HijackThis Log Paylaşımı ve Çözümleri

Murat5038 dedi:

Virüstotal.

Tekrar taratıp kod içine aldıklarımı fixleyeceksiniz. Rehberi okursanız anlarsınız.

Genişletmek için tıkla...

Peki tekrar taratmak için 3 dakika falan bekleyecek miyim?

insann dedi:

Peki tekrar taratmak için 3 dakika falan bekleyecek miyim?

Genişletmek için tıkla...

Ne kadar sürmüştü bilemem. Tarama sonrası fix çıktığı iç.in evet o şekilde yapmanız lazım.

kaan vercetti dedi:

Fixledikten sonra pcyi ilk reslediğimde google reklam olayı olmadı fakat bir süre sonra cmd ekranı çıktı yeniden, sonrasında tekrardan reslediğimde yine reklam çıktı. İsterseniz tekrardan logları atabilirim.

Genişletmek için tıkla...

Hocam buralarda mısınız?

[CODE title="Merhaba Hocam.Pc açılışı yavaşladı ve oyun performansında düşüklük var."]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.1387 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 05.12.2021 - 10:36 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Oğuzhan (group: Administrators) on OĞUZHAN, FirstRun: yes

Chrome: 96.0.4664.45
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AnyDesk\AnyDesk.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
1 C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
1 C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
1 C:\Program Files\Acer\Acer Quick Access\QASvc.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21102.134.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
1 C:\Users\Oğuzhan\Downloads\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\AdminService.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxext.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe59c8bd61484b0\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
73 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SysWOW64\dllhost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=511&clid=2256396
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\c9d51418-2c0b-11ec-8785-3065ec8ddff7: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=ru&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\c9d51418-2c0b-11ec-8785-3065ec8ddff7: = https://yandex.com.tr/search/?wi...38820 bytes, CRC32: FFFFFFFF. Sign: ꮔ䍲[/CODE]

Detroo dedi:

Merhaba Hocam. PC açılışı yavaşladı ve oyun performansında düşüklük var.

Genişletmek için tıkla...

Bunları fixleyin:

Murat5038 dedi:

Bunları fixleyin:

Kod:Panoya kopyala

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=511&clid=2256396
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\c9d51418-2c0b-11ec-8785-3065ec8ddff7: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=ru&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\c9d51418-2c0b-11ec-8785-3065ec8ddff7: [URL] = https://yandex.com.tr/search/?win=511&clid=2256397&text={searchTerms} - Yandex
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Oğuzhan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/09/28)
O4 - HKCU\..\StartupApproved\Run: [Smarter Battery] = C:\Program Files (x86)\bbezal.com\Smarter Battery\SmarterBattery.exe (file missing) (2021/11/19)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/10/02)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk    ->    C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2021/11/30)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Microsoft Excel'e &Ver: (default) = C:\Program Files\Microsoft Office\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\OneNote'a G&önder: (default) = C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll (file missing)
O22 - BITS Job: (download) {54792545-91B5-4FF3-A2D2-1AA06E1458AA} - https://soft.export.yandex.ru/status.xml?stat=dayuse&bitness=64&brandID=tb-custo&browser_bitness=32&build=custo&clid=2091900&client_id=17764974439736194989&df=1&distr_yandexuid=&eid=RCI.1%3Baab1.200%3Babt.4%3Bacd.35%3Bacib.42%3Bacm.10%3Balp.1%3Bals.208%3Bappcon.22%3Barot4.2%3Baypg.421590%3Bbarnq.15%3Bblncn.200%3Bbmode.501%3Bbntpd.4%3Bbsum.5%3Bcms.2%3Bcont.33%3Bcpa.1%3Bcus.5%3Bdelay.100%3Bdgc.3%3Bdisil.1%3Bdplnk.77%3Befr.44%3Betbhcf.2%3Bexth.5%3Bflute.126%3Bfpd.15%3Bfshp.115%3Bfsy.1%3Bgst.1%3Bhddinf.3%3Bhpb.6%3Bicapi.31%3Bl2020.3%3Bmcp.105%3Bmidw.6%3Bmrd3.2%3Bmrgbkm.200%3Bmssng.13%3Bmtgsp.51%3Bn2020.747474%3Bnaps.6%3Bndb.10%3Bnewf.32%3Bnewsca.51%3Bnfsy.4%3Bnotes.19%3Bnothrb.14%3Bnsbl.4%3Bnspfa.100%3Bnsu.200%3Bntprtm.201%3Bnvth.115%3Bnzsv.1%3Bpcb.20%3Bpi3.10%3Bpmc.203%3Brapt.10%3Brnc.5%3Bsal.102%3Bscnik1.355%3Bscp.43%3Bsfi.1005%3Bsnrs.1%3Bspo1.14%3Bsrprompt.1%3Bstt.15%3Bszl.700%3Bt2021.409115%3Btabm.16%3Bte1.8%3Btrboff.5%3Btrdo1.3%3Btrim.23%3Btrt.404461%3Btrust.10%3Bumatrl.83%3Burlntp.3%3Bvitr.22%3Bvrec1.1%3Bx64exp.10%3Bytp1.501%3Bytp2.120%3Bzzab.10%3Bzzenv.1%3Bzzmrd3.1000%3Bzzrd.101%3Bzzvf.2%3Binst_date.1633608658&install_type=0&installed=21.9.0.1052&ld=0&machine_id=eb824faa143c5a1d3586023311552242&os=win10&partner_id=pseudoportal-tr&pok=1&searchbandapp=0&stats_send_status=1&sv=0&ud=0&ui=cebea0c7-afe0-43be-b661-66460ba9e89d&user_agent=Mozilla%2F5.0+(Windows+NT+10.0%3B+WOW64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F93.0.4577.82+YaBrowser%2F21.9.0.1052+Yowser%2F2.5+Safari%2F537.36&ver=21.9.0.1052&win_version=10.0.19043&yandexuid=194073841632746883&yasoft=yabrowser -> C:\Users\OUZHAN~1\AppData\Local\Temp\Yandex_Browser_BITS_11836_128265179\response - 'C:\Users\Oзuzhan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe' '"C:\Users\Oзuzhan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={54792545-91B5-4FF3-A2D2-1AA06E1458AA}'
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (Not scheduled) Yandex Browser güncellemesi.job - C:\Users\Oğuzhan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
O22 - Task (.job): update-S-1-5-21-1962056360-3799831756-65825789-1005.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1962056360-3799831756-65825789-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt application on login if service is up - C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe IF_SERVICE
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt application when hardware is detected - C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe RUN_YOURSELF
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe ConditionalServiceStart
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt service when hardware is detected - C:\WINDOWS\system32\sc.exe start ThunderboltService
O22 - Task: ACC - C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto
O22 - Task: ACCAgent - C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe
O22 - Task: ACCBackgroundApplication - C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: Power Button - C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe -s
O22 - Task: Quick Access - C:\Program Files\Acer\Acer Quick Access\QALauncher.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O22 - Task: TB3 FW Upgrade Part2 - C:\Users\oguzh\Downloads\Firmware_Intel_15_A_A\part2.bat (file missing)
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O22 - Task: Yandex Browser güncellemesi - C:\Users\Oğuzhan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service
O23 - Service R2: AzureAttestService - C:\WINDOWS\system32\svchost.exe -k AzureAttestService; "ServiceDll" = C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll
O23 - Service R2: Intel SST Parameter Service - (IntelSSTSvc) - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe

Genişletmek için tıkla...

[CODE title="."]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.1387 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 08.12.2021 - 16:34 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Oğuzhan (group: Administrators) on OĞUZHAN, FirstRun: yes

Chrome: 96.0.4664.45
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21102.134.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
1 C:\Users\Oğuzhan\Downloads\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\AdminService.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe59c8bd61484b0\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\rundll32.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
68 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SysWOW64\dllhost.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/11/08)
O4 - HKLM\..\StartupApproved\Run32: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (2021/10/13)
O4 - HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY')
O4 - HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQLSERVER')
O7 - TroubleShooting: (EV) HKLM\..\Environment: [PSModulePath] = %ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\PowerShell\Modules\
O17 - DHCP DNS 1: 192.168.1.1
O22 - BITS Job: (download) {928D3C1B-4DF0-45A5-807F-81CE73BE115F} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adayfqvzr3okagxbuhispzcgskma_94.273.200/gkmgaooipdjhmangpemjhigmamcehddo_94.273.200_win64_hhvd6eergw26wjqewg4mqzlutm.crx3 -> C:\Users\OUZHAN~1\AppData\Local\Temp\chrome_BITS_2856_1737190768\gkmgaooipdjhmangpemjhigmamcehddo_94.273.200_win64_hhvd6eergw26wjqewg4mqzlutm.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (file missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Agent Activation Runtime (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt (empty)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Opera scheduled Autoupdate 1636657670 - C:\Users\Oğuzhan\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (file missing)
O23 - Service R2: AtherosSvc - C:\WINDOWS\system32\AdminService.exe
O23 - Service R2: Dolby DAX2 API Service - (DAX2API) - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe59c8bd61484b0\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b57dd282df3da3bb\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: SQL Server (MSSQLSERVER) - (MSSQLSERVER) - C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER
O23 - Service R2: SQL Server CEIP service (MSSQLSERVER) - (SQLTELEMETRY) - C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe -Service
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_85d87bcc880290a5\IntelCpHeciSvc.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (file missing)
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Quick Access Local Service - (QALSvc) - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service S3: Quick Access Service - (QASvc) - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service S3: SQL Server Agent (MSSQLSERVER) - (SQLSERVERAGENT) - C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE -i MSSQLSERVER
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Thunderbolt(TM) Service - (ThunderboltService) - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe (file missing)


--
End of file - Time spent: 14,6 sec. - 22684 bytes, CRC32: FFFFFFFF. Sign: 鯳紕[/CODE]

Hocam bu ayarları taradığımda gözükmedi. Gözükmediği için fixleyemedim.

O4 - HKCU\..\StartupApproved\Run: [Smarter Battery] = C:\Program Files (x86)\bbezal.com\Smarter Battery\SmarterBattery.exe (file missing) (2021/11/19)

O22 - Task: TB3 FW Upgrade Part2 - C:\Users\oguzh\Downloads\Firmware_Intel_15_A_A\part2.bat (file missing)

Fix aşamasında uyarı verdi.



Tekrar bakmak isterseniz diye güncel log yükledim.

Detroo dedi:

Tekrar bakmak isterseniz diye güncel log yükledim.

Genişletmek için tıkla...

Tamam sorun yok sadece internet servisinde sorun çıkartmış. Şu an durum nedir biraz düzelme var mı?

Çoğu olmuş şunları tekrar fixleyin:

Murat5038 dedi:

Tamam sorun yok sadece internet servisinde sorun çıkartmış. Şu an durum nedir biraz düzelme var mı?

Çoğu olmuş şunları tekrar fixleyin:

Kod:Panoya kopyala

O22 - BITS Job: (download) {928D3C1B-4DF0-45A5-807F-81CE73BE115F} - http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adayfqvzr3okagxbuhispzcgskma_94.273.200/gkmgaooipdjhmangpemjhigmamcehddo_94.273.200_win64_hhvd6eergw26wjqewg4mqzlutm.crx3 -> C:\Users\OUZHAN~1\AppData\Local\Temp\chrome_BITS_2856_1737190768\gkmgaooipdjhmangpemjhigmamcehddo_94.273.200_win64_hhvd6eergw26wjqewg4mqzlutm.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (file missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Agent Activation Runtime (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt (empty)
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr[/COD
[/QUOTE]

Genişletmek için tıkla...

Hocam açılışta değişiklik olmadı.Yavaş açılmıyor ama eskisine göre yavaşlamıştı.Oyunda fps drop oldu bir ara pc kapatıp açtım düzeldi.Yani yaptığımızın + bir etkisi olmadı şu ana kadar.Bu kodlardan baktığınızda herhangi bir sorun gözükmüyorsa sorun yok benim için.Teşekkür ederim.

Murat5038 dedi:

Eki Görüntüle 346215

Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...

www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

Eki Görüntüle 346216

4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

Eki Görüntüle 346202

5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
Eki Görüntüle 346203

6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

Eki Görüntüle 346206


*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

Eki Görüntüle 346207
Kod'a tıklayın.

Eki Görüntüle 346208

Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
Eki Görüntüle 346212​

Genişletmek için tıkla...

Merhabalar, kolay gelsin. Malware şüphem olduğu için yazıyorum. İnceleyebilirmisiniz.
[CODE title="Hijack this tarama"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Pro), 10.0.19042.1348 (ReleaseId: 2009, 20H2), Service Pack: 0
Time: 09.12.2021 - 21:11 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: bserd (group: Administrators) on DESKTOP-KLSUGT1, FirstRun: yes

Chrome: 96.0.4664.93
Internet Explorer: 11.0.19041.1202
Default: "C:\Users\bserd\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AnyDesk\AnyDesk.exe
14 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
1 C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
1 C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
1 C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
1 C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
1 C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
1 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\AvLaunch.exe
1 C:\Program Files\Avast Software\Avast\setup\instup.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
1 C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
1 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
7 C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe
1 C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
1 C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
2 C:\Program Files\TUBITAK\BILGEM\SmartCardServiceClient\SmartCardServiceClient.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21111.120.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Users\bserd\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
1 C:\Users\bserd\AppData\Roaming\uTorrent\helper\helper.exe
2 C:\Users\bserd\AppData\Roaming\uTorrent\updates\3.5.5_46096\utorrentie.exe
1 C:\Users\bserd\AppData\Roaming\uTorrent\uTorrent.exe
1 C:\Users\bserd\Desktop\HiJackThis (1).exe
1 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
10 C:\Windows\System32\conhost.exe
1 C:\Windows\System32\CorsairGamingAudioCfgService64.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\dolbyaposvc\DAX3API.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f531ad14c8555346\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f531ad14c8555346\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_72971c728a2fc377\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bb614eb89871cffc\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bb614eb89871cffc\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\ICEsoundService64.exe
1 C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\PnkBstrA.exe
1 C:\Windows\System32\PrintIsolationHost.exe
1 C:\Windows\System32\rundll32.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\sppsvc.exe
78 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SysWOW64\lkads.exe
1 C:\Windows\SysWOW64\lktsrv.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1310_none_7e15ec207c87d405\TiWorker.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?pc=UE01&ocid=UE01DHP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll
O4 - HKCU\..\Run: [BingWallpaperApp] = C:\Users\bserd\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
O4 - HKCU\..\Run: [CyberGhost] = C:\Program Files\CyberGhost 6\CyberGhost.exe /autostart /min (file missing)
O4 - HKCU\..\Run: [ut] = C:\Users\bserd\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/02/16)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2019/12/19)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/06/11)
O4 - HKCU\..\StartupApproved\Run: [Lync] = C:\Program Files\Microsoft Office\root\Office16\lync.exe /fromrunkey (file missing) (2021/05/09)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = c:\users\bserd\appdata\local\programs\opera\assistant\browser_assistant.exe (2020/03/04)
O4 - HKCU\..\StartupApproved\Run: [Reverso] = C:\Users\bserd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reverso\Reverso.appref-ms -minimized (2021/05/09)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\bserd\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2021/06/11)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\bserd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xilinx Information Center.lnk -> C:\Xilinx\xic\xic.exe -c -t (2021/05/09)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [CDAServer] = C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [CORSAIR iCUE 4 Software] = C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe --autorun
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RtHDVBg_TrueHarmony] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /TRUEHARMONY
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (2020/05/19)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/02/15)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2021/05/09)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O4 - HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'lkClassAds')
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O7 - Policy: HKCU\..\Policies\Explorer\DisallowRun: [1] = irsetup.exe (disabled)
O7 - TroubleShooting: (EV) HKLM\..\Environment: [PATHEXT] = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY;.PYW
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll (file missing)
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3156c91b-c97c-4827-9b9b-b6bc5becda2f}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3156c91b-c97c-4827-9b9b-b6bc5becda2f}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6229ef3-1013-4ebe-b3ad-b77becb375a8}: [NameServer] = 10.136.82.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{d76cf6c6-95f8-402e-9069-3ee91d30ff92}: [NameServer] = 10.136.82.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dab9fdda-bdb3-4ce8-8a06-b22b0a4aab7b}: [NameServer] = 10.136.82.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\WINDOWS\system32\mscoree.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\x86\ashShell.dll
O22 - BITS Job: (download) {2B889464-45EC-44C3-ABB6-EED340B095C0} - https://outlook.office365.com/OAB/e9f05585-ab02-4e1a-88e2-36a7e8fcb267/00030000-d390-25b2-0000-000000000000/oab.xml -> C:\Users\bserd\AppData\Local\Microsoft\Outlook\oab3.xml
O22 - BITS Job: (download) {71E6179E-7745-4B9A-8EB4-D7F601A1E56E} - https://outlook.office365.com/OAB/e9f05585-ab02-4e1a-88e2-36a7e8fcb267/00030000-d390-25b2-0000-000000000000/oab.xml -> C:\Users\bserd\AppData\Local\Microsoft\Outlook\oab3.xml
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task (.job): MATLAB R2020a Startup Accelerator.job - C:\Program Files\MATLAB\R2020a\bin\win64\MATLABStartupAccelerator.exe
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster Scheduler" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster SkipUAC (bserd)" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceCheckTask" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceStartupTask" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Opera scheduled Autoupdate 1624740052" /ENABLE (user missing)
O22 - Task: (damaged) (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\RTKCPL" /ENABLE (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED28604-6893-4D09-BE60-93D52484DF0D} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED28604-6893-4D09-BE60-93D52484DF0D} (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Remover (empty)
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3781521256-1724414912-3299357730-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster Scheduler" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Driver Booster SkipUAC (bserd)" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceCheckTask" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\NIUpdateServiceStartupTask" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\Opera scheduled Autoupdate 1624740052" /ENABLE
O22 - Task: (disabled) \Avast Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\RTKCPL" /ENABLE
O22 - Task: (disabled) \CareCenter\RtHDVBg_TrueHarmony_Reg_HKLMRun - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /TRUEHARMONY
O22 - Task: (disabled) \CareCenter\RTHDVCPL_Reg_HKLMRun - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O22 - Task: (disabled) \CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: (disabled) CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: (disabled) IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: (disabled) IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: (disabled) MATLAB R2020a Startup Accelerator - C:\Program Files\MATLAB\R2020a\bin\win64\MATLABStartupAccelerator.exe
O22 - Task: (disabled) NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: (disabled) NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: (disabled) NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: (disabled) NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: (disabled) NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) Opera scheduled assistant Autoupdate 1624740058 - c:\users\bserd\appdata\local\programs\opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="c:\users\bserd\appdata\local\programs\opera\assistant" $(Arg0)
O22 - Task: (disabled) Opera scheduled Autoupdate 1612818135 - c:\users\bserd\appdata\local\programs\opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: (disabled) USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \CareCenter\CardOS API.lnk_FolderCommonAppdata - C:\Program Files\Siemens\CardOS API\bin\siecacst.exe (file missing)
O22 - Task: \CareCenter\SACMonitor_Reg_HKLMRun - C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe
O22 - Task: Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (file missing)
O22 - Task: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: Driver Booster SkipUAC (bserd) - C:\Program Files (x86)\Driver Booster\DriverBooster.exe /skipuac
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: NIUpdateServiceCheckTask - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task
O22 - Task: NIUpdateServiceStartupTask - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -startupTask
O22 - Task: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe
O22 - Task: Opera scheduled Autoupdate 1624740052 - C:\Users\bserd\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /runcplsilence
O23 - Service R2: @oem49.inf,%SERVICE_NAME%;Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Corsair Gaming Audio Configuration Service - (CorsairGamingAudioConfig) - C:\Windows\System32\CorsairGamingAudioCfgService64.exe
O23 - Service R2: Corsair LLA Service - (CorsairLLAService) - C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
O23 - Service R2: Corsair MSI Plugin Service - (CorsairMsiPluginService) - C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
O23 - Service R2: ICEsound Service - (ICEsoundService) - C:\WINDOWS\system32\ICEsoundService64.exe
O23 - Service R2: Intel SST Parameter Service - (IntelSSTSvc) - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bb614eb89871cffc\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_72971c728a2fc377\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f531ad14c8555346\igfxCUIService.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service R2: NI Authentication Service - (niauth) - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe -start
O23 - Service R2: NI Domain Service - (NIDomainService) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service R2: NI mDNS Responder Service - (nimDNSResponder) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service R2: NI Network Discovery - (NINetworkDiscovery) - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
O23 - Service R2: NI PSP Service Locator - (lkClassAds) - C:\WINDOWS\SysWOW64\lkads.exe
O23 - Service R2: NI Service Locator - (NiSvcLoc) - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe -s
O23 - Service R2: NI Time Synchronization - (lkTimeSync) - C:\WINDOWS\SysWOW64\lktsrv.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_30e446a72214201b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: SACSrv - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
O23 - Service R2: SmartCardServiceClient - C:\Program Files\TUBITAK\BILGEM\SmartCardServiceClient\SmartCardServiceClient.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bb614eb89871cffc\IntelCpHeciSvc.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S2: Avast Browser Güncelleme Hizmeti (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc (file missing)
O23 - Service S2: CyberGhost 7 Service - (CG7Service) - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (file missing)
O23 - Service S2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service S2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Avast Browser Güncelleme Hizmeti (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc (file missing)
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe
O23 - Service S3: OpcEnum - C:\WINDOWS\SysWOW64\Opcenum.exe
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini"
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe


--
End of file - Time spent: 27,1 sec. - 68574 bytes, CRC32: FFFFFFFF. Sign: 켖�[/CODE]

sadogndgd dedi:

Merhabalar, kolay gelsin. Malware şüphem olduğu için yazıyorum. İnceleyebilirmisiniz.

Genişletmek için tıkla...

Zararlı tam olarak olmasa da şüpheliler var ve geresiz olabilecekler var bunları fixleyin:

Sürücü bulucu ve önerilmeyen yazılımlar kullanıyorsunuz.