HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
[CODE title="bilgisayarımda virus şüphesindeyim"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Pro), 10.0.19044.1415 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 24.12.2021 - 17:54 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Mehmet Ali Vatan (group: Administrators) on MW, FirstRun: yes

Chrome: 96.0.4664.110
Internet Explorer: 11.789.19041.0
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\IObit\Driver Booster\8.3.0\Scheduler.exe
1 C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
14 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21111.123.0_x64__8wekyb3d8bbwe\YourPhone.exe
4 C:\Users\Mehmet Ali Vatan\AppData\Local\Programs\Opera GX\81.0.4196.61\opera_autoupdate.exe
2 C:\Users\Mehmet Ali Vatan\AppData\Local\Programs\Opera GX\launcher.exe
1 C:\Users\Mehmet Ali Vatan\AppData\Roaming\Telegram Desktop\Telegram.exe
1 C:\Users\Mehmet Ali Vatan\Downloads\Programs\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
74 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...27098 bytes, CRC32: FFFFFFFF. Sign: 按뮞[/CODE]
 
Malies dedi:
Bilgisayarımda virus şüphesindeyim.
Genişletmek için tıkla...
Zararlı olarak belirgin yok ancak istenmeyen yazılımlar var. O istenmeyen yazılımları kullananlara bakmıyorum normalde. Format atıp sürücü bulucu İOBİT yazılımları vb. kullanmayın. Avira sistem iyileştirme yazılımını kurmayın.
 
Murat5038 dedi:
Eki Görüntüle 346215

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

Eki Görüntüle 346216

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

Eki Görüntüle 346202

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
Eki Görüntüle 346203

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

Eki Görüntüle 346206


*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Eki Görüntüle 346207
Kod'a tıklayın.

Eki Görüntüle 346208

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
Eki Görüntüle 346212
Genişletmek için tıkla...
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform:  x64 Windows 10 (Pro), 10.0.19043.1415 (ReleaseId: 2009, 21H1), Service Pack: 0
Time:      26.12.2021 - 17:01 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    percy    (group: Administrators) on DESKTOP-I6QQ69K, FirstRun: no

Chrome:  96.0.4664.93
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  15  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21111.123.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
   1  C:\Users\percy\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\bitsadmin.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  80  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\dllhost.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKCU\..\StartupApproved\Run: [com.squirrel.Teams.Teams] = C:\Users\percy\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" (2021/11/25)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\percy\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/12/16)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\percy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/12/14)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/12/14)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2021/12/16)
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background (2021/12/24)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2021/12/24)
O4 - HKLM\..\StartupApproved\Run32: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (2021/12/16)
O17 - DHCP DNS 1: 192.168.30.223
O17 - DHCP DNS 2: 192.168.30.8
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Reporting Task-S-1-5-21-559131013-3136940072-3681618654-1001 - C:\Users\percy\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: Opera scheduled Autoupdate 1639036706 - C:\Users\percy\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service S2: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\IntelCpHeciSvc.exe (file missing)


--
End of file - Time spent: 20,8 sec. - 16658 bytes, CRC32: FFFFFFFF. Sign: 牮ᗽ






Malware varlığı şüphesi olduğu için paylaşıyorum teşekkür ederim şimdiden.
 
Konu linki:

Bilgisayarıma zararlı bulaştı

Bilgisayarıma USB'mi takmamla zararlı bulaşması bir oldu. KTS harici disk taraması çalıştı. USB belleğimde iki zararlı buldu, karantinaya alındığını belirtti. Ancak zararlı bilgisayarıma da bulaştı. Google Chrome anasayfamı değiştirdi. Masaüstü arkaplanımı değiştirdi. Sorularınızı bekliyorum...
www.technopat.net www.technopat.net
Kaspersky Kullanıcısı dedi:
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 8.1 (Home Single Language), 6.3.9600.20018, Service Pack: 0
Time:      22.12.2021 - 17:38 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Casper    (group: Administrator) on CASPERNIRVANA, FirstRun: yes

Chrome:  96.0.4664.93
Firefox: 88.0.1.7794
Internet Explorer: 11.0.9600.20016
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
   1  C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
   1  C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
   1  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Portrait Displays\AOC G-Menu\CTHelper.exe
   1  C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe
   1  C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe
   1  C:\Users\Casper\Desktop\HiJackThis.exe
   1  C:\Windows\SysWOW64\dllhost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\CorsairGamingAudioCfgService64.exe
   1  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spool\drivers\x64\3\E_YATISME.EXE
   1  C:\Windows\System32\spoolsv.exe
  12  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\taskhostex.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe

O1 - Hosts: is empty
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\BHO\ie_to_edge_bho.dll
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\Casper\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE /EPT "EPLTarget\P0000000000000000" /M "L4160 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE /EPT "EPLTarget\P0000000000000001" /M "L4160 Series"
O4 - HKCU\..\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Casper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2020/11/13)
O4 - HKLM\..\Run: [DisplayTune.exe] = C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe startup_folder
O4 - HKLM\..\StartupApproved\Run32: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (2020/11/13)
O4 - HKLM\..\StartupApproved\Run: [EPPCCMON] = C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (2020/11/13)
O4 - HKLM\..\StartupApproved\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 (2019/02/05)
O4 - HKU\.DEFAULT\..\Run: [Bomgar_Cleanup_ZD13664032657071] = C:\Windows\system32\cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x61a77a82" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD13664032657071 /f
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{221EFBC8-178E-405D-9BE9-03E4FCBD007F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{221EFBC8-178E-405D-9BE9-03E4FCBD007F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task (.job): (Ready) EPSON L4160 Series Update {099B5A8D-DE71-453A-9929-002298C096B6}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE /EXE:"{099B5A8D-DE71-453A-9929-002298C096B6}" /F:"Update"
O22 - Task (.job): (Ready) update-S-1-5-21-145828315-310934734-1855277650-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Ready) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AOC G-MenuAOC G-Menu Service by Portrait Displays - (AOCDTAOCGMenuService) - C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe
O23 - Service R2: Corsair Gaming Audio Configuration Service - (CorsairGamingAudioConfig) - C:\Windows\System32\CorsairGamingAudioCfgService64.exe
O23 - Service R2: Corsair LLA Service - (CorsairLLAService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: EpsonCustomerResearchParticipation - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Password Manager Service - (kpm_launch_service) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe  (file missing)
O23 - Service S2: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S3: Chrome Uzaktan Masaüstü Hizmeti - (chromoting) - C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe
O23 - Service S3: MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\elevation_service.exe
O23 - Service S3: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe


--
End of file - Time spent: 27,5 sec. - 21558 bytes, CRC32: FFFFFFFF. Sign: 化
Genişletmek için tıkla...
Zararlı şüphesi. Anormal yükselen kaynak kullanımı var. Durduk yere CPU ve sabit disk kullanımı yükseldi. İncelemenizi ve dönüş yapmanızı rica ederim. Raporu zaten paylaşmıştım.
@Murat5038 Sayın Murat bey.
 
zorlanıyorum dedi:
Malware varlığı şüphesi olduğu için paylaşıyorum teşekkür ederim şimdiden.
Genişletmek için tıkla...
Zararlıya dair bir şey gözükmüyor. Sadece temiz önyükelme yapın yeterli performansda bir sorun varsa. İntel sürücü bulucu ve Onedrive kaldırın.
Kaspersky Kullanıcısı dedi:
Zararlı şüphesi. Anormal yükselen kaynak kullanımı var. Durduk yere CPU ve sabit disk kullanımı yükseldi. İncelemenizi ve dönüş yapmanızı rica ederim. Raporu zaten paylaşmıştım.
Genişletmek için tıkla...
Bunları fixleyin:
Kod: 
O1 - Hosts: is empty
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE /EPT "EPLTarget\P0000000000000000" /M "L4160 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE /EPT "EPLTarget\P0000000000000001" /M "L4160 Series"
O4 - HKCU\..\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Casper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2020/11/13)
O4 - HKLM\..\Run: [DisplayTune.exe] = C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe startup_folder
O4 - HKLM\..\StartupApproved\Run32: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (2020/11/13)
O4 - HKLM\..\StartupApproved\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 (2019/02/05)
O4 - HKU\.DEFAULT\..\Run: [Bomgar_Cleanup_ZD13664032657071] = C:\Windows\system32\cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x61a77a82" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD13664032657071 /f
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O22 - Task (.job): (Ready) EPSON L4160 Series Update {099B5A8D-DE71-453A-9929-002298C096B6}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE /EXE:"{099B5A8D-DE71-453A-9929-002298C096B6}" /F:"Update"
 
Son düzenleme:
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 8.1 (Home Single Language), 6.3.9600.20207, Service Pack: 0
Time:      03.01.2022 - 16:42 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Casper    (group: Administrator) on CASPERNIRVANA, FirstRun: no

Chrome:  96.0.4664.110
Firefox: 88.0.1.7794
Internet Explorer: 11.0.9600.20139
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
   1  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe
   1  C:\Users\Casper\Desktop\HiJackThis.exe
   1  C:\Windows\System32\CorsairGamingAudioCfgService64.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  12  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskeng.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\taskhostex.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe

O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\Casper\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKLM\..\StartupApproved\Run: [EPPCCMON] = C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (2020/11/13)
O17 - HKLM\System\CCS\Services\Tcpip\..\{221EFBC8-178E-405D-9BE9-03E4FCBD007F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{221EFBC8-178E-405D-9BE9-03E4FCBD007F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task (.job): (Ready) update-S-1-5-21-145828315-310934734-1855277650-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Ready) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AOC G-MenuAOC G-Menu Service by Portrait Displays - (AOCDTAOCGMenuService) - C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe
O23 - Service R2: Corsair Gaming Audio Configuration Service - (CorsairGamingAudioConfig) - C:\Windows\System32\CorsairGamingAudioCfgService64.exe
O23 - Service R2: Corsair LLA Service - (CorsairLLAService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: EpsonCustomerResearchParticipation - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Password Manager Service - (kpm_launch_service) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe  (file missing)
O23 - Service S2: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S3: Chrome Uzaktan Masaüstü Hizmeti - (chromoting) - C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.81\elevation_service.exe
O23 - Service S3: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe


--
End of file - Time spent: 16 sec. - 16918 bytes, CRC32: FFFFFFFF. Sign: 긪튌

Tarama yaptım ancak sorrun sürüyor.
 
[CODE title="Merhaba Murat Bey:"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x32 Windows 8.1 (Pro), 6.3.9600.20207, Service Pack: 0
Time: 07.01.2022 - 16:21 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Kedy (group: Administrators) on Kedy, FirstRun: yes

Chrome: 97.0.4692.71
Firefox: 93.0.0.7940
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files\Google\Update\GoogleUpdate.exe
1 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
1 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
1 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
1 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
1 C:\Program Files\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files\Mem Reduct\memreduct.exe
9 C:\Program Files\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Users\Ozan Aydın\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
12 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WirelessKB850NotificationService.exe
1 C:\Windows\System32\WUDFHost.exe

O2 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Ozan Aydın\AppData\Local\Discord\Update.exe --processStart Discord.exe (file missing) (2021/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Ozan Aydın\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Crack.lnk -> C:\Users\Ozan Aydın\Desktop\Crack (2021/09/04)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Ozan Aydın\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GTA IV crack.lnk -> C:\Users\OZANAY~1\AppData\Local\Temp\RarSFX0\GTA IV Crack (2021/09/04)
O4 - HKLM\..\Run: [QlbCtrl.exe] = C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\StartupApproved\Run: [Classic Start Menu] = C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun (2021/11/16)
O4 - HKLM\..\StartupApproved\Run: [Intel Driver & Support Assistant] = C:\Program Files\Intel\Driver and Support Assistant\DSATray.exe (2021/10/17)
O4 - Startup: C:\Users\Ozan Aydın\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System32 (folder)
O9 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O22 - BITS Job: (download) {E40004E4-E177-4362-B093-72578E32A016} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/czka5fc33qq67ao7g67evi5jte_9.32.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.32.0_all_hkbbg5yepfmg4tn57zz6rpfdiy.crx3 -> C:\Users\OZANAY~1\AppData\Local\Temp\chrome_BITS_4364_1323952862\gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.32.0_all_hkbbg5yepfmg4tn57zz6rpfdiy.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) (user missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\CompatTelRunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: \Microsoft\VisualStudio\Updates\BackgroundDownload - C:\Program Files\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (Microsoft)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: Opera scheduled Autoupdate 1635673487 - C:\Users\Ozan Aydın\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service R3: Com4QLBEx - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service R3: hpqwmiex - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service S2: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdate) - (edgeupdate) - C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Microsoft Edge Güncelleştirmesi Hizmeti (edgeupdatem) - (edgeupdatem) - C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 23,7 sec. - 16610 bytes, CRC32: FFFFFFFF. Sign: 꼾ꤲ[/CODE]
Hocam bir sıkıntı yok değil mi?
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.14

Platform:  x64 Windows 10 (Pro), 10.0.19044.1379 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      08.01.2022 - 05:15 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    engin    (group: Administrators) on ENGIN, FirstRun: yes

Chrome:  97.0.4692.71
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
  15  C:\Program Files\Google\Chrome\Application\chrome.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   3  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   1  C:\Windows\System32\notepad.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
  20  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
   1  F:\Desktop\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 ars.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 az361816.vo.msecnd.net
O1 - Hosts: 0.0.0.0 az512334.vo.msecnd.net
O1 - Hosts: 0.0.0.0 blob.weather.microsoft.com
O1 - Hosts: 0.0.0.0 candycrushsoda.king.com
O1 - Hosts: 0.0.0.0 cdn.content.prod.cms.msn.com
O1 - Hosts: 0.0.0.0 cdn.onenote.net
O1 - Hosts: 0.0.0.0 choice.microsoft.com
O1 - Hosts: 0.0.0.0 choice.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 client.wns.windows.com
O1 - Hosts: 0.0.0.0 client-s.gateway.messenger.live.com
O1 - Hosts: 0.0.0.0 clientconfig.passport.net
O1 - Hosts: 0.0.0.0 deploy.static.akamaitechnologies.com
O1 - Hosts: 0.0.0.0 device.auth.xboxlive.com
O1 - Hosts: 0.0.0.0 dmd.metaservices.microsoft.com
O1 - Hosts: 0.0.0.0 dns.msftncsi.com
O1 - Hosts: 0.0.0.0 feedback.microsoft-hohm.com
O1 - Hosts: 0.0.0.0 feedback.search.microsoft.com
O1 - Hosts: 0.0.0.0 feedback.windows.com
O1 - Hosts: 0.0.0.0 img-s-msn-com.akamaized.net
O1 - Hosts: 0.0.0.0 insiderppe.cloudapp.net
O1 - Hosts: 0.0.0.0 licensing.mp.microsoft.com
O1 - Hosts: 0.0.0.0 mediaredirect.microsoft.com
O1 - Hosts: 0.0.0.0 msftncsi.com
O1 - Hosts: 0.0.0.0 officeclient.microsoft.com
O1 - Hosts: 0.0.0.0 oneclient.sfx.ms
O1 - Hosts: 0.0.0.0 pti.store.microsoft.com
O1 - Hosts: 0.0.0.0 query.prod.cms.rt.microsoft.com
O1 - Hosts: 0.0.0.0 register.cdpcs.microsoft.com
O1 - Hosts: 0.0.0.0 s0.2mdn.net
O1 - Hosts: 0.0.0.0 sO.2mdn.net
O1 - Hosts: 0.0.0.0 search.msn.com
O1 - Hosts: 0.0.0.0 settings-ssl.xboxlive.com
O1 - Hosts: 0.0.0.0 static.2mdn.net
O1 - Hosts: 0.0.0.0 store-images.s-microsoft.com
O1 - Hosts: 0.0.0.0 storeedgefd.dsx.mp.microsoft.com
O1 - Hosts: 0.0.0.0 support.microsoft.com
O1 - Hosts: 0.0.0.0 tile-service.weather.microsoft.com
O1 - Hosts: 0.0.0.0 time.windows.com
O1 - Hosts: 0.0.0.0 tk2.plt.msn.com
O1 - Hosts: 0.0.0.0 urs.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 wdcp.microsoft.com
O1 - Hosts: 0.0.0.0 wdcpalt.microsoft.com
O1 - Hosts: 0.0.0.0 win10-trt.msedge.net
O1 - Hosts: 0.0.0.0 wscont.apps.microsoft.com
O1 - Hosts: 0.0.0.0 www.msftconnecttest.com
O1 - Hosts: 0.0.0.0 www.msftncsi.com
O1 - Hosts: 0.0.0.0 a-0001.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 a-0002.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0003.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0004.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0005.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0006.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0007.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0008.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0009.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0010.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0011.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0012.a-msedge.net
O1 - Hosts: 0.0.0.0 a-msedge.net
O1 - Hosts: 0.0.0.0 a.ads1.msn.com
O1 - Hosts: 0.0.0.0 a.ads2.msads.net
O1 - Hosts: 0.0.0.0 a.ads2.msn.com
O1 - Hosts: 0.0.0.0 a.rad.msn.com
O1 - Hosts: 0.0.0.0 ac3.msn.com
O1 - Hosts: 0.0.0.0 activity.windows.com
O1 - Hosts: 0.0.0.0 adnexus.net
O1 - Hosts: 0.0.0.0 adnxs.com
O1 - Hosts: 0.0.0.0 ads.msn.com
O1 - Hosts: 0.0.0.0 ads1.msads.net
O1 - Hosts: 0.0.0.0 ads1.msn.com
O1 - Hosts: 0.0.0.0 aidps.atdmt.com
O1 - Hosts: 0.0.0.0 aka-cdn-ns.adtech.de
O1 - Hosts: 0.0.0.0 array101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array102-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array103-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array104-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array202-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array203-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array204-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array402-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array403-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array404-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array405-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array406-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array407-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array408-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 b.ads1.msn.com
O1 - Hosts: 0.0.0.0 b.ads2.msads.net
O1 - Hosts: 0.0.0.0 b.rad.msn.com
O1 - Hosts: 0.0.0.0 bingads.microsoft.com
O1 - Hosts: 0.0.0.0 bl3301-a.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-c.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-g.1drv.com
O1 - Hosts: 0.0.0.0 bn1304-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-a.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-g.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn3p-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor003.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor004.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2wns1.wns.windows.com
O1 - Hosts: 0.0.0.0 bn3sch020022328.wns.windows.com
O1 - Hosts: 0.0.0.0 by3301-a.1drv.com
O1 - Hosts: 0.0.0.0 by3301-c.1drv.com
O1 - Hosts: 0.0.0.0 by3301-e.1drv.com
O1 - Hosts: 0.0.0.0 bs.serving-sys.com
O1 - Hosts: 0.0.0.0 c.atdmt.com
O1 - Hosts: 0.0.0.0 c.msn.com
O1 - Hosts: 0.0.0.0 c-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 ca.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 cache.datamart.windows.com
O1 - Hosts: 0.0.0.0 cdn.atdmt.com
O1 - Hosts: 0.0.0.0 cds1204.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds1293.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds20417.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20431.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20450.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20457.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20475.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds21244.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds26.ams9.msecn.net
O1 - Hosts: 0.0.0.0 cds425.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds459.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds494.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds965.lon.llnw.net
O1 - Hosts: 0.0.0.0 ch1-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch1-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-e.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-g.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-e.1drv.com
O1 - Hosts: 0.0.0.0 compatexchange.cloudapp.net
O1 - Hosts: 0.0.0.0 compatexchange1.trafficmanager.net
O1 - Hosts: 0.0.0.0 continuum.dds.microsoft.com
O1 - Hosts: 0.0.0.0 corp.sts.microsoft.com
O1 - Hosts: 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
O1 - Hosts: 0.0.0.0 cp101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cs1.wpc.v0cdn.net
O1 - Hosts: 0.0.0.0 db3aqu.atdmt.com
O1 - Hosts: 0.0.0.0 db3wns2011111.wns.windows.com
O1 - Hosts: 0.0.0.0 db5.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100127.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100831.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100917.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100925.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100928.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100938.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101001.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101022.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101024.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101031.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101034.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101042.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101044.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101123.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101125.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101128.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101129.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101133.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101145.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101209.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101221.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101228.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101231.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101237.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101317.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101324.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101329.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101333.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101334.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101338.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101424.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101426.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101427.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101430.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101445.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101511.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101519.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101529.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101535.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101541.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101543.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101608.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101629.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101631.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101633.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101640.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101711.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101722.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101739.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101745.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101813.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101820.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101826.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101837.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101844.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101907.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101914.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101929.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101939.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101941.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102015.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102017.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102019.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102023.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102025.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102032.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102033.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110108.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110109.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110114.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110135.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110142.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110204.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110206.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110214.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110225.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110232.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110245.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110315.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110323.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110325.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110328.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110331.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110341.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110343.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110345.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110403.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110438.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110442.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110501.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110527.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110533.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110622.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110624.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110626.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110634.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110705.wns.window
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2022/01/08)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/01/08)
O4 - HKU\S-1-5-18\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'Network service')
O6 - IE Policy: HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-18\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-19\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-20\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = F:\downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4} = F:\saved games
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Desktop = F:\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Personal = F:\documents
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = F:\downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = F:\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = F:\documents
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O17 - DHCP DNS 1: 192.168.1.1
O17 - DHCP DNS 2: 192.168.68.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattelrunner.exe (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - (no file)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - (no file)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O26 - Debugger: HKLM\..\CompatTelRunner.exe: [Debugger] = C:\Windows\System32\taskkill.exe (Microsoft)


--
End of file - Time spent: 4,7 sec. - 47904 bytes, CRC32: FFFFFFFF. Sign: 沁
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
639
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı