HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Murat5038 dedi:
Eki Görüntüle 346215

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

Eki Görüntüle 346216

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

Eki Görüntüle 346202

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
Eki Görüntüle 346203

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

Eki Görüntüle 346206


*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Eki Görüntüle 346207
Kod'a tıklayın.

Eki Görüntüle 346208

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
Eki Görüntüle 346212
Genişletmek için tıkla...
Bilgisiyarda Performans Düşüşü var
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform:  x64 Windows 10 (Home Single Language), 10.0.19044.1826 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      28.07.2022 - 23:58 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Alomoncy    (group: Administrators) on DESKTOP-J7GHDET, FirstRun: no

Chrome:  103.0.5060.134
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
   5  C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
  23  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Users\Alomoncy\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\RtkBtManServ.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\AudioDeviceService.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0380462.inf_amd64_98be862657f36791\B378995\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0380462.inf_amd64_98be862657f36791\B378995\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
  24  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: ::1 localhost
O1 - Hosts.ICS: 127.0.0.1 localhost
O1 - Hosts.ICS: ::1 localhost
O1 - Hosts.ICS: .panel.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 www.beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 www.nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 www.memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 www.linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 realui.app
O1 - Hosts.ICS: 188.132.151.60 www.realui.app
O1 - Hosts.ICS: 188.132.151.60 status.realui.app
O1 - Hosts.ICS: 188.132.151.60 www.status.realui.app
O1 - Hosts.ICS: 188.132.151.60 kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 www.kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 www.blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 joxarea.org
O1 - Hosts.ICS: 188.132.151.60 www.joxarea.org
O1 - Hosts.ICS: 188.132.151.60 joxteam.com
O1 - Hosts.ICS: 188.132.151.60 www.joxteam.com
O1 - Hosts.ICS: 188.132.151.60 memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 exxen.support
O1 - Hosts.ICS: 188.132.151.60 www.exxen.support
O1 - Hosts.ICS: 188.132.151.60 05412.net
O1 - Hosts.ICS: 188.132.151.60 www.05412.net
O1 - Hosts.ICS: 188.132.151.60 m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 www.api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 www.blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 apathe.net
O1 - Hosts.ICS: 188.132.151.60 www.apathe.net
O1 - Hosts.ICS: 188.132.151.60 rust-script.store
O1 - Hosts.ICS: 188.132.151.60 www.rust-script.store
O1 - Hosts.ICS: 188.132.151.60 cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 www.cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 www.everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 guproth.net
O1 - Hosts.ICS: 188.132.151.60 www.guproth.net
O1 - Hosts.ICS: 188.132.151.60 guproth.com
O1 - Hosts.ICS: 188.132.151.60 www.guproth.com
O1 - Hosts.ICS: 188.132.151.60 efvrej.com
O1 - Hosts.ICS: 188.132.151.60 www.efvrej.com
O1 - Hosts.ICS: 188.132.151.60 thcheats.net
O1 - Hosts.ICS: 188.132.151.60 www.thcheats.net
O1 - Hosts.ICS: 188.132.151.60 samaritan.io
O1 - Hosts.ICS: 188.132.151.60 www.samaritan.io
O1 - Hosts.ICS: 188.132.151.60 artecheats.io
O1 - Hosts.ICS: 188.132.151.60 www.artecheats.io
O1 - Hosts.ICS: 188.132.151.60 dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 www.dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 revoarte.net
O1 - Hosts.ICS: 188.132.151.60 www.revoarte.net
O1 - Hosts.ICS: 188.132.151.60 valodll.store
O1 - Hosts.ICS: 188.132.151.60 www.valodll.store
O1 - Hosts.ICS: 188.132.151.60 keyauth.win
O1 - Hosts.ICS: 188.132.151.60 www.keyauth.win
O1 - Hosts.ICS: 188.132.151.60 atcsys.net
O1 - Hosts.ICS: 188.132.151.60 dijitaldusunceler.com
O1 - Hosts.ICS: 188.132.151.60 hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 www.hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 dekortab.com
O1 - Hosts.ICS: 188.132.151.60 www.dekortab.com
O1 - Hosts.ICS: 188.132.151.60 medipediform.com
O1 - Hosts.ICS: 188.132.151.60 www.medipediform.com
O1 - Hosts.ICS: 188.132.151.60 cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 madloader.app
O1 - Hosts.ICS: 188.132.151.60 cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 cheater.club
O1 - Hosts.ICS: 188.132.151.60 www.cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 www.madloader.app
O1 - Hosts.ICS: 188.132.151.60 www.cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 www.cheater.club
O1 - Hosts.ICS: 127.0.0.1 wecoapp.io
O1 - Hosts.ICS: 127.0.0.1 www.wecoapp.io
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_67E77601D6CD30ED4F2A33FC8EDB056E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Alomoncy\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/04/17)
O4 - HKCU\..\StartupApproved\Run: [ProtonVPN] = C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (2022/06/13)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 (2022/04/17)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (2022/04/17)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2022/04/17)
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2022/04/19)
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (Realtek HD Audio Control Panel)
O7 - TroubleShooting: (EV) HKLM\..\Environment: [PATHEXT] = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY;.PYW
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (Not scheduled) update-S-1-5-21-1222901888-4199103199-1700388345-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: BthPS3Updater - C:\Program Files\Nefarius Software Solutions\BthPS3 Bluetooth Drivers\BthPS3Updater.exe
O22 - Task: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
O22 - Task: GoogleUpdateTaskMachineCore{FE7E0A2B-87D9-44CE-B806-8B6FBB572C4E} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA{48B9C173-AA24-4BE4-8587-996D2CC821D7} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: SidebarStartup - C:\Users\Alomoncy\AppData\Local\SidebarDiagnostics\app-3.6.2\SidebarDiagnostics.exe
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: update-S-1-5-21-1222901888-4199103199-1700388345-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task: ViGEmBusUpdater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service"    ;RtkServ - (RtkBtManServ) - C:\Windows\RtkBtManServ.exe
O23 - Service R2: AMD Crash Defender Service - C:\Windows\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0380462.inf_amd64_98be862657f36791\B378995\atiesrxx.exe
O23 - Service R2: AudioDeviceService - C:\Windows\system32\AudioDeviceService.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: LMIGuardianSvc - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service R2: LogMeIn Hamachi Tunneling Engine - (Hamachi2Svc) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -s
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: EQU8_19 - C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\103.0.5060.134\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - E:\rockstar\RockstarService.exe (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe
O23 - Service S3: updater - C:\Program Files\Nefarius Software Solutions\BthPS3 Bluetooth Drivers\BthPS3Updater.exe /runservice
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: ViGEmBusUpdater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe /runservice
O23 - Service S3: Yazıcı Uzantıları ve Bildirimleri - (PrintNotify) - C:\Windows\system32\svchost.exe -k print; "ServiceDll" = C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll


--
End of file - Time spent: 9,4 sec. - 38706 bytes, CRC32: FFFFFFFF. Sign: 偦雅
 
Bunları fixleyin:
Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: ::1 localhost
O1 - Hosts.ICS: 127.0.0.1 localhost
O1 - Hosts.ICS: ::1 localhost
O1 - Hosts.ICS: .panel.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 www.beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 www.nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 www.memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 www.linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 realui.app
O1 - Hosts.ICS: 188.132.151.60 www.realui.app
O1 - Hosts.ICS: 188.132.151.60 status.realui.app
O1 - Hosts.ICS: 188.132.151.60 www.status.realui.app
O1 - Hosts.ICS: 188.132.151.60 kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 www.kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 www.blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 joxarea.org
O1 - Hosts.ICS: 188.132.151.60 www.joxarea.org
O1 - Hosts.ICS: 188.132.151.60 joxteam.com
O1 - Hosts.ICS: 188.132.151.60 www.joxteam.com
O1 - Hosts.ICS: 188.132.151.60 memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 exxen.support
O1 - Hosts.ICS: 188.132.151.60 www.exxen.support
O1 - Hosts.ICS: 188.132.151.60 05412.net
O1 - Hosts.ICS: 188.132.151.60 www.05412.net
O1 - Hosts.ICS: 188.132.151.60 m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 www.api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 www.blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 apathe.net
O1 - Hosts.ICS: 188.132.151.60 www.apathe.net
O1 - Hosts.ICS: 188.132.151.60 rust-script.store
O1 - Hosts.ICS: 188.132.151.60 www.rust-script.store
O1 - Hosts.ICS: 188.132.151.60 cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 www.cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 www.everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 guproth.net
O1 - Hosts.ICS: 188.132.151.60 www.guproth.net
O1 - Hosts.ICS: 188.132.151.60 guproth.com
O1 - Hosts.ICS: 188.132.151.60 www.guproth.com
O1 - Hosts.ICS: 188.132.151.60 efvrej.com
O1 - Hosts.ICS: 188.132.151.60 www.efvrej.com
O1 - Hosts.ICS: 188.132.151.60 thcheats.net
O1 - Hosts.ICS: 188.132.151.60 www.thcheats.net
O1 - Hosts.ICS: 188.132.151.60 samaritan.io
O1 - Hosts.ICS: 188.132.151.60 www.samaritan.io
O1 - Hosts.ICS: 188.132.151.60 artecheats.io
O1 - Hosts.ICS: 188.132.151.60 www.artecheats.io
O1 - Hosts.ICS: 188.132.151.60 dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 www.dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 revoarte.net
O1 - Hosts.ICS: 188.132.151.60 www.revoarte.net
O1 - Hosts.ICS: 188.132.151.60 valodll.store
O1 - Hosts.ICS: 188.132.151.60 www.valodll.store
O1 - Hosts.ICS: 188.132.151.60 keyauth.win
O1 - Hosts.ICS: 188.132.151.60 www.keyauth.win
O1 - Hosts.ICS: 188.132.151.60 atcsys.net
O1 - Hosts.ICS: 188.132.151.60 dijitaldusunceler.com
O1 - Hosts.ICS: 188.132.151.60 hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 www.hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 dekortab.com
O1 - Hosts.ICS: 188.132.151.60 www.dekortab.com
O1 - Hosts.ICS: 188.132.151.60 medipediform.com
O1 - Hosts.ICS: 188.132.151.60 www.medipediform.com
O1 - Hosts.ICS: 188.132.151.60 cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 madloader.app
O1 - Hosts.ICS: 188.132.151.60 cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 cheater.club
O1 - Hosts.ICS: 188.132.151.60 www.cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 www.madloader.app
O1 - Hosts.ICS: 188.132.151.60 www.cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 www.cheater.club
O1 - Hosts.ICS: 127.0.0.1 wecoapp.io
O1 - Hosts.ICS: 127.0.0.1 www.wecoapp.io
O4 - HKCU\..\StartupApproved\Run: [ProtonVPN] = C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (2022/06/13)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2022/04/17)
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2022/04/19)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: BthPS3Updater - C:\Program Files\Nefarius Software Solutions\BthPS3 Bluetooth Drivers\BthPS3Updater.exe
O22 - Task: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
O22 - Task: SidebarStartup - C:\Users\Alomoncy\AppData\Local\SidebarDiagnostics\app-3.6.2\SidebarDiagnostics.exe
O22 - Task: ViGEmBusUpdater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe
 
Selamlar.

Bilgisayarımda anlık takılma gibi problemler yok fan kullanımı geçtiğimiz 2 gündür artmaya başladı ve ben de zararlılara bağlı yüksek cpu/ram kullanımı olduğunu düşünüp Kaspersky ile virüs taraması yaptım fakat temiz çıktı. Açıkcası içim hala rahat değil. eğer yapmam/paylaşmam gereken bazı şeyler daha varsa belirtirseniz sevinirim iyi çalışmalar.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13



Platform:  x64 Windows 10 (Home Single Language), 10.0.19044.1826 (ReleaseId: 2009, 21H2), Service Pack: 0

Time:      30.07.2022 - 13:49 (UTC+03:00)

Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)

Elevated:  Yes

Ran by:    90542    (group: Administrators) on LAPTOP-HKD9V1UH, FirstRun: yes



Chrome:  103.0.5060.134

Internet Explorer: 11.0.19041.1566

Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)



Boot mode: Normal



Running processes:

Number | Path

   1  C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe

   1  C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe

   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe

   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe

   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

   1  C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe

   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

   1  C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\HP.MyHP.exe

   1  C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe

   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe

   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe

   1  C:\Users\90542\Desktop\Uygulamalar\HiJackThis.exe

   1  C:\Windows\explorer.exe

   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

   1  C:\Windows\RtkBtManServ.exe

   1  C:\Windows\servicing\TrustedInstaller.exe

   1  C:\Windows\System32\audiodg.exe

   1  C:\Windows\System32\BdeUISrv.exe

   3  C:\Windows\System32\conhost.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\ctfmon.exe

   1  C:\Windows\System32\dasHost.exe

   1  C:\Windows\System32\dllhost.exe

   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe

   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEM.exe

   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe

   1  C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\AppHelperCap.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\BridgeCommunication.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\DiagsCap.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\NetworkCap.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\SysInfoCap.exe

   1  C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe

   1  C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe

   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe

   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHDCPSvc.exe

   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHeciSvc.exe

   1  C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe

   2  C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\NVDisplay.Container.exe

   3  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe

   1  C:\Windows\System32\dwm.exe

   1  C:\Windows\System32\ETDCtrl.exe

   1  C:\Windows\System32\ETDService.exe

   2  C:\Windows\System32\fontdrvhost.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\msiexec.exe

   1  C:\Windows\System32\rundll32.exe

   2  C:\Windows\System32\RuntimeBroker.exe

   1  C:\Windows\System32\SearchFilterHost.exe

   1  C:\Windows\System32\SearchIndexer.exe

   1  C:\Windows\System32\SearchProtocolHost.exe

   1  C:\Windows\System32\SECOCL64.exe

   1  C:\Windows\System32\SECOMN64.exe

   1  C:\Windows\System32\SecurityHealthService.exe

   1  C:\Windows\System32\SecurityHealthSystray.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\sihost.exe

   1  C:\Windows\System32\smartscreen.exe

   1  C:\Windows\System32\smss.exe

   1  C:\Windows\System32\spoolsv.exe

  72  C:\Windows\System32\svchost.exe

   2  C:\Windows\System32\taskhostw.exe

   1  C:\Windows\System32\Taskmgr.exe

   1  C:\Windows\System32\wbem\unsecapp.exe

   3  C:\Windows\System32\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   2  C:\Windows\System32\WUDFHost.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe

   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe



O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll

O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll

O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2022/04/13)

O4 - HKCU\..\StartupApproved\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe (file missing) (2022/02/17)

O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/12/30)

O4 - HKLM\..\Run: [RtkAudUService] = C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe -background

O4 - HKLM\..\StartupApproved\Run32: [ExpressVPNNotificationService] = C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe (2021/12/30)

O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2022/01/07)

O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O17 - DHCP DNS 1: 192.168.1.1

O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll

O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\windows\system32\mscoree.dll

O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\windows\explorer.exe

O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\windows\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)

O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\windows\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)

O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-330310542-4217721475-3514810156-1001 - C:\windows\System32\AgentActivationRuntimeStarter.exe

O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)

O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)

O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)

O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\windows\system32\usoclient.exe StartWork (Microsoft)

O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\windows\system32\rundll32.exe C:\windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)

O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe

O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe

O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe

O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe

O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe /send

O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe

O22 - Task: \HP\Consent Manager Launcher - C:\windows\system32\sc.exe start hptouchpointanalyticsservice

O22 - Task: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)

O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

O22 - Task: HPAudioSwitch - C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe

O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade

O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe

O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler

O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

O22 - Task: OneDrive Reporting Task-S-1-5-21-330310542-4217721475-3514810156-1001 - C:\Users\90542\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

O23 - Service R2: "Realtek Bluetooth Device Manager Service"    ;RtkServ - (RtkBtManServ) - C:\windows\RtkBtManServ.exe

O23 - Service R2: ELAN Service - (ETDService) - C:\windows\System32\ETDService.exe

O23 - Service R2: ExpressVPN Service - (ExpressVPNService) - C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe

O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\GamingServices.exe

O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe

O23 - Service R2: HP Analytics service - (HpTouchpointAnalyticsService) - C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe

O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\AppHelperCap.exe

O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\DiagsCap.exe

O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\NetworkCap.exe

O23 - Service R2: HP Omen HSA Service - (HPOmenCap) - C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe

O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe

O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\SysInfoCap.exe

O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHDCPSvc.exe

O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe

O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe

O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe

O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe

O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe

O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe

O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe -r

O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"

O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe

O23 - Service R2: Sound Research SECOMN Service - (SECOMNService) - C:\windows\System32\SECOMN64.exe

O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHeciSvc.exe

O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe

O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc

O23 - Service S2: HP Comm Recovery - (HP Comm Recover) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe

O23 - Service S2: Intel(R) Audio Service - (IntelAudioService) - C:\windows\system32\cAVS\IAS\IntelAudioService.exe

O23 - Service S2: Intel(R) TPM Provisioning Service - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe

O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r

O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe

O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe

O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\103.0.5060.134\elevation_service.exe

O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe

O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\windows\System32\iaStorAfsService.exe

O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe

O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service

O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe

O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService





--

End of file - Time spent: 9,6 sec. - 38420 bytes, CRC32: FFFFFFFF. Sign: 燝�
 
joshamwerk dedi:
fan kullanımı geçtiğimiz 2 gündür artmaya başladı ve ben de zararlılara bağlı yüksek cpu/ram kullanımı olduğunu düşünüp Kaspersky ile virüs taraması yaptım fakat temiz çıktı.
Genişletmek için tıkla...
Sıcaklıkları Aida64 ile kontrol edin.
Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\StartupApproved\Run32: [ExpressVPNNotificationService] = C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe (2021/12/30)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2022/01/07)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe /send
O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
O22 - Task: \HP\Consent Manager Launcher - C:\windows\system32\sc.exe start hptouchpointanalyticsservice
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe

Gereksiz HP yazılımlarını da kaldırın.
 
Murat5038 dedi:
Bunları fixleyin:
Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: ::1 localhost
O1 - Hosts.ICS: 127.0.0.1 localhost
O1 - Hosts.ICS: ::1 localhost
O1 - Hosts.ICS: .panel.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 www.beta.leaguebotnet.com
O1 - Hosts.ICS: 188.132.151.60 nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 www.nhidepanel.site
O1 - Hosts.ICS: 188.132.151.60 ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.ui.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.org
O1 - Hosts.ICS: 188.132.151.60 memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 www.memoryhackers.net
O1 - Hosts.ICS: 188.132.151.60 memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 www.memorydownloader.net
O1 - Hosts.ICS: 188.132.151.60 realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.realitycheats.com
O1 - Hosts.ICS: 188.132.151.60 linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 www.linkisalt.net
O1 - Hosts.ICS: 188.132.151.60 realui.app
O1 - Hosts.ICS: 188.132.151.60 www.realui.app
O1 - Hosts.ICS: 188.132.151.60 status.realui.app
O1 - Hosts.ICS: 188.132.151.60 www.status.realui.app
O1 - Hosts.ICS: 188.132.151.60 kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 www.kisalt.xyz
O1 - Hosts.ICS: 188.132.151.60 blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 www.blast-hack.online
O1 - Hosts.ICS: 188.132.151.60 joxarea.org
O1 - Hosts.ICS: 188.132.151.60 www.joxarea.org
O1 - Hosts.ICS: 188.132.151.60 joxteam.com
O1 - Hosts.ICS: 188.132.151.60 www.joxteam.com
O1 - Hosts.ICS: 188.132.151.60 memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 www.memorycheats.com
O1 - Hosts.ICS: 188.132.151.60 exxen.support
O1 - Hosts.ICS: 188.132.151.60 www.exxen.support
O1 - Hosts.ICS: 188.132.151.60 05412.net
O1 - Hosts.ICS: 188.132.151.60 www.05412.net
O1 - Hosts.ICS: 188.132.151.60 m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.m2fish.com
O1 - Hosts.ICS: 188.132.151.60 www.aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 aquilapanel.ru
O1 - Hosts.ICS: 188.132.151.60 api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 www.api.botmaster.cf
O1 - Hosts.ICS: 188.132.151.60 blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 www.blogspot.l.googleusercontent.com
O1 - Hosts.ICS: 188.132.151.60 apathe.net
O1 - Hosts.ICS: 188.132.151.60 www.apathe.net
O1 - Hosts.ICS: 188.132.151.60 rust-script.store
O1 - Hosts.ICS: 188.132.151.60 www.rust-script.store
O1 - Hosts.ICS: 188.132.151.60 cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 www.cheatsturkey.net
O1 - Hosts.ICS: 188.132.151.60 eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazylogin.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 www.eazycheat.net
O1 - Hosts.ICS: 188.132.151.60 everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 www.everaim.xyz
O1 - Hosts.ICS: 188.132.151.60 guproth.net
O1 - Hosts.ICS: 188.132.151.60 www.guproth.net
O1 - Hosts.ICS: 188.132.151.60 guproth.com
O1 - Hosts.ICS: 188.132.151.60 www.guproth.com
O1 - Hosts.ICS: 188.132.151.60 efvrej.com
O1 - Hosts.ICS: 188.132.151.60 www.efvrej.com
O1 - Hosts.ICS: 188.132.151.60 thcheats.net
O1 - Hosts.ICS: 188.132.151.60 www.thcheats.net
O1 - Hosts.ICS: 188.132.151.60 samaritan.io
O1 - Hosts.ICS: 188.132.151.60 www.samaritan.io
O1 - Hosts.ICS: 188.132.151.60 artecheats.io
O1 - Hosts.ICS: 188.132.151.60 www.artecheats.io
O1 - Hosts.ICS: 188.132.151.60 dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 www.dogprobot.net
O1 - Hosts.ICS: 188.132.151.60 revoarte.net
O1 - Hosts.ICS: 188.132.151.60 www.revoarte.net
O1 - Hosts.ICS: 188.132.151.60 valodll.store
O1 - Hosts.ICS: 188.132.151.60 www.valodll.store
O1 - Hosts.ICS: 188.132.151.60 keyauth.win
O1 - Hosts.ICS: 188.132.151.60 www.keyauth.win
O1 - Hosts.ICS: 188.132.151.60 atcsys.net
O1 - Hosts.ICS: 188.132.151.60 dijitaldusunceler.com
O1 - Hosts.ICS: 188.132.151.60 hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 www.hacksturkey.com
O1 - Hosts.ICS: 188.132.151.60 dekortab.com
O1 - Hosts.ICS: 188.132.151.60 www.dekortab.com
O1 - Hosts.ICS: 188.132.151.60 medipediform.com
O1 - Hosts.ICS: 188.132.151.60 www.medipediform.com
O1 - Hosts.ICS: 188.132.151.60 cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 madloader.app
O1 - Hosts.ICS: 188.132.151.60 cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 cheater.club
O1 - Hosts.ICS: 188.132.151.60 www.cheatermad.com
O1 - Hosts.ICS: 188.132.151.60 www.madloader.app
O1 - Hosts.ICS: 188.132.151.60 www.cheater.ninja
O1 - Hosts.ICS: 188.132.151.60 www.cheater.club
O1 - Hosts.ICS: 127.0.0.1 wecoapp.io
O1 - Hosts.ICS: 127.0.0.1 www.wecoapp.io
O4 - HKCU\..\StartupApproved\Run: [ProtonVPN] = C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (2022/06/13)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2022/04/17)
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe (2022/07/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2022/04/19)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: BthPS3Updater - C:\Program Files\Nefarius Software Solutions\BthPS3 Bluetooth Drivers\BthPS3Updater.exe
O22 - Task: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
O22 - Task: SidebarStartup - C:\Users\Alomoncy\AppData\Local\SidebarDiagnostics\app-3.6.2\SidebarDiagnostics.exe
O22 - Task: ViGEmBusUpdater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe
Genişletmek için tıkla...
Hocam hata veriyor
 
Merhaba hocam sistemimde performans düşüşü yaşıyorum, ara sıra bilgisayarda donmalar meydana geliyor zararlı var diye düşünüyorum yardımcı olursanız sevinirim.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.1826 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 08.08.2022 - 21:25 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: naboa (group: Administrators) on DESKTOP-QVBMDVL, FirstRun: yes.

Internet Explorer: 11.0.19041.1566
Default: "D:\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal.

Running processes:
Number | Path.
 2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
 1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 1 C:\Users\naboa\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 1 C:\Windows\servicing\TrustedInstaller.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\dasHost.exe
 1 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\igfxCUIService.exe
 1 C:\Windows\System32\igfxHK.exe
 1 C:\Windows\System32\lsass.exe
 4 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\sppsvc.exe
 63 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe
 2 D:\Opera\89.0.4447.83\opera_autoupdate.exe
 1 D:\Opera\launcher.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex.
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner (empty)
O22 - Task: (disabled) (telemetry) NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
O22 - Task: (disabled) (telemetry) NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task: (telemetry) NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task: (telemetry) NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: Opera scheduled Autoupdate 1656408042 - D:\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: RtHDVBg_ListenToDevice - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /AECBYLISTENTOSTATUS
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /runcplsilence
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000.
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O26 - Debugger: HKLM\..\EOSnotify.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\InstallAgent.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\MusNotification.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\MusNotificationUx.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\remsh.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\SihClient.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\UpdateAssistant.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\upfc.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\UsoClient.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\WaaSMedic.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\WaasMedicAgent.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\Windows10Upgrade.exe: [Debugger] = / (file missing)
O26 - Debugger: HKLM\..\Windows10UpgraderApp.exe: [Debugger] = / (file missing)

--
End of file - Time spent: 40,7 sec. - 17666 bytes, CRC32: FFFFFFFF. Sign: 弮
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
637
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı