Rehber HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 13 Ekim 2013

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.

Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Kod'a tıklayın.

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.

Murat5038 · 11 Ocak 2021

Bunları fixleyin zararlı kaynaklı değil:

Kod:

O4 - HKCU\..\Run: [ConnectDetector] = C:\Users\ekran\AppData\Roaming\Adobe\Connect\connectdetector.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\ekran\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/01/09)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/01/09)
O4 - HKLM\..\Run: [Logitech Download Assistant] = C:\Windows\System32\LogiLDA.dll C:\Windows\System32\LogiLDA.dll,LogiFetch
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"

MBAM aktif olarak kullanmayın.

Mericchi dedi:
Cahilce mi konuşuyorum bilmiyorum. konuşuyorsam affedin. Benim sıkıntım sadece programlar açılırken bir süre donması. Hepsi aynı zamanda başladı. İnternet ve sistem hızı demişsin ama bence bu sorunları sadece bir şey tetikliyor. Ben hatta internetle kaynaklı olduğunuda düşünmüyorum... Ve ben performansla ilgili bir sıkıntı çekmediğimi 3. Kere söylüyorum. Sadece diğer programlarda olduğu gibi oyun yüklenirken 3-4 dk bekliyorum. Mesela NFSMW oynuyorum şu sıralar, yarış sırasında hiçbir türlü FPS drop falan almıyorum gayet de akıcı bir şekilde oynuyorum ama loading bölümü geliyor 2-3 dakika bekliyorum; bazen beklemiyorum.Aynı şekilde Minecraft olsun. Oyun ilk başta yüklenirken 2-3 dk bekliyorum. Bu hatalar olmadan önce daha kısa sürede açılıyordu. Performans kısmında ama hiçbir değişiklik yok 40-50 FPS arasındaydı önceden de şimdi de. Çok ilginç bir hata. Bu arada son attığın makaleyide deneyeceğim ona göre dönerim abi. Teşekkür ederim şimdiden benimle ilgilendiğin için minnoş abim benim.

Rica ederim. Cahilce konuşmuyorsun da bazı şeyleri anlamıyorsun sadece. Bu bölüm güvenlik kısmı burada sadece güvenlikle ilgili bir sıkıntı varsa çözeriz. Diğer problemleri farklı konu açıp sorman gerekir. Sistemsel performans sıkıntılarına burada bakmıyoruz zararlı kaynaklı değilse. Açtığın konuda da sistemsel ve söylediğim yazılımsal kaynaklı sıkıntılar olduğundan burada yazılımsal bazılarını söyledim onları yaparsan daha hafifleyecektir, hafiflemiştir.

Mericchi · 11 Ocak 2021

Murat5038 dedi:
Rica ederim. Cahilce konuşmuyorsun da bazı şeyleri anlamıyorsun sadece. Bu bölüm güvenlik kısmı burada sadece güvenlikle ilgili bir sıkıntı varsa çözeriz. Diğer problemleri farklı konu açıp sorman gerekir. Sistemsel performans sıkıntılarına burada bakmıyoruz zararlı kaynaklı değilse. Açtığın konuda da sistemsel ve söylediğim yazılımsal kaynaklı sıkıntılar olduğundan burada yazılımsal bazılarını söyledim onları yaparsan daha hafifleyecektir, hafiflemiştir.

Anladım abim. Aslında bu problem ile konu açmıştım. Pek bir ilerleme kaydetemedik. Sonra biri burayı önerdi buradan olur diye umut ettim o da olmadı... Senin önerdiğin makaledeki program Windows 8.1'i desteklemiyormuş abi o da olmadı yani. Neyse abim şu anki yardımların için gerçekten çok teşekkür ediyorum. Özelden yardımcı olabilme seçeneğin var mı abi? Varsa cidden çok mutlu olurum.

Murat5038 · 11 Ocak 2021

Özel istek yasak ancak kontrol için bağlanabilirim yine de TW id şifre buradan paylaşın.

astronautinocean · 12 Ocak 2021

[CODE title="Malware / Virüs Şüphesi"]Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Pro), 10.0.19042.685 (ReleaseId: 2009), Service Pack: 0
Time: 12.01.2021 - 16:14 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: deniz (group: Administrator) on DESKTOP-DV3KO53, FirstRun: yes

Chrome: 87.0.4280.141
Edge: 11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1 C:\Program Files (x86)\ControlCenter\Driver\x64\HKClipSvc.exe
1 C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avpui.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.17.0.0_x64__6h6z29zh29qx0\FnKey\FnKey.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2012.16655.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.72.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxAccounts.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
1 C:\Users\deniz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\deniz\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\SysWOW64\Creative.UWPRPCService.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\BackgroundTransferHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\acpi0002.inf_amd64_917172d416365110\DCHUService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_790c20683c3a62ec\GfxDownloadWrapper.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_790c20683c3a62ec\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_790c20683c3a62ec\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_55bf1834336e8765\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1657f7761e46e74\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1657f7761e46e74\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_49599d441c87af7f\Intel_PIE_Service.exe
2 C:\Windows\System32\RtkAudUService64.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
82 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 ezglobalyazilim.com
O1 - Hosts: 127.0.0.1 atompremium.com
O1 - Hosts: 127.0.0.1 csrkpremium.com
O1 - Hosts: 127.0.0.1 csrapid.com
O1 - Hosts: 127.0.0.1 csgodings.com
O1 - Hosts: 127.0.0.1 hile.market
O1 - Hosts: 127.0.0.1 csgo.plus
O1 - Hosts: 127.0.0.1 aimstrike.com
O1 - Hosts: 127.0.0.1 moxefpremium.com
O1 - Hosts: 127.0.0.1 csgohilesi.com
O1 - Hosts: 127.0.0.1 turkeycoder.com
O1 - Hosts: 127.0.0.1 ez-csgo.com
O1 - Hosts: 127.0.0.1 hilesatinal.com
O1 - Hosts: 127.0.0.1 oneshotpremium.com
O1 - Hosts: 127.0.0.1 guukgang.com
O1 - Hosts: 127.0.0.1 www.ezglobalyazilim.com
O1 - Hosts: 127.0.0.1 www.atompremium.com
O1 - Hosts: 127.0.0.1 www.csrkpremium.com
O1 - Hosts: 127.0.0.1 www.csrapid.com
O1 - Hosts: 127.0.0.1 www.csgodings.com
O1 - Hosts: 127.0.0.1 www.hile.market
O1 - Hosts: 127.0.0.1 www.csgo.plus
O1 - Hosts: 127.0.0.1 www.aimstrike.com
O1 - Hosts: 127.0.0.1 www.moxefpremium.com
O1 - Hosts: 127.0.0.1 www.csgohilesi.com
O1 - Hosts: 127.0.0.1 www.turkeycoder.com
O1 - Hosts: 127.0.0.1 www.ez-csgo.com
O1 - Hosts: 127.0.0.1 www.hilesatinal.com
O1 - Hosts: 127.0.0.1 www.oneshotpremium.com
O1 - Hosts: 127.0.0.1 www.guukgang.com
O1 - Hosts: 127.0.0.1 www.yougame.biz
O1 - Hosts: 127.0.0.1 yougame.biz
O1 - Hosts: 127.0.0.1 github.com/atakan75
O1 - Hosts: 127.0.0.1 www.github.com/atakan75
O1 - Hosts: 127.0.0.1 xtremecheats.gg
O1 - Hosts: 127.0.0.1 www.xtremecheats.gg
O1 - Hosts: 127.0.0.1 www.corsair.wtf
O1 - Hosts: 127.0.0.1 corsair.wtf
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.75\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.75\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [OneDrive] = C:\Users\deniz\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O17 - DHCP DNS 1: 192.168.2.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-2986978490-3479564899-2718456967-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O23 - Service R2: Control Center Hotkey Service - (CCDCHUService) - C:\WINDOWS\System32\DriverStore\FileRepository\acpi0002.inf_amd64_917172d416365110\DCHUService.exe
O23 - Service R2: HotKey Clipboard Service - (HKClipSvc) - C:\Program Files (x86)\ControlCenter\Driver\x64\HKClipSvc.exe
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1657f7761e46e74\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_55bf1834336e8765\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_790c20683c3a62ec\igfxCUIService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.2 - (AVP21.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe -r
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R2: UWP RPC Service - (UWPService) - C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a1657f7761e46e74\IntelCpHeciSvc.exe
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_49599d441c87af7f\Intel_PIE_Service.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S2: Intel® SGX AESM - (AESMService) - C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.2 - (KSDE5.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe -r
O23 - Service S2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.141\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.2 - (klvssbridge64_21.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\x64\vssbridge64.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe

--
End of file - Time spent: 7,2 sec. - 34674 bytes, CRC32: FFFFFFFF. Sign: 긙㩂[/CODE]

Murat5038 · 12 Ocak 2021

Zararlı gözükmüyor. Bunları fixleyin yine de:

Kod:

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 ezglobalyazilim.com
O1 - Hosts: 127.0.0.1 atompremium.com
O1 - Hosts: 127.0.0.1 csrkpremium.com
O1 - Hosts: 127.0.0.1 csrapid.com
O1 - Hosts: 127.0.0.1 csgodings.com
O1 - Hosts: 127.0.0.1 hile.market
O1 - Hosts: 127.0.0.1 csgo.plus
O1 - Hosts: 127.0.0.1 aimstrike.com
O1 - Hosts: 127.0.0.1 moxefpremium.com
O1 - Hosts: 127.0.0.1 csgohilesi.com
O1 - Hosts: 127.0.0.1 turkeycoder.com
O1 - Hosts: 127.0.0.1 ez-csgo.com
O1 - Hosts: 127.0.0.1 hilesatinal.com
O1 - Hosts: 127.0.0.1 oneshotpremium.com
O1 - Hosts: 127.0.0.1 guukgang.com
O1 - Hosts: 127.0.0.1 www.ezglobalyazilim.com
O1 - Hosts: 127.0.0.1 www.atompremium.com
O1 - Hosts: 127.0.0.1 www.csrkpremium.com
O1 - Hosts: 127.0.0.1 www.csrapid.com
O1 - Hosts: 127.0.0.1 www.csgodings.com
O1 - Hosts: 127.0.0.1 www.hile.market
O1 - Hosts: 127.0.0.1 www.csgo.plus
O1 - Hosts: 127.0.0.1 www.aimstrike.com
O1 - Hosts: 127.0.0.1 www.moxefpremium.com
O1 - Hosts: 127.0.0.1 www.csgohilesi.com
O1 - Hosts: 127.0.0.1 www.turkeycoder.com
O1 - Hosts: 127.0.0.1 www.ez-csgo.com
O1 - Hosts: 127.0.0.1 www.hilesatinal.com
O1 - Hosts: 127.0.0.1 www.oneshotpremium.com
O1 - Hosts: 127.0.0.1 www.guukgang.com
O1 - Hosts: 127.0.0.1 www.yougame.biz
O1 - Hosts: 127.0.0.1 yougame.biz
O1 - Hosts: 127.0.0.1 github.com/atakan75
O1 - Hosts: 127.0.0.1 www.github.com/atakan75
O1 - Hosts: 127.0.0.1 xtremecheats.gg
O1 - Hosts: 127.0.0.1 www.xtremecheats.gg
O1 - Hosts: 127.0.0.1 www.corsair.wtf
O1 - Hosts: 127.0.0.1 corsair.wtf
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O17 - DHCP DNS 1: 192.168.2.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-2986978490-3479564899-2718456967-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)

MertTR12 · 12 Ocak 2021

Paste ofCode Murat hocam kullandığım sandboxie plus programında güvenlik açığı çıktı bayağı program denemiştim gizlilik ayarları birde şüpheli birşey varmıdır ?

Major14 · 13 Ocak 2021

Merhaba hocam bilgisayarım son zamanlarda geç açılmaya başladı. Şimdiden teşekkür ederim.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.19042.746 (ReleaseId: 2009), Service Pack: 0
Time:      13.01.2021 - 17:47 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    UFUK    (group: Administrator) on UFUK, FirstRun: no

Chrome:  87.0.4280.141
Edge:    11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe
   1  C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
   1  C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
   1  C:\Program Files\Trend Micro\AMSP\module\10011\8.2.1118\8.2.1118\TmsaInstance64.exe
   1  C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe
   1  C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
   1  C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
   1  C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
   1  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
   1  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Users\Kasa-Pc\İndirilenler\Compressed\HiJackThis\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 174.133.70.101:443
O1 - Hosts: 127.0.0.1 www.174.133.70.101:443
O1 - Hosts: 127.0.0.1 174.133.70.101:80
O1 - Hosts: 127.0.0.1 www.174.133.70.101:80
O1 - Hosts: 127.0.0.1 174.133.70.98
O1 - Hosts: 127.0.0.1 www.174.133.70.98
O1 - Hosts: 127.0.0.1 star.tonec.com
O1 - Hosts: 127.0.0.1 www.star.tonec.com
O1 - Hosts: 127.0.0.1 rev.dyxnet.com
O1 - Hosts: 127.0.0.1 www.rev.dyxnet.com
O1 - Hosts: 0.0.0.0 license.piriform.com
O1 - Hosts: 0.0.0.0 www.ccleaner.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 genuine.adobe.com
O1 - Hosts: 127.0.0.1 prod.adobegenuine.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.75\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll
O2 - HKLM\..\BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.75\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O3 - HKLM\..\Toolbar: Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
O3-32 - HKLM\..\Toolbar: Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [Platinum] = C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe 1
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [Trend Micro Client Framework] = C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\StartupApproved\Run: [Cm108BSound] = C:\Program Files\7.1 Sound Effect Gaming Headset\CPL\FaceLift_x64.exe /h /d (2021/01/13)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 127.0.0.1 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.0.224 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.0.227 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.40.5 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 173.255.134.84 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 173.255.137.80 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 174.127.73.80 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 174.127.73.85 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.28 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.29 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.31 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.97.82.44 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 69.41.163.149 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 69.41.163.49 (mirrored) - Action: Block
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Microsoft Excel'e &Ver: (default) = C:\Program Files (x86)\MICROS~1\Office12\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\OneNote'a G&önder: (default) = C:\Program Files\MICROS~1\Office16\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\tmtb: [CLSID] = {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tmtbim: [CLSID] = {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  FSOverlayIcon: FSOverlayIcon Class - {C0829D19-E5A0-44F5-B56E-D15030C53BB9} - C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\IME\SQM data sender - {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} - C:\Windows\System32\IME\shared\imecfm.dll (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyUpload - {EBF00FCB-0769-4B81-9BEC-6C05514111AA},4 - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall - {EFF7F153-1C97-417A-B633-FEDE6683A939} - C:\WINDOWS\system32\wuaueng.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - C:\WINDOWS\System32\AutoWorkplace.exe join (file missing)
O22 - Task: (disabled) \S-1-5-21-981034567-2066289649-3802252723-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\BthSQM - {C8367320-6F85-11E0-A1F0-0800200C9A66},SYSTEM - C:\WINDOWS\System32\BthTelemetry.dll (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Task: \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file)
O22 - Task: \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file)
O22 - Task: \R@1n-KMS\Windows100Professional - c:\windows\system32\wbem\wmic.exe path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
O22 - Task: {06C6C626-D75A-48EA-86B8-6DADFF32A171} - C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
O22 - Task: {5776E4A9-375E-48AE-BBC1-693916A8991E} - C:\WINDOWS\system32\pcalua.exe -a "E:\Program Files (x86)\Ryse Son of Rome\Ryse Son of Rome Türkçe Yama Kaldır.exe" -d "E:\Program Files (x86)\Ryse Son of Rome"
O22 - Task: {C910D30C-4BE8-4AEB-AF23-15D6C20E558C} - C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
O22 - Task: {F72EC562-327A-4AB0-8241-186BB3AA4A86} - C:\WINDOWS\system32\pcalua.exe -a "E:\Program Files (x86)\Thief\uninstall.exe"
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Platinum Host Service - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service R2: Trend Micro Activity Data Service - (AMSPTLM) - C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe 60 30 -sp=1
O23 - Service R2: Trend Micro Solution Platform - (Amsp) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.141\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: TmWscSvc - C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe
O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\WINDOWS\SysWOW64\GameMon.des -service


--
End of file - Time spent: 7,7 sec. - 39964 bytes, CRC32: FFFFFFFF. Sign: 릐亸

Murat5038 · 14 Ocak 2021

MertTR12 dedi:
Paste ofCode Murat hocam kullandığım Sandboxie Plus programında güvenlik açığı çıktı bayağı program denemiştim gizlilik ayarları bir de şüpheli bir şey var mıdır?

Güvenlik açığı ile sanca sisteme bulaşan aktif bir zararlı varsa işinize yarar bu rehber. Açıktan yararlanan var mı onu AV testit eder.

Release Release v0.5.4 / 5.46.2 - Hotfix 2 · sandboxie-plus/Sandboxie

Urgent security fixes (thanks @diversenok) Build 5.46.0 resolves many box isolation issues some of them critical that could allow rogue applications to escape the sandbox. It is highly advised to ...

github.com

Düzeltilmiş güvenik açığı ama hala eski olanı kullanıyorsun sen.

Bunları fixleyin:

Kod:

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 dns40.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns39.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns38.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns37.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns36.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns35.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns34.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns33.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns32.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns31.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns30.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns29.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns28.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns27.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns26.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns25.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns24.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns23.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns22.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns21.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns20.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns19.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns18.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns17.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns16.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns15.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns14.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns13.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns12.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns11.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns10.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns9.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns8.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns7.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns6.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns5.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns4.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns3.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns2.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns1.turktelekom.com.tr
O1 - Hosts: 127.0.0.1 dns0.turktelekom.com.tr
O1 - Hosts: 0.0.0.0 redshell.io www.redshell.io
O1 - Hosts: 0.0.0.0 api.redshell.io
O1 - Hosts: 0.0.0.0 treasuredata.com www.treasuredata.com
O1 - Hosts: 0.0.0.0 in.treasuredata.com
O1 - Hosts: 0.0.0.0 files.facepunch.com
O1 - Hosts: 0.0.0.0 gameanalytics.com
O1 - Hosts: 0.0.0.0 api.gameanalytics.com
O1 - Hosts: 0.0.0.0 rubick.gameanalytics.com
O4 - HKCU\..\StartupApproved\Run: [SandboxiePlus_AutoRun] = C:\Program Files\Sandboxie-Plus\SandMan.exe -autorun (2020/12/23)
O10 - Unknown file in Winsock LSP: C:\Windows\System32\winrnr.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\NLAapi.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\pnrpnsp.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\wshbth.dll
O18 - HKLM\Software\Classes\Protocols\Handler\about: [CLSID] = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\cdl: [CLSID] = {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\dvd: [CLSID] = {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\file: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ftp: [CLSID] = {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\http: [CLSID] = {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\https: [CLSID] = {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\javascript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\local: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mailto: [CLSID] = {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mhtml: [CLSID] = {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
O18 - HKLM\Software\Classes\Protocols\Handler\mk: [CLSID] = {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll
O18 - HKLM\Software\Classes\Protocols\Handler\ms-its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - HKLM\Software\Classes\Protocols\Handler\res: [CLSID] = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - HKLM\Software\Classes\Protocols\Handler\tv: [CLSID] = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - HKLM\Software\Classes\Protocols\Handler\vbscript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - HKLM\Software\Classes\Protocols\Handler\windows.tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\EnhancedStorageShell: Enhanced Storage Icon Overlay Handler Class - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} - C:\Windows\System32\EhStorShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Offline Files: (no name) - {4E77131D-3629-431c-9818-C5679DC83E81} - C:\Windows\System32\cscui.dll
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3356541362-1770980186-2827386571-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) - {CF2CF428-325B-48D3-8CA8-7633E36E5A32} - C:\Windows\system32\msdrm.dll
O22 - Task: (disabled) \Microsoft\Windows\AppID\PolicyConverter - C:\Windows\system32\appidpolicyconverter.exe
O22 - Task: (disabled) \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - C:\Windows\system32\appidcertstorecheck.exe
O22 - Task: (disabled) \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - C:\Windows\system32\rundll32.exe C:\Windows\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck - {AE31B729-D5FD-401E-AF42-784074835AFE},-IntegrityCheck - C:\Windows\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - C:\Windows\system32\DFDWiz.exe
O22 - Task: (disabled) \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync - {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B} - C:\Windows\System32\srmclient.dll
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Uninstall - C:\Windows\System32\LanguageComponentsInstaller.dll
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask
O22 - Task: (disabled) \Microsoft\Windows\Offline Files\Background Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} - C:\Windows\System32\cscui.dll
O22 - Task: (disabled) \Microsoft\Windows\Offline Files\Logon Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8},Logon - C:\Windows\System32\cscui.dll
O22 - Task: (disabled) \Microsoft\Windows\PushToInstall\LoginCheck - C:\Windows\system32\sc.exe start pushtoinstall login
O22 - Task: (disabled) \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE - {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047},VerifyWinRE - C:\Windows\System32\ReAgentTask.dll
O22 - Task: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - C:\Windows\System32\rundll32.exe C:\Windows\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\Windows\System32\sppcext.dll
O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},network - C:\Windows\System32\sppcext.dll
O22 - Task: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - C:\Windows\system32\defrag.exe -c -h -g -# -m 8 -i 13500
O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate - {17C82257-654E-4C47-8E23-DCA24EAA76A0} - C:\Windows\system32\sysmain.dll
O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance - {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} - C:\Windows\system32\sysmain.dll
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Work - C:\Windows\system32\usoclient.exe StartWork
O22 - Task: (disabled) \Microsoft\Windows\User Profile Service\HiveUploadTask - {BA677074-762C-444B-94C8-8C83F93F6605} - C:\Windows\system32\profsvc.dll
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\Windows\System32\dsregcmd.exe $(Arg0) $(Arg1) $(Arg2)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Device-Sync - {C662D912-E4D6-44A3-89A0-20550514951D},DeviceUpdate - C:\Windows\System32\dsregtask.dll
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Recovery-Check - C:\Windows\System32\dsregcmd.exe /checkrecovery
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\StartupAppTask - C:\Windows\system32\rundll32.exe Startupscan.dll,SusRunTask
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Consolidator - C:\Windows\System32\wsqmcons.exe
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip - {C27F6B1D-FE0B-45E4-9257-38799FA69BC8},SYSTEM - C:\Windows\System32\usbceip.dll
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-3356541362-1770980186-2827386571-500 - C:\Users\kingd\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-3559598970-2979608507-1717242270-500 - C:\Users\kingd\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) - {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} - C:\Windows\system32\msdrm.dll
O22 - Task: \Microsoft\Windows\AppID\EDP Policy Manager - {DECA92E0-AF85-439E-9204-86679978DA08},EdpPolicyManager - C:\Windows\System32\AppLockerCsp.dll
O22 - Task: \Microsoft\Windows\Autochk\Proxy - C:\Windows\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
O22 - Task: \Microsoft\Windows\Chkdsk\SyspartRepair - C:\Windows\system32\bcdboot.exe C:\Windows /sysrepair
O22 - Task: \Microsoft\Windows\DUSM\dusmtask - C:\Windows\System32\dusmtask.exe
O22 - Task: \Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll
O22 - Task: \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F},-Manual - C:\Windows\System32\discan.dll
O22 - Task: \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery - {DCFD3EA8-D960-4719-8206-490AE315F94F},-CrashRecovery - C:\Windows\System32\discan.dll
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe -c -h -o -$
O22 - Task: \Microsoft\Windows\Device Setup\Metadata Refresh - {23C1F3CF-C110-4512-ACA9-7B6174ECE888} - C:\Windows\System32\DeviceSetupManagerAPI.dll

O22 - Task: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - {AD08DCC2-4E35-4486-9D49-547CBD30942D} - C:\Windows\System32\MitigationClient.dll
O22 - Task: \Microsoft\Windows\Diagnosis\Scheduled - {C1F85EF8-BCC2-4606-BB39-70C523715EB3} - C:\Windows\System32\sdiagschd.dll
O22 - Task: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\Windows\system32\dxgiadaptercache.exe
O22 - Task: \Microsoft\Windows\DirectX\DirectXDatabaseUpdater - C:\Windows\system32\directxdatabaseupdater.exe
O22 - Task: \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\Windows\system32\cleanmgr.exe /autoclean /d C:
O22 - Task: \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - C:\Windows\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
O22 - Task: \Microsoft\Windows\DiskFootprint\Diagnostics - C:\Windows\system32\disksnapshot.exe -z
O22 - Task: \Microsoft\Windows\DiskFootprint\StorageSense - {AB2A519B-03B0-43CE-940A-A73DF850B49A} - C:\Windows\system32\StorageUsage.dll
O22 - Task: \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\Windows\System32\edptask.dll
O22 - Task: \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\Windows\System32\edptask.dll
O22 - Task: \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\Windows\System32\edptask.dll
O22 - Task: \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\Windows\System32\edptask.dll
O22 - Task: \Microsoft\Windows\Feedback\Siuf\DmClient - C:\Windows\system32\dmclient.exe
O22 - Task: \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - C:\Windows\system32\dmclient.exe utcwnf
O22 - Task: \Microsoft\Windows\FileHistory\File History (maintenance mode) - {89917B7C-A1A6-11DF-8BF6-18A90531A85A} - C:\Windows\System32\fhtask.dll
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures - {59EECBFE-C2F5-4419-9B99-13FE05FF2675} - C:\Windows\System32\fcon.dll
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing - {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} - C:\Windows\System32\fcon.dll
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting - {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} - C:\Windows\System32\fcon.dll
O22 - Task: \Microsoft\Windows\Flighting\OneSettings\RefreshCache - {E07647F7-AED2-48D9-9720-939BC24A8A3C} - C:\Windows\System32\wosc.dll
O22 - Task: \Microsoft\Windows\HelloFace\FODCleanupTask - C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe
O22 - Task: \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Report policies - C:\Windows\system32\usoclient.exe ReportPolicies
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan - C:\Windows\system32\usoclient.exe StartScan
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task - C:\Windows\system32\usoclient.exe StartScan
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateModelTask - C:\Windows\system32\usoclient.exe StartModelUpdates

Çok fazla zamanlanmış Windows servisi var neden bu kadar fazlalar? Server filan mı kurulu?

Major14 dedi:
Merhaba hocam bilgisayarım son zamanlarda geç açılmaya başladı. Şimdiden teşekkür ederim.

Zararlı olarak belirgin KMS aracı kullanıyorsunuz, İllegal yöntemler de kullanıyorsun onlardan kaynaklı büyük ihtimal bunları fixleyin:

Kod:

O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 127.0.0.1 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.0.224 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.0.227 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 169.55.40.5 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 173.255.134.84 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 173.255.137.80 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 174.127.73.80 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 174.127.73.85 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.28 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.29 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.22.78.31 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 50.97.82.44 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 69.41.163.149 (mirrored) - Action: Block
O7 - IPSec: Name: IDM 6.XX IP Block (2016/02/13) - {f1d28a00-b855-4a4f-bcf3-2ae435f57871} - Source: my IP - Destination: IP: 69.41.163.49 (mirrored) - Action: Block
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\IME\SQM data sender - {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} - C:\Windows\System32\IME\shared\imecfm.dll (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyUpload - {EBF00FCB-0769-4B81-9BEC-6C05514111AA},4 - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall - {EFF7F153-1C97-417A-B633-FEDE6683A939} - C:\WINDOWS\system32\wuaueng.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - C:\WINDOWS\System32\AutoWorkplace.exe join (file missing)
O22 - Task: (disabled) \S-1-5-21-981034567-2066289649-3802252723-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\BthSQM - {C8367320-6F85-11E0-A1F0-0800200C9A66},SYSTEM - C:\WINDOWS\System32\BthTelemetry.dll (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Task: \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file)
O22 - Task: \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file)
O22 - Task: \R@1n-KMS\Windows100Professional - c:\windows\system32\wbem\wmic.exe path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
O22 - Task: {06C6C626-D75A-48EA-86B8-6DADFF32A171} - C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
O22 - Task: {5776E4A9-375E-48AE-BBC1-693916A8991E} - C:\WINDOWS\system32\pcalua.exe -a "E:\Program Files (x86)\Ryse Son of Rome\Ryse Son of Rome Türkçe Yama Kaldır.exe" -d "E:\Program Files (x86)\Ryse Son of Rome"
O22 - Task: {C910D30C-4BE8-4AEB-AF23-15D6C20E558C} - C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
O22 - Task: {F72EC562-327A-4AB0-8241-186BB3AA4A86} - C:\WINDOWS\system32\pcalua.exe -a "E:\Program Files (x86)\Thief\uninstall.exe"

MertTR12 · 14 Ocak 2021

@Murat5038 Server kurulu değil endişelenmeli miyim ?

Murat5038 · 14 Ocak 2021

O zaman diğer güvenlik yazılımlarını kaldırıp, imzamdan KIS 2021 kullanın deneme süresince bir sorun çıkmazsa uyarmazsa sıkıntı yok demektir.
Yukarıda söylediklerimi de uygulayın.

Rehber HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

Murat5038

Yottapat!

Mericchi

Hectopat

Murat5038

Yottapat!

astronautinocean

Hectopat

Murat5038

Yottapat!

MertTR12

Megapat

Major14

Decapat

Murat5038

Yottapat!

Release Release v0.5.4 / 5.46.2 - Hotfix 2 · sandboxie-plus/Sandboxie

MertTR12

Megapat

Murat5038

Yottapat!

Benzer konular