HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Home Single Language), 10.0.19042.867 (ReleaseId: 2009), Service Pack: 0
Time:      18.03.2021 - 22:53 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    HP    (group: Administrator) on LAPTOP-*****, FirstRun: no

Chrome:  89.0.4389.90
Edge:    11.0.19041.844
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
   1  C:\Program Files\HPCommRecovery\HPCommRecovery.exe
   1  C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21021.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Users\HP\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\RtkBtManServ.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe
   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\BridgeCommunication.exe
   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe
   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0355141.inf_amd64_184968ebe3516a72\B354599\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0355141.inf_amd64_184968ebe3516a72\B354599\atiesrxx.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SECOMN64.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SynTPEnh.exe
   1  C:\Windows\System32\SynTPEnhService.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  26  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [URL] = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [URL] = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
O1 - Hosts: Reset contents to default
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\StartupApproved\Run: [HPSEU_Host_Launcher] = C:\System.sav\util\HpseuHostLauncher.exe (2020/10/23)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2020/10/22)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (file missing) (2021/02/17)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing) (2021/02/17)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Bağlantı sorunlarını çözmenize yardımcı olacak şekilde HP Ağ Denetimini başlatır - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Ağ Denetimi - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Bağlantı sorunlarını çözmenize yardımcı olacak şekilde HP Ağ Denetimini başlatır - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Ağ Denetimi - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O17 - DHCP DNS 1: 192.168.0.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) OneDrive Standalone Update Task-S-1-5-21-448471279-1395905461-1062407271-1003 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: (disabled) OneDrive Standalone Update Task-S-1-5-21-448471279-1395905461-1062407271-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-448471279-1395905461-1062407271-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-448471279-1395905461-1062407271-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AdobeGCInvoker-1.0-MicrosoftAccount-******@hotmail.com - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (file missing)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: HPAudioSwitch - C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1043186433-2406092568-1447220183-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-402491081-2858193113-3572346073-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-913737145-1433743232-4147240673-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \HP\Consent Manager Launcher - C:\WINDOWS\system32\sc.exe start hptouchpointanalyticsservice
O22 - Task: \Hewlett-Packard\HP Diagnostics\ABO - C:\WINDOWS\system32\cmd.exe /c start hpdiags://ABO
O22 - Task: \Hewlett-Packard\HP Diagnostics\BCF - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BCF
O22 - Task: \Hewlett-Packard\HP Diagnostics\BHM1 - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BHM1
O22 - Task: \Hewlett-Packard\HP Diagnostics\BHM2 - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BHM2
O22 - Task: \Hewlett-Packard\HP Diagnostics\BatteryStatusError - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BatteryStatusError
O22 - Task: \Hewlett-Packard\HP Diagnostics\BatteryStatusTest - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BatteryStatusTest
O22 - Task: \Hewlett-Packard\HP Diagnostics\LaunchUI - C:\WINDOWS\system32\cmd.exe /c start hpdiags://LaunchUI
O22 - Task: \Hewlett-Packard\HP Diagnostics\ShowUI - C:\WINDOWS\system32\cmd.exe /c start hpdiags:
O22 - Task: \Hewlett-Packard\HP Diagnostics\SmartCheckError - C:\WINDOWS\system32\cmd.exe /c start hpdiags://SmartCheckError
O22 - Task: \Hewlett-Packard\HP Diagnostics\SmartCheckTest - C:\WINDOWS\system32\cmd.exe /c start hpdiags://SmartCheckTest
O22 - Task: \Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest - c:\windows\system32\schtasks.exe /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
O22 - Task: \Hewlett-Packard\HP Diagnostics\Uninstall-SmartCheckTest - c:\windows\system32\schtasks.exe /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\SmartCheckTest"
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe /send
O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service"    ;RtkServ - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0355141.inf_amd64_184968ebe3516a72\B354599\atiesrxx.exe
O23 - Service R2: HP Analytics service - (HpTouchpointAnalyticsService) - C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe
O23 - Service R2: HP Comm Recovery - (HP Comm Recover) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe -r
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R2: Sound Research SECOMN Service - (SECOMNService) - C:\WINDOWS\System32\SECOMN64.exe
O23 - Service R2: SynTPEnhService - C:\WINDOWS\System32\SynTPEnhService.exe
O23 - Service S2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe  (file missing)
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\89.0.4389.90\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe  (file missing)


--
End of file - Time spent: 8,2 sec. - 36792 bytes, CRC32: FFFFFFFF. Sign: 랹婤

Bazen Laptop Zoom da toplantıdayken ekran donuyor fare yavaşlıyor. Bilgisayarı resetlemem gerekiyor.

Bazı yerlerde E-Postam vb. bilgilerim yazıyordu onları değiştirdim sadece

@Murat5038 .
 
Bunları fixleyin:
Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [URL] = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B033E428-2862-439D-ACF1-D9EBCA9A8C66}: [URL] = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
O1 - Hosts: Reset contents to default
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O1 - Hosts: 127.0.0.1 projects
O1 - Hosts: ::1 projects
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\StartupApproved\Run: [HPSEU_Host_Launcher] = C:\System.sav\util\HpseuHostLauncher.exe (2020/10/23)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2020/10/22)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (file missing) (2021/02/17)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing) (2021/02/17)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Bağlantı sorunlarını çözmenize yardımcı olacak şekilde HP Ağ Denetimini başlatır - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Ağ Denetimi - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Bağlantı sorunlarını çözmenize yardımcı olacak şekilde HP Ağ Denetimini başlatır - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Ağ Denetimi - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) OneDrive Standalone Update Task-S-1-5-21-448471279-1395905461-1062407271-1003 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: (disabled) OneDrive Standalone Update Task-S-1-5-21-448471279-1395905461-1062407271-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-448471279-1395905461-1062407271-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-448471279-1395905461-1062407271-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AdobeGCInvoker-1.0-MicrosoftAccount-******@hotmail.com - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1043186433-2406092568-1447220183-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-402491081-2858193113-3572346073-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: OneDrive Standalone Update Task-S-1-5-21-913737145-1433743232-4147240673-500 - C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: \HP\Consent Manager Launcher - C:\WINDOWS\system32\sc.exe start hptouchpointanalyticsservice
O22 - Task: \Hewlett-Packard\HP Diagnostics\ABO - C:\WINDOWS\system32\cmd.exe /c start hpdiags://ABO
O22 - Task: \Hewlett-Packard\HP Diagnostics\BCF - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BCF
O22 - Task: \Hewlett-Packard\HP Diagnostics\BHM1 - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BHM1
O22 - Task: \Hewlett-Packard\HP Diagnostics\BHM2 - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BHM2
O22 - Task: \Hewlett-Packard\HP Diagnostics\BatteryStatusError - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BatteryStatusError
O22 - Task: \Hewlett-Packard\HP Diagnostics\BatteryStatusTest - C:\WINDOWS\system32\cmd.exe /c start hpdiags://BatteryStatusTest
O22 - Task: \Hewlett-Packard\HP Diagnostics\LaunchUI - C:\WINDOWS\system32\cmd.exe /c start hpdiags://LaunchUI
O22 - Task: \Hewlett-Packard\HP Diagnostics\ShowUI - C:\WINDOWS\system32\cmd.exe /c start hpdiags:
O22 - Task: \Hewlett-Packard\HP Diagnostics\SmartCheckError - C:\WINDOWS\system32\cmd.exe /c start hpdiags://SmartCheckError
O22 - Task: \Hewlett-Packard\HP Diagnostics\SmartCheckTest - C:\WINDOWS\system32\cmd.exe /c start hpdiags://SmartCheckTest
O22 - Task: \Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest - c:\windows\system32\schtasks.exe /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
O22 - Task: \Hewlett-Packard\HP Diagnostics\Uninstall-SmartCheckTest - c:\windows\system32\schtasks.exe /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\SmartCheckTest"
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe /send
O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Education), 10.0.19042.868 (ReleaseId: 2009), Service Pack: 0
Time:      19.03.2021 - 18:17 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Doğukan    (group: Administrator) on DOĞUKAN, FirstRun: yes

Firefox: 86.0.0.7723
Edge:    11.0.19041.844
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   2  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
   1  C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
   1  C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
   1  C:\Program Files\Acer\NitroSense Service\PSAgent.exe
   1  C:\Program Files\Acer\NitroSense Service\PSSvc.exe
   1  C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
   1  C:\Program Files\Acer\Quick Access Service\QAAgent.exe
   1  C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
   1  C:\Program Files\Acer\Quick Access Service\QASvc.exe
   1  C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.139.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
   1  C:\Users\Doğukan\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 768  C:\Windows\SysWOW64\WerFault.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxext.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSvc64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSysSvc64.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\conhost.exe
   1  C:\Windows\System32\coredpussvr.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\msiexec.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  90  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Doğukan\AppData\Local\Discord\Update.exe --processStart Discord.exe --process-start-args --start-minimized (2021/03/15)
O4 - HKCU\..\StartupApproved\Run: [GameCenter] = C:\Users\Doğukan\AppData\Local\GameCenter\GameCenter.exe -autostart (2021/03/15)
O4 - HKCU\..\StartupApproved\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background (2021/03/11)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_96BE1CDAC6D3AD098742F63C337C6B3A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window /prefetch:5 (2021/03/08)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Doğukan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/03/08)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Doğukan\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2021/03/11)
O4 - HKCU\..\StartupApproved\Run: [Steam] = D:\steam\steam.exe -silent (2021/03/10)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [WavesSvc] = C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSvc64.exe -Jack
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/03/10)
O17 - DHCP DNS 1: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13e9c331-239f-4072-8f30-08a0dd48b69e}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13e9c331-239f-4072-8f30-08a0dd48b69e}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f5c791c2-8dbb-4275-a491-8be77669b2c3}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f5c791c2-8dbb-4275-a491-8be77669b2c3}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: NitroSense - C:\Program Files\Acer\NitroSense Service\PSLauncher.exe
O22 - Task: Power Button - C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe -s
O22 - Task: Quick Access - C:\Program Files\Acer\Quick Access Service\QALauncher.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O22 - Task: Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
O22 - Task: Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
O22 - Task: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\WINDOWS\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSysSvc64.exe
O23 - Service R2: Wise Boot Assistant - (WiseBootAssistant) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
O23 - Service R3: Predator Service - (PSSvc) - C:\Program Files\Acer\NitroSense Service\PSSvc.exe
O23 - Service R3: Quick Access Service - (QASvc) - C:\Program Files\Acer\Quick Access Service\QASvc.exe
O23 - Service S2: @oem65.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service - (Intel(R) TPM Provisioning Service) - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.2 - (KSDE5.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe -r
O23 - Service S3: @oem65.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface - (Intel(R) Capability Licensing Service TCP IP Interface) - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: MRAC Service - (mracsvc) - C:\WINDOWS\System32\mracsvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Quick Access Local Service - (QALSvc) - C:\Program Files\Acer\Quick Access Service\QALSvc.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 7,9 sec. - 30724 bytes, CRC32: FFFFFFFF. Sign: 錨䦽
420645 dedi:
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Education), 10.0.19042.868 (ReleaseId: 2009), Service Pack: 0
Time:      19.03.2021 - 18:17 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Doğukan    (group: Administrator) on DOĞUKAN, FirstRun: yes

Firefox: 86.0.0.7723
Edge:    11.0.19041.844
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   2  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
   1  C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
   1  C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
   1  C:\Program Files\Acer\NitroSense Service\PSAgent.exe
   1  C:\Program Files\Acer\NitroSense Service\PSSvc.exe
   1  C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
   1  C:\Program Files\Acer\Quick Access Service\QAAgent.exe
   1  C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
   1  C:\Program Files\Acer\Quick Access Service\QASvc.exe
   1  C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.139.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
   1  C:\Users\Doğukan\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
768  C:\Windows\SysWOW64\WerFault.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxext.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSvc64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSysSvc64.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\conhost.exe
   1  C:\Windows\System32\coredpussvr.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\msiexec.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  90  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Doğukan\AppData\Local\Discord\Update.exe --processStart Discord.exe --process-start-args --start-minimized (2021/03/15)
O4 - HKCU\..\StartupApproved\Run: [GameCenter] = C:\Users\Doğukan\AppData\Local\GameCenter\GameCenter.exe -autostart (2021/03/15)
O4 - HKCU\..\StartupApproved\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background (2021/03/11)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_96BE1CDAC6D3AD098742F63C337C6B3A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window /prefetch:5 (2021/03/08)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Doğukan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/03/08)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Doğukan\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2021/03/11)
O4 - HKCU\..\StartupApproved\Run: [Steam] = D:\steam\steam.exe -silent (2021/03/10)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [WavesSvc] = C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSvc64.exe -Jack
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/03/10)
O17 - DHCP DNS 1: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13e9c331-239f-4072-8f30-08a0dd48b69e}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13e9c331-239f-4072-8f30-08a0dd48b69e}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f5c791c2-8dbb-4275-a491-8be77669b2c3}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f5c791c2-8dbb-4275-a491-8be77669b2c3}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: NitroSense - C:\Program Files\Acer\NitroSense Service\PSLauncher.exe
O22 - Task: Power Button - C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe -s
O22 - Task: Quick Access - C:\Program Files\Acer\Quick Access Service\QALauncher.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O22 - Task: Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
O22 - Task: Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
O22 - Task: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\WINDOWS\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_0772736e3b1d119b\WavesSysSvc64.exe
O23 - Service R2: Wise Boot Assistant - (WiseBootAssistant) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
O23 - Service R3: Predator Service - (PSSvc) - C:\Program Files\Acer\NitroSense Service\PSSvc.exe
O23 - Service R3: Quick Access Service - (QASvc) - C:\Program Files\Acer\Quick Access Service\QASvc.exe
O23 - Service S2: @oem65.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service - (Intel(R) TPM Provisioning Service) - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.2 - (KSDE5.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe -r
O23 - Service S3: @oem65.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface - (Intel(R) Capability Licensing Service TCP IP Interface) - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: MRAC Service - (mracsvc) - C:\WINDOWS\System32\mracsvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Quick Access Local Service - (QALSvc) - C:\Program Files\Acer\Quick Access Service\QALSvc.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 7,9 sec. - 30724 bytes, CRC32: FFFFFFFF. Sign: 錨䦽
Genişletmek için tıkla...
Önceden oyunları sorunsuz oynardım şimdi takılmaya başladı
 
Merhaba,

Kaspersky tarafından aşağıdaki mesajı aldım. Ayrıca bu mesajdan önce yaptığım taramada yüklediğim bir scripti zararlı olarak gördü. Temizledim ama bir tarama yaptırmak ve sizlerin fikrini almak istiyorum.

Sonucuna göre yapmam gerekenleri paylaşırsanız sevinirim.


Kod: 
Logfile of HiJackThis Fork (Beta) by Alex Dragokas v.2.10.0.6

Platform:  x64 Windows 10 (Home Single Language), 10.0.19042.867 (ReleaseId: 2009), Service Pack: 0
Time:      22.03.2021 - 20:05 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    SamsungPC    (group: Administrator) on DESKTOP-ERCE8AS, FirstRun: yes

Chrome:  89.0.4389.90
Edge:    11.0.19041.844
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
   1  C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
   1  C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
   1  C:\Program Files (x86)\Festo\CAD 2020\software\bin\x86\32\pupdate.exe
   1  C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
   1  C:\Program Files (x86)\MSI\Live Update\Live Update.exe
   1  C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\Autodesk\Network License Manager\adskflex.exe
   2  C:\Program Files\Autodesk\Network License Manager\lmgrd.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\KMSpico\KMSUPD.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
   1  C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.72.0_x64__8wekyb3d8bbwe\YourPhone.exe
   2  C:\SolidSQUAD_License_Servers\Bin\lmgrd.exe
   1  C:\SolidSQUAD_License_Servers\Bin\ugslmd.exe
   2  C:\SolidWorks_Flexnet_Server\lmgrd.exe
   1  C:\SolidWorks_Flexnet_Server\sw_d.exe
   7  C:\Users\SamsungPC\AppData\Local\Discord\app-0.0.309\Discord.exe
   1  C:\Users\SamsungPC\Downloads\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   5  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\pacjsworker.exe
   1  C:\Windows\System32\rundll32.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spool\drivers\x64\3\E_YATIN2E.EXE
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R1 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 0http://127.0.0.1:86/
R1-32 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [Discord] = C:\Users\SamsungPC\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIN2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L220 Series"
O4 - HKCU\..\Run: [FestoPDMupdate] = C:\Program Files (x86)\Festo\CAD 2020\software\bin\x86\32\pupdate.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\SamsungPC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/01/18)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/01/18)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Hızlı Başlangıç.lnk    ->    C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Arkaplan İndiricisi.lnk    ->    C:\Program Files (x86)\Common Files\SOLIDWORKS Kurulum Yöneticisi\BackgroundDownloading\sldBgDwld.exe /launch_from 0
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4-32 - HKLM\..\Run: [Live Update] = C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O5 - Applet: C:\Windows\System32\plotman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\System32\styleman.cpl (Sign: 'Autodesk, Inc.')
O6 - IE Policy: HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel - present
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{75859a6e-767f-4626-bde5-ba4bc70d8148}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{75859a6e-767f-4626-bde5-ba4bc70d8148}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\system32\AcSignIcon.dll
O22 - Task (.job): (Not scheduled) EPSON L220 Series Update {0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-2514127327-4206836615-1310573615-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: EPSON L220 Series Update {0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD} - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE /EXE:"{0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD}" /F:"Update"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Intel PTT EK Recertification - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: KMSpico Automatic Update Scheduler - C:\Program Files\KMSpico\KMSUPD.exe
O22 - Task: Optimize Thumbnail Cache - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe
O23 - Service R2: Autodesk FLEXnet License Server - C:\Program Files\Autodesk\Network License Manager\lmgrd.exe
O23 - Service R2: Backbone Service - (BBDemon) - C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe -service
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service R2: Foxit Reader Update Service - (FoxitReaderUpdateService) - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Remote Solver for COSMOSFloWorks 2008 - (RemoteSolverDispatcher) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe "SOFTWARE\SRAC\COSMOS_FloWorks 2019"
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service V2 - (ss_conn_service2) - C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
O23 - Service R2: SolidWorks Flexnet Server - C:\SolidWorks_Flexnet_Server\lmgrd.exe
O23 - Service R2: SSQ FLEXLM Service - C:\SolidSQUAD_License_Servers\Bin\lmgrd.exe
O23 - Service R2: SWVisualize2019.BoostService - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
O23 - Service R2: SWVisualize2019.Queue.Server - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S3: DTSInterops - (CoordinatorServiceHost) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\89.0.4389.90\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) MPI Library Hydra Process Manager - (impi_hydra) - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: SAMSUNG Mobile USB Connectivity Launcher - (ss_conn_launcher_service) - C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe
O23 - Service S3: SolidWorks Licensing Service - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 6,4 sec. - 32866 bytes, CRC32: FFFFFFFF. Sign: 䭜뾗
 
Cesar dedi:
Kaspersky tarafından aşağıdaki mesajı aldım.
Genişletmek için tıkla...
Hangi mesaj? Tespit logu nerede?
Sistemi illegal kullanıyorsunuz. Solid de aynı şekilde heralde.

Bunları fixleyin:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R1 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 0http://127.0.0.1:86/
R1-32 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIN2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L220 Series"
O4 - HKCU\..\Run: [FestoPDMupdate] = C:\Program Files (x86)\Festo\CAD 2020\software\bin\x86\32\pupdate.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\SamsungPC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/01/18)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Hızlı Başlangıç.lnk    ->    C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Arkaplan İndiricisi.lnk    ->    C:\Program Files (x86)\Common Files\SOLIDWORKS Kurulum Yöneticisi\BackgroundDownloading\sldBgDwld.exe /launch_from 0
O4-32 - HKLM\..\Run: [Live Update] = C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O22 - Task (.job): (Not scheduled) EPSON L220 Series Update {0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE
O22 - Task: EPSON L220 Series Update {0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD} - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE /EXE:"{0CD2EEFA-D8CB-4B0E-8330-6FD1CFD02BDD}" /F:"Update"
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
 
Windows orijinal olarak kullanıyorum.

Şununla kurulan şifrelenmiş bağlantı taranırken hata oluştu e1.emxdgt.com

Kaspersky'den bu hatayı veya uyarıyı sık alınca mesaj yazma gereği duydum.

Söylediğiniz satırkarı fixledikten sonra ayrıca yapmam gereken bir şey var mı
Format atmam gerekir mi ( sorunun ne olduğunu anlamadığım için soruyorum.)
 
Cesar dedi:
Şununla kurulan şifrelenmiş bağlantı taranırken hata oluştu e1.emxdgt.com
Genişletmek için tıkla...

e1.emxdgt.com virüs müdür?

Arkadaşlar ödev yaparken birden Kaspersky'den uyarı geldi. ''e1.emxdgt.com adresinde güvenli bağlantı oluştururken hata ile karşılaştık" dedi. Ayrıntılarına baktığım zaman tehdit düzeyi ciddi ve "suçlu kişiler tarafından bilgisayarınıza zarar vermek amaçlı bir kötü amaçlı yazılım" diyor, öyle...
www.technopat.net www.technopat.net
Cesar dedi:
Windows orijinal olarak kullanıyorum.
Genişletmek için tıkla...
Kullanmıyorsunuz. Ücretli kullandığınızı düşünüyorsanız bunları da fixleyin:
Kod: 
O22 - Task: KMSpico Automatic Update Scheduler - C:\Program Files\KMSpico\KMSUPD.exe
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-2514127327-4206836615-1310573615-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: Optimize Thumbnail Cache - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe

Bu klasör içini de silin yeniden başlattıktan sonra:
C:\Program Files\KMSpico
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
637
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı