 - Hosts: 0.0.0.0 wes.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 win10.ipv6.microsoft.com
O1 - Hosts: 0.0.0.0 win1710.ipv6.microsoft.com
O1 - Hosts: 0.0.0.0 www.msedge.net
O2-32 - HKLM\..\BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2-32 - HKLM\..\BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O15 - Trusted Zone: *.localhost
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O22 - Task (.job): (Not scheduled) update-S-1-5-21-435518316-2316797042-1891265525-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O23 - Service R2: WindscribeService - C:\Program Files (x86)\Windscribe\WindscribeService.exe

Temiz önyükleme de yapın. Belirgin bir zararlı görünmüyor ancak MBAM ile de bir tarama yapın.

mr. Mrx · 26 Nisan 2020

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.17763.503 (ReleaseId: 1809), Service Pack: 0
Time:      26.04.2020 - 01:15 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    hamza    (group: Administrator) on DESKTOP-MJ5RG0T, FirstRun: no

Edge:    11.0.17763.503
Internet Explorer: 11.0.17763.1
Default: "C:\Users\hamza\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
   1  C:\Program Files (x86)\Common Files\Overwolf\0.145.0.19\OverwolfHelper.exe
   1  C:\Program Files (x86)\Common Files\Overwolf\0.145.0.19\OverwolfHelper64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   3  C:\Program Files (x86)\Overwolf\0.145.0.19\OverwolfBrowser.exe
   1  C:\Program Files (x86)\Overwolf\Overwolf.exe
   1  C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   2  C:\Program Files\LGHUB\lghub.exe
   1  C:\Program Files\LGHUB\lghub_agent.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   1  C:\Program Files\LGHUB\logi_analytics_client.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   2  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
   1  C:\Users\hamza\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
  12  C:\Users\hamza\AppData\Local\Programs\Opera\67.0.3575.137\opera.exe
   1  C:\Users\hamza\AppData\Local\Programs\Opera\67.0.3575.137\opera_crashreporter.exe
   1  C:\Users\hamza\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\SysWOW64\PnkBstrA.exe
   1  C:\Windows\SysWOW64\PnkBstrB.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\WirelessKB850NotificationService.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  84  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\explorer.exe

O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKCU\..\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Updater] = C:\Users\hamza\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2020/03/27)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\hamza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/02/02)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\hamza\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2018/10/27)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2018/10/18)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/01/26)
O4 - HKLM\..\StartupApproved\Run32: [jswtrayutil] = C:\Program Files (x86)\Jumpstart\jswtrayutil.exe  (file missing) (2019/09/05)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{14f38708-6c9d-48a0-bb86-84665b9e210a}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f7fa8eb-7a98-43a8-8a98-c1bf1da909f1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{747669f6-623f-4883-8b82-4c0e125fcc7c}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{b478295b-7a83-4cff-b2a8-ec61e61cf8ff}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB/lghub_updater.exe --run-as-service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe  (file missing)
O23 - Service R2: PnkBstrB - C:\Windows\system32\PnkBstrB.exe  (file missing)
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: JumpStart Push-Button Service - (jswpbapi) - C:\Program Files (x86)\Jumpstart\jswpbapi.exe Files (x86)\Jumpstart\jswpbapi.exe (file missing)
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: JumpStart Wi-Fi Protected Setup - (jswpsapi) - C:\Program Files (x86)\Jumpstart\jswpsapi.exe Files (x86)\Jumpstart\jswpsapi.exe (file missing)
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 18,6 sec. - 17052 bytes, CRC32: FFFFFFFF. Sign: ǰ�

Murat5038 · 26 Nisan 2020

Bunları fixleyin:

Kod:

O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Updater] = C:\Users\hamza\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2020/03/27)
O4 - HKLM\..\StartupApproved\Run32: [jswtrayutil] = C:\Program Files (x86)\Jumpstart\jswtrayutil.exe  (file missing) (2019/09/05)
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service S2: JumpStart Push-Button Service - (jswpbapi) - C:\Program Files (x86)\Jumpstart\jswpbapi.exe Files (x86)\Jumpstart\jswpbapi.exe (file missing)
O23 - Service S3: JumpStart Wi-Fi Protected Setup - (jswpsapi) - C:\Program Files (x86)\Jumpstart\jswpsapi.exe Files (x86)\Jumpstart\jswpsapi.exe (file missing)

korsann · 26 Nisan 2020

Kod:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:03:53, on 26.04.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\KORSAN\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\KORSAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Wargaming.net Game Center] "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\KORSAN\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_35f1d - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @oem15.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: @oem15.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8569 bytes

Ayrıca burada ''hızlı başlatmayı aç'' seçeneği de görünmüyor sebebi ne olabilir?

Murat5038 · 26 Nisan 2020

Bir zararlı gözükmüyor. Hızlı başlat donanımınızla alakalı olabilir farklı konu açıp sorabilirsiniz.

korsann · 26 Nisan 2020

Murat5038 dedi:
Bir zararlı gözükmüyor. Hızlı başlat donanımınızla alakalı olabilir farklı konu açıp sorabilirsiniz.

Teşekkür ederim.

MertTR12 · 26 Nisan 2020

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18363.815 (ReleaseId: 1909), Service Pack: 0
Time:      26.04.2020 - 22:00 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  No
Ran by:    kingd    (group: Administrator) on DESKTOP-AJ9FSJI, FirstRun: yes

Chrome:  81.0.4044.122
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  34  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   8  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
   1  C:\Program Files\7.1 Sound Effect Gaming Headset\CPL\FaceLift_x64.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Sandboxie\32\SbieSvc.exe
   1  C:\Program Files\Sandboxie\SandboxieCrypto.exe
   1  C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
   1  C:\Program Files\Sandboxie\SandboxieRpcSs.exe
   1  C:\Program Files\Sandboxie\SbieCtrl.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20032.111.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Users\kingd\Desktop\poop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
  11  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\WWAHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   3  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\explorer.exe
   1  C:\Windows\system32\SearchFilterHost.exe
   1  C:\Windows\system32\SearchIndexer.exe
   1  C:\Windows\system32\SearchProtocolHost.exe
   1  C:\Windows\system32\SecurityHealthService.exe
   1  C:\Windows\system32\SgrmBroker.exe
   2  C:\Windows\system32\csrss.exe
   1  C:\Windows\system32\dwm.exe
   2  C:\Windows\system32\fontdrvhost.exe
   1  C:\Windows\system32\lsass.exe
   1  C:\Windows\system32\mqsvc.exe
   1  C:\Windows\system32\mqtgsvc.exe
   1  C:\Windows\system32\services.exe
   1  C:\Windows\system32\smss.exe
   1  C:\Windows\system32\spoolsv.exe
  74  C:\Windows\system32\svchost.exe
   1  C:\Windows\system32\vmcompute.exe
   1  C:\Windows\system32\wininit.exe
   1  C:\Windows\system32\winlogon.exe
   1  GoogleCrashHandler.exe
   1  GoogleCrashHandler64.exe
   1  Memory Compression
   2  NVDisplay.Container.exe
   1  Registry
   2  SbieSvc.exe
   1  SteamService.exe
   1  avp.exe
   1  c:\windows\system32\wbem\WmiPrvSE.exe
   1  inetinfo.exe
   1  nvcontainer.exe
   1  wallpaperservice32_c.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 dns39.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns40.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 195.175.39.39
O1 - Hosts: 127.0.0.1 195.175.39.40
O1 - Hosts: 127.0.0.1 redshell.io.
O1 - Hosts: 127.0.0.1 api.redshell.io.
O1 - Hosts: 127.0.0.1 treasuredata.com.
O1 - Hosts: 127.0.0.1 api.treasuredata.com.
O1 - Hosts: 127.0.0.1 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 redshell.io.
O1 - Hosts: 0.0.0.0 api.redshell.io.
O1 - Hosts: 0.0.0.0 treasuredata.com.
O1 - Hosts: 0.0.0.0 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 api.treasuredata.com
O1 - Hosts.ICS: 192.168.137.104 42e0251a-e93f-4161-9596-f439cae23e9e.mshome.net # 2020 3 3 25 16 9 6 686
O1 - Hosts.ICS: 192.168.137.97 DESKTOP-AJ9FSJI.mshome.net # 2025 3 1 17 16 36 32 410
O1 - Hosts.ICS: 3
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\kingd\AppData\Local\Discord\app-0.0.306\Discord.exe (2020/03/18)
O4 - HKCU\..\StartupApproved\Run: [SandboxieControl] = C:\Program Files\Sandboxie\SbieCtrl.exe (2020/03/18)
O4 - HKLM\..\Run: [Cm108BSound] = C:\Program Files\7.1 Sound Effect Gaming Headset\CPL\FaceLift_x64.exe /h /d
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run: [MsmqIntCert] = C:\Windows\System32\regsvr32.exe /s "C:\Windows\System32\mqrt.dll" (2020/04/13)
O7 - TroubleShooting: (EV) HKU\S-1-5-19\..\Environment: [TEMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-19\..\Environment: [TMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-20\..\Environment: [TEMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-20\..\Environment: [TMP] = (not exist)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O10 - Unknown file in Winsock LSP: C:\Windows\System32\winrnr.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\NLAapi.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\pnrpnsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\wshbth.dll
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Handler\about: [CLSID] = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\cdl: [CLSID] = {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\dvd: [CLSID] = {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\file: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ftp: [CLSID] = {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\http: [CLSID] = {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\https: [CLSID] = {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\javascript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\local: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mailto: [CLSID] = {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mhtml: [CLSID] = {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mk: [CLSID] = {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ms-its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\res: [CLSID] = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tv: [CLSID] = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\vbscript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\windows.tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\EnhancedStorageShell: Enhanced Storage Icon Overlay Handler Class - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} - C:\Windows\System32\EhStorShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Offline Files: (no name) - {4E77131D-3629-431c-9818-C5679DC83E81} - C:\Windows\System32\cscui.dll
O22 - Task (.job): (disabled) CreateExplorerShellUnelevatedTask.job - (no file)
O22 - Task (.job): (disabled) update-S-1-5-21-2221341115-4209063737-3344392466-1001.job - (no file)
O23 - Service R2: Bağlı Cihazlar Platformu Hizmeti - (CDPSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\CDPSvc.dll
O23 - Service R2: Bağlı Kullanıcı Deneyimleri ve Telemetrisi - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc -p; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: COM+ Olay Sistemi - (EventSystem) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\es.dll
O23 - Service R2: DCOM Sunucusu İşlem Başlatıcısı - (DcomLaunch) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\rpcss.dll
O23 - Service R2: DHCP İstemcisi - (Dhcp) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\dhcpcore.dll
O23 - Service R2: DNS İstemcisi - (Dnscache) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\dnsrslvr.dll
O23 - Service R2: Dağıtılmış Bağlantı İzleme İstemcisi - (TrkWks) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\trkwks.dll
O23 - Service R2: Görev Zamanlayıcı - (Schedule) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\schedsvc.dll
O23 - Service R2: Güç - (Power) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpo.dll
O23 - Service R2: IIS Yönetim Hizmeti - (IISADMIN) - C:\Windows\system32\inetsrv\inetinfo.exe
O23 - Service R2: IKE ve AuthIP IPsec Anahtarlama Modülleri - (IKEEXT) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\ikeext.dll
O23 - Service R2: IP Yardımcısı - (iphlpsvc) - C:\Windows\System32\svchost.exe -k NetSvcs -p; "ServiceDll" = C:\Windows\System32\iphlpsvc.dll
O23 - Service R2: Kabuk Donanım Algılaması - (ShellHWDetection) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\shsvcs.dll
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 20.0 - (AVP20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe -r
O23 - Service R2: Kullanıcı Profili Hizmeti - (ProfSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\profsvc.dll
O23 - Service R2: Kullanıcı Yöneticisi - (UserManager) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\usermgr.dll
O23 - Service R2: Message Queuing - (MSMQ) - C:\Windows\system32\mqsvc.exe
O23 - Service R2: Message Queuing Tetikleyicileri - (MSMQTriggers) - C:\Windows\system32\mqtgsvc.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: RPC Bitiş Noktası Eşleştiricisi - (RpcEptMapper) - C:\Windows\system32\svchost.exe -k RPCSS -p; "ServiceDll" = C:\Windows\System32\RpcEpMap.dll
O23 - Service R2: Sandboxie Service - (SbieSvc) - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service R2: Sistem Etkinlikleri Aracısı - (SystemEventsBroker) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\System32\SystemEventsBrokerServer.dll
O23 - Service R2: Sistem Olay Bildirim Hizmeti - (SENS) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\sens.dll
O23 - Service R2: Sunucu - (LanmanServer) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\srvsvc.dll
O23 - Service R2: SysMain - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\sysmain.dll
O23 - Service R2: System Guard Çalışma Zamanı İzleyicisi Aracısı - (SgrmBroker) - C:\Windows\system32\SgrmBroker.exe
O23 - Service R2: Tanı İlkesi Hizmeti - (DPS) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\system32\dps.dll
O23 - Service R2: Temalar - (Themes) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\themeservice.dll
O23 - Service R2: Temel Filtre Altyapısı - (BFE) - C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p; "ServiceDll" = C:\Windows\System32\bfe.dll
O23 - Service R2: Uzaktan Erişim Bağlantı Yöneticisi - (RasMan) - C:\Windows\System32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\rasmans.dll
O23 - Service R2: Uzaktan Yordam Çağrısı (RPC) - (RpcSs) - C:\Windows\system32\svchost.exe -k rpcss -p; "ServiceDll" = C:\Windows\system32\rpcss.dll
O23 - Service R2: Veri Kullanımı - (DusmSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\dusmsvc.dll
O23 - Service R2: Wallpaper Engine Service - C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service R2: Windows Anında İletme Bildirimleri Hizmeti - (WpnService) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\WpnService.dll
O23 - Service R2: Windows Bağlantı Yöneticisi - (Wcmsvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wcmsvc.dll
O23 - Service R2: Windows Defender Güvenlik Duvarı - (mpssvc) - C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p; "ServiceDll" = C:\Windows\system32\mpssvc.dll
O23 - Service R2: Windows Search - (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
O23 - Service R2: Windows Ses - (Audiosrv) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\Audiosrv.dll
O23 - Service R2: Windows Ses Bitiş Noktası Oluşturucu - (AudioEndpointBuilder) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\AudioEndpointBuilder.dll
O23 - Service R2: Windows Yazı Tipi Önbelleği Hizmeti - (FontCache) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\FntCache.dll
O23 - Service R2: Windows Yönetim Yardımcıları - (Winmgmt) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wbem\WMIsvc.dll
O23 - Service R2: Yazdırma Biriktiricisi - (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service R2: Yerel Oturum Yöneticisi - (LSM) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\System32\lsm.dll
O23 - Service R2: İş İstasyonu - (LanmanWorkstation) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\wkssvc.dll
O23 - Service R2: Şifreleme Hizmetleri - (CryptSvc) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\cryptsvc.dll
O23 - Service R3: Ağ Bağlantısı Aracısı - (NcbService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\ncbservice.dll
O23 - Service R3: Ağ Listesi Hizmeti - (netprofm) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\netprofmsvc.dll
O23 - Service R3: CNG Anahtar Yalıtımı - (KeyIso) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\system32\keyiso.dll
O23 - Service R3: Coğrafi Konum Hizmeti - (lfsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\lfsvc.dll
O23 - Service R3: Depolama Hizmeti - (StorSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\storsvc.dll
O23 - Service R3: Dokunmatik Klavyeyi ve El Yazısı Paneli Hizmeti - (TabletInputService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\TabSvc.dll
O23 - Service R3: Güvenli Yuva Tünel Protokolü Hizmeti - (SstpSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\sstpsvc.dll
O23 - Service R3: Hyper-V Ana Bilgisayar İşlem Hizmeti - (vmcompute) - C:\Windows\system32\vmcompute.exe
O23 - Service R3: IPsec İlke Aracısı - (PolicyAgent) - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\ipsecsvc.dll
O23 - Service R3: Kaliteli Windows Ses Video Deneyim - (QWAVE) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\qwave.dll
O23 - Service R3: Kimlik Bilgisi Yöneticisi - (VaultSvc) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\System32\vaultsvc.dll
O23 - Service R3: Microsoft Passport - (NgcSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\ngcsvc.dll
O23 - Service R3: Microsoft Passport Kapsayıcı - (NgcCtnrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\NgcCtnrSvc.dll
O23 - Service R3: Microsoft Store Yükleme Hizmeti - (InstallService) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\InstallService.dll
O23 - Service R3: SSDP Bulma - (SSDPSRV) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\ssdpsrv.dll
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service R3: Tak ve Kullan - (PlugPlay) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpnpmgr.dll
O23 - Service R3: Tanılama Hizmeti Ana Bilgisayarı - (WdiServiceHost) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\wdi.dll
O23 - Service R3: Tanılama Sistemi Ana Bilgisayarı - (WdiSystemHost) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\wdi.dll
O23 - Service R3: Uygulama Bilgileri - (Appinfo) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\appinfo.dll
O23 - Service R3: Veri Paylaşımı Hizmeti - (DsSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\DsSvc.dll
O23 - Service R3: Web Hesap Yöneticisi - (TokenBroker) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\TokenBroker.dll
O23 - Service R3: Windows Güvenliği Hizmeti - (SecurityHealthService) - C:\Windows\system32\SecurityHealthService.exe
O23 - Service R3: Windows Lisans Yöneticisi Hizmeti - (LicenseManager) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\LicenseManagerSvc.dll
O23 - Service R3: Zaman Aracısı - (TimeBrokerSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\TimeBrokerServer.dll
O23 - Service R3: İnsan Arabirim Cihazları Hizmeti - (hidserv) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\hidserv.dll
O23 - Service R3: Şifreleme Dosya Sistemi (EFS) - (EFS) - C:\Windows\System32\lsass.exe; "ServiceDll" = C:\Windows\system32\efssvc.dll
O23 - Service S2: Ana Bilgisayarı Eşitle - (OneSyncSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\APHostService.dll
O23 - Service S2: Arka Plan Akıllı Aktarım Hizmeti - (BITS) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\qmgr.dll
O23 - Service S2: Bağlı Cihazlar Platformu Kullanıcı Hizmeti - (CDPUserSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\CDPUserSvc.dll
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Grup İlkesi İstemcisi - (gpsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\gpsvc.dll
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: Windows Anında İletme Bildirimleri Kullanıcı Hizmeti - (WpnUserService) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\WpnUserService.dll
O23 - Service S2: İndirilen Haritalar Yöneticisi - (MapsBroker) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\moshost.dll
O23 - Service S3: @%Systemroot%\system32\wsmsvc.dll,-101 - (WinRM) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\WsmSvc.dll
O23 - Service S3: ActiveX Yükleyicisi (AxInstSV) - (AxInstSV) - C:\Windows\system32\svchost.exe -k AxInstSVGroup; "ServiceDll" = C:\Windows\System32\AxInstSV.dll
O23 - Service S3: Akıllı Kart - (SCardSvr) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation; "ServiceDll" = C:\Windows\System32\SCardSvr.dll
O23 - Service S3: Akıllı Kart Cihaz Numaralandırma Hizmeti - (ScDeviceEnum) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted; "ServiceDll" = C:\Windows\System32\ScDeviceEnum.dll
O23 - Service S3: Akıllı Kart Kaldırma İlkesi - (SCPolicySvc) - C:\Windows\system32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\certprop.dll
O23 - Service S3: Algılayıcı Hizmeti - (SensorService) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\SensorService.dll
O23 - Service S3: Algılayıcı Veri Hizmeti - (SensorDataService) - C:\Windows\System32\SensorDataService.exe
O23 - Service S3: Algılayıcı İzleme Hizmeti - (SensrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\sensrsvc.dll
O23 - Service S3: AllJoyn Yönlendirici Hizmeti - (AJRouter) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\AJRouter.dll
O23 - Service S3: AppX Deployment Service (AppXSVC) - (AppXSvc) - C:\Windows\system32\svchost.exe -k wsappx -p; "ServiceDll" = C:\Windows\system32\appxdeploymentserver.dll
O23 - Service S3: AssignedAccessManager Hizmeti - (AssignedAccessManagerSvc) - C:\Windows\system32\svchost.exe -k AssignedAccessManagerSvc; "ServiceDll" = C:\Windows\System32\assignedaccessmanagersvc.dll
O23 - Service S3: Aygıt Kurulum Yöneticisi - (DsmSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\DeviceSetupManager.dll
O23 - Service S3: Aygıt Yönetimi Kayıt Hizmeti - (DmEnrollmentSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\Windows.Internal.Management.dll
O23 - Service S3: Aygıt Yükleme Hizmeti - (DeviceInstall) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpnpmgr.dll
O23 - Service S3: Aygıt İlişkisi Hizmeti - (DeviceAssociationService) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\das.dll
O23 - Service S3: Ağ Bağlantıları - (Netman) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\netman.dll
O23 - Service S3: Ağ Bağlantılı Cihazların Otomatik Kurulumu - (NcdAutoSetup) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\System32\NcdAutoSetup.dll
O23 - Service S3: Ağ Bağlantısı Yardımcısı - (NcaSvc) - C:\Windows\System32\svchost.exe -k NetSvcs -p; "ServiceDll" = C:\Windows\System32\ncasvc.dll
O23 - Service S3: Ağ Kurulum Hizmeti - (NetSetupSvc) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\NetSetupSvc.dll
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Bağlantı Katmanı Topoloji Bulma Eşleyicisi - (lltdsvc) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\lltdsvc.dll
O23 - Service S3: Birim Gölge Kopyası - (VSS) - C:\Windows\system32\vssvc.exe
O23 - Service S3: BitLocker Sürücü Şifreleme Hizmeti - (BDESVC) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\bdesvc.dll
O23 - Service S3: Blok Düzeyinde Yedekleme Altyapı Hizmeti - (wbengine) - C:\Windows\system32\wbengine.exe
O23 - Service S3: Bluetooth Destek Hizmeti - (bthserv) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\bthserv.dll
O23 - Service S3: BranchCache - (PeerDistSvc) - C:\Windows\System32\svchost.exe -k PeerDist; "ServiceDll" = C:\Windows\system32\peerdistsvc.dll
O23 - Service S3: Cihaz Yönetimi Kablosuz Uygulama Protokolü (WAP) Anında İleti Yönlendirme Hizmeti - (dmwappushservice) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\dmwappushsvc.dll
O23 - Service S3: CredentialEnrollmentManagerUserSvc - C:\Windows\system32\CredentialEnrollmentManager.exe
O23 - Service S3: CredentialEnrollmentManagerUserSvc_aed1804 - C:\Windows\system32\CredentialEnrollmentManager.exe
O23 - Service S3: Cüzdan Hizmeti - (WalletService) - C:\Windows\System32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\WalletService.dll
O23 - Service S3: Dağıtılmış İşlem Düzenleyicisi - (MSDTC) - C:\Windows\System32\msdtc.exe
O23 - Service S3: Dağıtılmış İşlem Düzenleyicisi için KtmRm - (KtmRm) - C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\msdtckrm.dll
O23 - Service S3: Depolama Katmanları Yönetimi - (TieringEngineService) - C:\Windows\system32\TieringEngineService.exe
O23 - Service S3: DevQuery Arka Plan Keşfi Aracısı - (DevQueryBroker) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\DevQueryBroker.dll
O23 - Service S3: DevicesFlow - (DevicesFlowUserSvc) - C:\Windows\system32\svchost.exe -k DevicesFlow; "ServiceDll" = C:\Windows\System32\DevicesFlowBroker.dll
O23 - Service S3: Diagnostic Execution Service - (diagsvc) - C:\Windows\System32\svchost.exe -k diagnostics; "ServiceDll" = C:\Windows\system32\DiagSvc.dll
O23 - Service S3: Dosya Geçmişi Hizmeti - (fhsvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\fhsvc.dll
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Ekli Mod - (embeddedmode) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\embeddedmodesvc.dll
O23 - Service S3: Eş Adı Çözümleme Protokolü - (PNRPsvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpsvc.dll
O23 - Service S3: Eş Ağ Gruplandırma - (p2psvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\p2psvc.dll
O23 - Service S3: Eşler Arası Ağ Oluşturma Kimlik Yöneticisi - (p2pimsvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpsvc.dll
O23 - Service S3: Faks - (Fax) - C:\Windows\system32\fxssvc.exe
O23 - Service S3: Genişletilebilir Kimlik Doğrulama Protokolü - (Eaphost) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\eapsvc.dll
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: GraphicsPerfSvc - C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup; "ServiceDll" = C:\Windows\System32\GraphicsPerfSvc.dll
O23 - Service S3: Hyper-V Birim Gölge Kopyası İsteyicisi - (vmicvss) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvcext.dll
O23 - Service S3: Hyper-V Konuk İşlem Hizmeti - (gcs) - C:\Windows\system32\vmcomputeagent.exe
O23 - Service S3: Hyper-V Uzak Masaüstü Sanallaştırma Hizmeti - (vmicrdv) - C:\Windows\system32\svchost.exe -k ICService -p; "ServiceDll" = C:\Windows\System32\icsvcext.dll
O23 - Service S3: IP Çeviri Yapılandırma Hizmeti - (IpxlatCfgSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\IpxlatCfg.dll
O23 - Service S3: Internet Bağlantısı Paylaşımı (ICS) - (SharedAccess) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\ipnathlp.dll
O23 - Service S3: Kablolu Otomatik Yapılandırma - (dot3svc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\dot3svc.dll
O23 - Service S3: Kablosuz Yerel Ağ Otomatik Yapılandırma - (WlanSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wlansvc.dll
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 20.0 - (klvssbridge64_20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe
O23 - Service S3: Kişi Verileri - (PimIndexMaintenanceSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\PimIndexMaintenance.dll
O23 - Service S3: Kullanıcı Verilerine Erişim - (UserDataSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\userdataservice.dll
O23 - Service S3: Kullanıcı Verilerini Depolama - (UnistoreSvc) - C:\Windows\System32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\unistore.dll
O23 - Service S3: Kurumsal Uygulama Yönetimi Hizmeti - (EntAppSvc) - C:\Windows\system32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\EnterpriseAppMgmtSvc.dll
O23 - Service S3: MesajlaşmaHizmeti - (MessagingService) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\MessagingService.dll
O23 - Service S3: Microsoft (R) Diagnostics Hub'ı Standart Toplayıcı Hizmeti - (diagnosticshub.standardcollector.service) - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
O23 - Service S3: Microsoft Hesabı Oturum Açma Yardımcısı - (wlidsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wlidsvc.dll
O23 - Service S3: Microsoft Windows SMS Yönlendirme Hizmeti - (SmsRouter) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\SmsRouterSvc.dll
O23 - Service S3: Microsoft Yazılımı Gölge Kopya Sağlayıcısı - (swprv) - C:\Windows\System32\svchost.exe -k swprv; "ServiceDll" = C:\Windows\System32\swprv.dll
O23 - Service S3: Microsoft iSCSI Başlatıcısı Hizmeti - (MSiSCSI) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\iscsiexe.dll
O23 - Service S3: Natural Kimlik Doğrulaması - (NaturalAuthentication) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\NaturalAuth.dll
O23 - Service S3: NetLogon - (Netlogon) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\system32\netlogon.dll
O23 - Service S3: Nokta Doğrulayıcısı - (svsvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\svsvc.dll
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: PNRP Makine Adı Yayın Hizmeti - (PNRPAutoReg) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpauto.dll
O23 - Service S3: Perakende Gösteri Hizmeti - (RetailDemo) - C:\Windows\System32\svchost.exe -k rdxgroup; "ServiceDll" = C:\Windows\system32\RDXService.dll
O23 - Service S3: Performans Günlükleri ve Uyarıları - (pla) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\system32\pla.dll
O23 - Service S3: Performans Sayacı DLL Konak - (PerfHost) - C:\Windows\SysWow64\perfhost.exe
O23 - Service S3: PrintWorkflow - (PrintWorkflowUserSvc) - C:\Windows\system32\svchost.exe -k PrintWorkflow; "ServiceDll" = C:\Windows\System32\PrintWorkflowService.dll
O23 - Service S3: Radyo Yönetimi Hizmeti - (RmSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted; "ServiceDll" = C:\Windows\System32\RMapi.dll
O23 - Service S3: Resim Alma Olayları - (WiaRpc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wiarpc.dll
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: SNMP Yakalama - (SNMPTRAP) - C:\Windows\System32\snmptrap.exe
O23 - Service S3: Sanal Disk - (vds) - C:\Windows\System32\vds.exe
O23 - Service S3: Sertifika Yayma - (CertPropSvc) - C:\Windows\system32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\certprop.dll
O23 - Service S3: Sorun Raporları ve Çözümleri Denetim Masası Desteği - (wercplsupport) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\wercplsupport.dll
O23 - Service S3: Sürücüleri en iyi duruma getir - (defragsvc) - C:\Windows\system32\svchost.exe -k defragsvc; "ServiceDll" = C:\Windows\System32\defragsvc.dll
O23 - Service S3: Taşınabilir Aygıt Numaralandırma Hizmeti - (WPDBusEnum) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted; "ServiceDll" = C:\Windows\system32\wpdbusenum.dll
O23 - Service S3: Telefon - (TapiSrv) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\tapisrv.dll
O23 - Service S3: Telefon Hizmeti - (PhoneSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\PhoneService.dll
O23 - Service S3: UPnP Aygıt Ana Makinesi - (upnphost) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\upnphost.dll
O23 - Service S3: Uygulama Hazır Olma Durumu - (AppReadiness) - C:\Windows\System32\svchost.exe -k AppReadiness -p; "ServiceDll" = C:\Windows\system32\AppReadiness.dll
O23 - Service S3: Uygulama Katmanı Ağ Geçidi Hizmeti - (ALG) - C:\Windows\System32\alg.exe
O23 - Service S3: Uygulama Kimliği - (AppIDSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\appidsvc.dll
O23 - Service S3: Uygulama Yönetimi - (AppMgmt) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\appmgmts.dll
O23 - Service S3: Uzak Masaüstü Hizmetleri - (TermService) - C:\Windows\System32\svchost.exe -k NetworkService; "ServiceDll" = C:\Windows\System32\termsrv.dll
O23 - Service S3: Uzak Masaüstü Hizmetleri Kullanıcı Modu Bağlantı Noktası Yeniden Yönlendiricisi - (UmRdpService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\umrdp.dll
O23 - Service S3: Uzak Masaüstü Yapılandırması - (SessionEnv) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\sessenv.dll
O23 - Service S3: Uzaktan Erişim Otomatik Bağlantı Yöneticisi - (RasAuto) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\rasauto.dll
O23 - Service S3: Uzaktan Yordam Çağrısı (RPC) Konumlandırıcısı - (RpcLocator) - C:\Windows\system32\locator.exe
O23 - Service S3: Uzamsal Veri Hizmeti - (SharedRealitySvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\SharedRealitySvc.dll
O23 - Service S3: WMI Performans Bağdaştırıcısı - (wmiApSrv) - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service S3: WWAN Otomatik Yapılandırma - (WwanSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wwansvc.dll
O23 - Service S3: WarpJITSvc - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted; "ServiceDll" = C:\Windows\System32\Windows.WARP.JITService.dll
O23 - Service S3: WebClient - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\webclnt.dll
O23 - Service S3: Wi-Fi Direct Hizmetler Bağlantı Yöneticisi Hizmeti - (WFDSConMgrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wfdsconmgrsvc.dll
O23 - Service S3: Windows Algılama Benzetimi Hizmeti - (perceptionsimulation) - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe
O23 - Service S3: Windows Algılama Hizmeti - (spectrum) - C:\Windows\system32\spectrum.exe
O23 - Service S3: Windows Biyometrik Hizmeti - (WbioSrvc) - C:\Windows\system32\svchost.exe -k WbioSvcGroup; "ServiceDll" = C:\Windows\System32\wbiosrvc.dll
O23 - Service S3: Windows Hata Raporlama Hizmeti - (WerSvc) - C:\Windows\System32\svchost.exe -k WerSvcGroup; "ServiceDll" = C:\Windows\System32\WerSvc.dll
O23 - Service S3: Windows Insider Hizmeti - (wisvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\flightsettings.dll
O23 - Service S3: Windows Installer - (msiserver) - C:\Windows\system32\msiexec.exe /V
O23 - Service S3: Windows Kamera Çerçeve Sunucusu - (FrameServer) - C:\Windows\System32\svchost.exe -k Camera; "ServiceDll" = C:\Windows\system32\FrameServer.dll
O23 - Service S3: Windows Media Player Ağ Paylaşımı Hizmeti - (WMPNetworkSvc) - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service S3: Windows Mobil Etkin Nokta Hizmeti - (icssvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\tetheringservice.dll
O23 - Service S3: Windows Modül Yükleyicisi - (TrustedInstaller) - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service S3: Windows Olay Toplayıcısı - (Wecsvc) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\wecsvc.dll
O23 - Service S3: Windows PushToInstall Hizmeti - (PushToInstall) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\PushToInstall.dll
O23 - Service S3: Windows Resim Alma (WIA) - (stisvc) - C:\Windows\system32\svchost.exe -k imgsvc; "ServiceDll" = C:\Windows\System32\wiaservc.dll
O23 - Service S3: Windows Time - (W32Time) - C:\Windows\system32\svchost.exe -k LocalService; "ServiceDll" = C:\Windows\system32\w32time.dll
O23 - Service S3: Windows Update - (wuauserv) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wuaueng.dll
O23 - Service S3: Windows Yedekleme - (SDRSVC) - C:\Windows\system32\svchost.exe -k SDRSVC; "ServiceDll" = C:\Windows\System32\SDRSVC.dll
O23 - Service S3: Windows Şifreleme Sağlayıcısı Ana Bilgisayar Hizmeti - (WEPHOSTSVC) - C:\Windows\system32\svchost.exe -k WepHostSvcGroup; "ServiceDll" = C:\Windows\system32\wephostsvc.dll
O23 - Service S3: Windows Şimdi Bağlan - Yapılandırma Dosyası Kaydedici - (wcncsvc) - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\wcncsvc.dll
O23 - Service S3: Xbox Accessory Management Service - (XboxGipSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XboxGipSvc.dll
O23 - Service S3: Xbox Live Ağ Hizmeti - (XboxNetApiSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\XboxNetApiSvc.dll
O23 - Service S3: Xbox Live Kimlik Doğrulama Yöneticisi - (XblAuthManager) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XblAuthManager.dll
O23 - Service S3: Xbox Live Oyun Kaydetme - (XblGameSave) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XblGameSave.dll
O23 - Service S3: Yazıcı Uzantıları ve Bildirimleri - (PrintNotify) - C:\Windows\system32\svchost.exe -k print; "ServiceDll" = C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
O23 - Service S3: Yerel Profil Yardımcısı Hizmeti - (wlpasvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\lpasvc.dll
O23 - Service S3: Yetenek Erişim Yöneticisi Hizmeti - (camsvc) - C:\Windows\system32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\CapabilityAccessManager.dll
O23 - Service S3: Çevrimdışı Dosyalar - (CscService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\cscsvc.dll
O23 - Service S3: Ödeme ve NFC/SE Yöneticisi - (SEMgrSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\SEMgrSvc.dll
O23 - Service S3: İkincil Oturum Açma - (seclogon) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\seclogon.dll
O23 - Service S3: İşlev Bulma Kaynak Yayımı - (FDResPub) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\fdrespub.dll
O23 - Service S3: İşlev Bulma Sağlayıcısı Ana Bilgisayarı - (fdPHost) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\fdPHost.dll



Debug information:

- 26.04.2020 22:00:24 - LoadFileToStream - #0 LastDllError = 5 (Erişim engellendi.) CreateFile C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
- 26.04.2020 22:00:24 - ParseJob. Unable to open file: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job - #0 LastDllError = 0
- 26.04.2020 22:00:24 - LoadFileToStream - #0 LastDllError = 5 (Erişim engellendi.) CreateFile C:\Windows\Tasks\update-S-1-5-21-2221341115-4209063737-3344392466-1001.job
- 26.04.2020 22:00:24 - ParseJob. Unable to open file: C:\Windows\Tasks\update-S-1-5-21-2221341115-4209063737-3344392466-1001.job - #0 LastDllError = 0

--
End of file - Time spent: 18,1 sec. - 92140 bytes, CRC32: FFFFFFFF. Sign: 긡㕯

Murat5038 · 26 Nisan 2020

Kaspersky kullanıyorsun zaten bakmaya gerek yok ama gereksiz bir sürü servis ve yazılım açık kurulu. Gereksizleri silin, temiz önyükleme yapın, bunları da fixleyin:

Kod:

O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run: [MsmqIntCert] = C:\Windows\System32\regsvr32.exe /s "C:\Windows\System32\mqrt.dll" (2020/04/13)
O7 - TroubleShooting: (EV) HKU\S-1-5-19\..\Environment: [TEMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-19\..\Environment: [TMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-20\..\Environment: [TEMP] = (not exist)
O7 - TroubleShooting: (EV) HKU\S-1-5-20\..\Environment: [TMP] = (not exist)
O10 - Unknown file in Winsock LSP: C:\Windows\System32\winrnr.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\NLAapi.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\pnrpnsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\wshbth.dll
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll
O18 - HKLM\Software\Classes\Protocols\Handler\about: [CLSID] = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\cdl: [CLSID] = {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\dvd: [CLSID] = {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\file: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ftp: [CLSID] = {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\http: [CLSID] = {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\https: [CLSID] = {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\javascript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\local: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mailto: [CLSID] = {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mhtml: [CLSID] = {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mk: [CLSID] = {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ms-its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\res: [CLSID] = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tv: [CLSID] = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\vbscript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\windows.tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Offline Files: (no name) - {4E77131D-3629-431c-9818-C5679DC83E81} - C:\Windows\System32\cscui.dll
O22 - Task (.job): (disabled) CreateExplorerShellUnelevatedTask.job - (no file)
O22 - Task (.job): (disabled) update-S-1-5-21-2221341115-4209063737-3344392466-1001.job - (no file)

Bu klasör içindekileri de temizleyin:
C:\Windows\Tasks\

Windows 10 Gereksiz Servis ve Hizmetlerden Kurtulun

Windows 8 ve 10 ile beraber geri bildirim, sistem hata döküm takibi, uygulama edinin benzeri bir sürü servis ve uygulama çalışmaktadır. Birçok kişi gündelik ve bilgisayarı oyun için yeni bir şey yapmadan kullandığından bu servisler sisteme etki ediyor ve performanslarını düşürebiliyor. Bu yüzden...

www.technopat.net

Bunu da uygulayın.

alperrr1 · 27 Nisan 2020

Paste ofCode

paste.ofcode.org

teşekkürler

Murat5038 · 27 Nisan 2020

Zararlı yok gözüküyor. Ancak yine de temiz önyükleme yapabilirsin.

Rehber HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

Murat5038

Yottapat!

mr. Mrx

Centipat

Murat5038

Yottapat!

korsann

Centipat

Dosya Ekleri

Murat5038

Yottapat!

korsann

Centipat

MertTR12

Megapat

Murat5038

Yottapat!

Windows 10 Gereksiz Servis ve Hizmetlerden Kurtulun

alperrr1

Hectopat

Paste ofCode

Murat5038

Yottapat!

Benzer konular