HijackThis Log Paylaşımı ve Çözümleri

Murat5038 · 16 Ocak 2022

Kaspersky Kullanıcısı dedi:
Bilgisayarımda kendi kendine kullanıcı hesabı açılmış ama ben açmadım. Nasıl silebilirim?

Zararlı kaynaklı değil, Framework kaynaklı silmemeniz gerekir sildiğinizde kararsızlıklara neden olabilir. Geri yükleme noktası oluşturup yine de silecekseniz Win+R userpasswords2 yazıp oradan kaldırabilirsiniz.

Solistrakya · 17 Ocak 2022

Performans düşüşü hissediyorum ama emin değilim bilgisayarım çok güçlü değil.

[CODE title="Logfile of HiJackThis"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform: x64 Windows 11 (Pro), 10.0.22000.434 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 17.01.2022 - 08:13 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: PC (group: Administrators) on DESKTOP-M7I6Q3A, FirstRun: yes.

Internet Explorer: 11.0.22000.120
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal.

Running processes:
Number | Path.
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
1 C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
1 C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
1 C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
1 C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\identity_helper.exe
8 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
7 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.62\msedgewebview2.exe
1 C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
1 C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
1 C:\Program Files (x86)\Origin\OriginWebHelperService.exe
1 C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
1 C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
1 C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Program Files\SteelSeries\GG\moments\SteelSeriesSvcLauncher.exe
1 C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
1 C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
3 C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
1 C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.38.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.2730.0_x64__8wekyb3d8bbwe\PAD.Console.Host.exe
1 C:\Program Files\WindowsApps\MicrosoftTeams_21354.200.1118.3091_x64__8wekyb3d8bbwe\msteams.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
1 C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
1 C:\Users\PC\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\AudioDeviceService.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\RtkAudUService64.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\sppsvc.exe
78 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SysWOW64\PnkBstrA.exe
1 C:\Windows\SysWOW64\vmnat.exe
1 C:\Windows\SysWOW64\vmnetdhcp.exe
2 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...38168 bytes, CRC32: FFFFFFFF. Sign: 謗玺[/CODE]

Linux Kaymak · 17 Ocak 2022

[CODE title="Hocam MBAM yaklaşık 1000 adet zararlı buldu çoğuda Adware.Elex"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform: x64 Windows 7 (Home Premium), 6.1.7601.23934, Service Pack: 1
Time: 17.01.2022 - 10:51 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: User (group: Administrators) on Akkılıbirkedi, FirstRun: yes

Chrome: 58.17.3029.81
Internet Explorer: 11.0.9600.18838
Default: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1 (Brave Browser)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
1 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
1 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
1 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
1 C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
1 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
8 C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
1 C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
1 C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
1 C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
1 C:\Program Files\P4G\BatteryLife.exe
1 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1 C:\Users\User\Downloads\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
13 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WirelessKB850NotificationService.exe
1 C:\Windows\SysWOW64\ACEngSvr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2261466 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll
O2 - HKLM\..\BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2-32 - HKLM\..\BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2-32 - HKLM\..\BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2-32 - HKLM\..\BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2-32 - HKLM\..\BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3-32 - HKLM\..\Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O4 - HKLM\..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] = C:\Windows\System32\LogiLDA.dll C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] = C:\Windows\system32\nvspcap64.dll C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKU\S-1-5-18\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'LocalSystem')
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk [backup] => C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (2016/03/07) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk [backup] => C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d (2016/03/07)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk [backup] => C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h (2016/03/07)
O4 - MSConfig\startupreg: Acrobat Assistant 8.0 [command] = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Adobe Acrobat Speed Launcher [command] = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (HKLM) (2021/03/04)
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: AmIcoSinglun64 [command] = C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: ApplePhotoStreams [command] = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: ATKMEDIA [command] = C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: ATKOSD2 [command] = C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: background_fault [command] = C:\Users\User\AppData\Local\background_fault\aswRD.exe "C:\Users\User\AppData\Local\background_fault\bf.dll",background_fault_collector (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/06/24) (file missing)
O4 - MSConfig\startupreg: Discord [command] = C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe (HKCU) (2021/03/05)
O4 - MSConfig\startupreg: ETDWare [command] = C:\Program Files\Elantech\ETDCtrl.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: HControlUser [command] = C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: iCloudDrive [command] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: iCloudPhotos [command] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: iCloudServices [command] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: iTunesHelper [command] = C:\Program Files (x86)\iTunes\iTunesHelper.exe (HKLM) (2016/03/07) (file missing)
O4 - MSConfig\startupreg: LogMeIn Hamachi Ui [command] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (HKLM) (2021/07/29) (file missing)
O4 - MSConfig\startupreg: MDS_Menu [command] = C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: msnmsgr [command] = C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background (HKCU) (2021/03/04)
O4 - MSConfig\startupreg: PDVD9LanguageShortcut [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: RemoteControl9 [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Setwallpaper [command] = c:\programdata\SetWallpaper.cmd (HKLM) (2016/03/07) (file missing)
O4 - MSConfig\startupreg: Steam [command] = C:\Program Files (x86)\Steam\steam.exe -silent (HKCU) (2021/03/04) (file missing)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2021/08/11)
O4 - MSConfig\startupreg: UpdateLBPShortCut [command] = C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdateP2GoShortCut [command] = C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePDRShortCut [command] = C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePSTShortCut [command] = C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (HKLM) (2016/03/07)
O5 - Applet: C:\Windows\System32\nvcpl.cpl (Sign: 'NVIDIA Corporation')
O5 - Applet: C:\Windows\System32\plotman.cpl (not signed)
O5 - Applet: C:\Windows\System32\RTSnMg64.cpl (Sign: 'Realtek Semiconductor Corp')
O5 - Applet: C:\Windows\System32\styleman.cpl (not signed)
O9 - Button: HKLM\..\{CCA281CA-C863-46ef-9331-5C8D4460577F}: Bluetooth'a Gönder - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Tools menu item: HKLM\..\{CCA281CA-C863-46ef-9331-5C8D4460577F}: &Bluetooth Aygıtına Gönder... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Bunu Bloga Al - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Button: HKLM\..\{CCA281CA-C863-46ef-9331-5C8D4460577F}: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Windows Live Writer içinde &Bunu Web Günlüğüne Al - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{CCA281CA-C863-46ef-9331-5C8D4460577F}: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF18E170-73EB-4EA3-AE3A-B4404542CA69}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF18E170-73EB-4EA3-AE3A-B4404542CA69}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{FF18E170-73EB-4EA3-AE3A-B4404542CA69}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{FF18E170-73EB-4EA3-AE3A-B4404542CA69}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\acaptuser64.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = acaptuser32.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\system32\AcSignIcon.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
O22 - BITS Job: (download) {859D0771-F7B2-4AF9-A38F-37A8329449F5} - http://edgedl.me.gvt1.com/edgedl/delta-update/laoigpblnllgcgjnjnllmfolckpjlhki/1.db60fc5d4ab81e28fe58d82f3ad26622c4ca4cade28e2b636068ac91ca62224d/1.35ea2e4d93c1cbeb95d5c91a8e09e07ad08fbe93517458d69889216fd793d597/04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd -> C:\Users\User\AppData\Local\Temp\chrome_BITS_3336_106670764\04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd
O22 - BITS Job: Fix all (including legit)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games (empty)
O22 - Task: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task: {290165B4-5BAF-4CDF-AB45-FC0CB1BF4EC1} - C:\Windows\system32\pcalua.exe -a "C:\Users\User_2\Desktop\Yeni klasör (2)\SETUP.EXE" -d "C:\Users\User_2\Desktop\Yeni klasör (2)"
O22 - Task: {7259A64B-10BB-430A-8C43-CE332056E8F8} - C:\Windows\system32\pcalua.exe -a "d:\program files\txgameassistant\appmarket\GF186\TUninstall.exe"
O22 - Task: ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
O22 - Task: ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
O22 - Task: ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
O22 - Task: ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
O22 - Task: BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (file missing)
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (file missing)
O22 - Task: Opera scheduled Autoupdate 1606206047 - C:\Users\User\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: BBUpdate - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
O23 - Service R2: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service R2: Bluetooth Service - (btwdins) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service R2: NVIDIA GeForce Experience Service - (GfExperienceService) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service R2: NVIDIA Network Service - (NvNetworkService) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: NVIDIA Streamer Service - (NvStreamSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service R3: NVIDIA Streamer Network Service - (NvStreamNetworkSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Device Setup Services - (DsSvc) - C:\Windows\SysWOW64\svchost.exe -k netsvc; "ServiceDll" = C:\ProgramData\Package Cache\{00C5024D-925C-4E9E-A8E6-F9B84ABE0DA0}\packages\Win81_SDK\9bcb3fab78e80d68be28892ea7ad46c3.msp:dp (file missing)
O23 - Service S2: Huwiied - C:\Windows\SysWOW64\svchost.exe -k Huwiied; "ServiceDll" = C:\Program Files (x86)\Daniph\Cluseganeringmng.dll (file missing)
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S2: Mobizen plugin - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe Files (x86)\RSUPPORT\MobizenService\MobizenService.exe (file missing)
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: FLEXnet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service S3: LightScribeService Direct Disc Labeling Service - (LightScribeService) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service S3: Windows Live Aile Koruması - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

--
End of file - Time spent: 18,9 sec. - 40682 bytes, CRC32: FFFFFFFF. Sign: 豛쉥[/CODE]
@Murat5038

Lintos · 18 Ocak 2022

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform:  x64 Windows 11 (Pro), 10.0.22000.438 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      18.01.2022 - 12:01 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Lintos    (group: Administrators) on ERDEM, FirstRun: yes

Internet Explorer: 11.0.22000.120
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Steam\steamservice.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
  24  C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.62\msedgewebview2.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21113.36.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Program Files\WindowsApps\MicrosoftTeams_21354.200.1118.3091_x64__8wekyb3d8bbwe\msteams.exe
   6  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe
   6  C:\ProgramData\Lintos\Discord\app-1.0.9003\Discord.exe
   1  C:\Users\Lintos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   3  C:\Users\Lintos\AppData\Roaming\PreMiD\PreMiD.exe
   1  C:\Users\Lintos\AppData\Roaming\uTorrent\helper\helper.exe
   2  C:\Users\Lintos\AppData\Roaming\uTorrent\updates\3.5.5_46148\utorrentie.exe
   1  C:\Users\Lintos\AppData\Roaming\uTorrent\uTorrent.exe
   1  C:\Users\Lintos\Downloads\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  68  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe

O4 - HKCU\..\Run: [Discord] = C:\ProgramData\Lintos\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_53DBC612730ADB7A1B7C8211E2A8C3C3] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Lintos\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [PreMiD] = C:\Users\Lintos\AppData\Roaming\PreMiD\PreMiD.exe --hidden
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [ut] = C:\Users\Lintos\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Startup = C:\Users\Lintos\AppData\Local\Temp\b4af406cd1\
O10 - Unknown file in Winsock LSP: C:\Windows\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (Not scheduled) bYxgmeNmPKxnvwIHJl.job - C:\Users\Lintos\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\fLxnMVc.exe (file missing)
O22 - Task (.job): (Not scheduled) update-S-1-5-21-3190068649-2190600804-1391482132-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: bYxgmeNmPKxnvwIHJl - C:\Users\Lintos\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\fLxnMVc.exe W4 /site_id 525403 /S (file missing)
O22 - Task: gSWjGcUsw - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: mjlooy.exe - C:\Users\Lintos\AppData\Local\Temp\b4af406cd1\mjlooy.exe (file missing)
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-3190068649-2190600804-1391482132-1001 - C:\Users\Lintos\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: update-S-1-5-21-3190068649-2190600804-1391482132-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\atiesrxx.exe
O23 - Service R2: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe


--
End of file - Time spent: 7,7 sec. - 21612 bytes, CRC32: FFFFFFFF. Sign: �

Sisteme korsan yazılım yükleme sonrası virüs bulaştı. Hem Malwarebytes, hem Kaspersky aracılığı ile elimden geldiğince virüslerin hepsini tespit edip silmeye kalktım. Şu an taramalara göre sistemde hiç virüs yok görünüyor fakat benim şüphelerim devam ediyor.

Ekran Kartı: RX 570 4 GB
İşlemci: R5 3500X
RAM: 2x8 GB 3000 MHz RAM
Anakart: B450M S2H

Murat5038 · 18 Ocak 2022

Solistrakya dedi:
Performans düşüşü hissediyorum ama emin değilim bilgisayarım çok güçlü değil.

Konsol kolu filan mı takıyorsunuz, Emu mu kullanıyorsunuz?

Bunları fixleyin:

Kod:

O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\PC\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/12/22)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2021/07/27)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/06/18)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2021/07/01)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/06/18)
O4 - HKLM\..\StartupApproved\Run: [XboxStat] = C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun (2021/07/01)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2021/06/24)
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2021/06/22)
O4 - HKLM\..\StartupApproved\Run32: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe (2021/07/05)
O4 - HKLM\..\StartupApproved\Run32: [KiesTrayAgent] = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (2021/07/27)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2021/06/22)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/07/05)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk -> C:\Program Files (x86)\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (2021/12/22)
O4-32 - HKLM\..\Run: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\vsocklib.dll
O22 - Task: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=PHSP --productVersion=22.4.2 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Task: MSI Task Host - Detect_Monitor - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_Monitor (file missing)
O22 - Task: MSI Task Host - DisplayID - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_DisplayID (file missing)
O22 - Task: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
O22 - Task: MSI Task Host - MSI.True Color - C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe (file missing)
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: OneDrive Reporting Task-S-1-5-21-122903957-1816147749-2946985179-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: updater - C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe

Linux Kaymak dedi:
Hocam MBAM yaklaşık 1000 adet zararlı buldu çoğuda Adware.Elex:

Adware olanlar yazılımlaırn yanında gelen reklamlar bulunanları temizleyebilirsiniz.
Bu bilgisayara neden format atılmadı 2016'dan beri işlem yapılmamış gözüküyor.
Donanımsal bakım yapılmadıysa onu da yaptırın. BIOS da güncel değildir Allah bilir

Bunları fixleyin:

Kod:

O2 - HKLM\..\BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2-32 - HKLM\..\BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O4 - HKU\S-1-5-18\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'LocalSystem')
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk [backup] => C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (2016/03/07) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk [backup] => C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d (2016/03/07)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk [backup] => C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h (2016/03/07)
O4 - MSConfig\startupreg: Acrobat Assistant 8.0 [command] = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: AmIcoSinglun64 [command] = C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: background_fault [command] = C:\Users\User\AppData\Local\background_fault\aswRD.exe "C:\Users\User\AppData\Local\background_fault\bf.dll",background_fault_collector (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/06/24) (file missing)
O4 - MSConfig\startupreg: MDS_Menu [command] = C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: PDVD9LanguageShortcut [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: RemoteControl9 [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Setwallpaper [command] = c:\programdata\SetWallpaper.cmd (HKLM) (2016/03/07) (file missing)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2021/08/11)
O4 - MSConfig\startupreg: UpdateLBPShortCut [command] = C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdateP2GoShortCut [command] = C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePDRShortCut [command] = C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePSTShortCut [command] = C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (HKLM) (2016/03/07)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\system32\AcSignIcon.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
O22 - BITS Job: (download) {859D0771-F7B2-4AF9-A38F-37A8329449F5} - http://edgedl.me.gvt1.com/edgedl/delta-update/laoigpblnllgcgjnjnllmfolckpjlhki/1.db60fc5d4ab81e28fe58d82f3ad26622c4ca4cade28e2b636068ac91ca62224d/1.35ea2e4d93c1cbeb95d5c91a8e09e07ad08fbe93517458d69889216fd793d597/04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd -> C:\Users\User\AppData\Local\Temp\chrome_BITS_3336_106670764\04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games (empty)
O22 - Task: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: {290165B4-5BAF-4CDF-AB45-FC0CB1BF4EC1} - C:\Windows\system32\pcalua.exe -a "C:\Users\User_2\Desktop\Yeni klasör (2)\SETUP.EXE" -d "C:\Users\User_2\Desktop\Yeni klasör (2)"
O22 - Task: {7259A64B-10BB-430A-8C43-CE332056E8F8} - C:\Windows\system32\pcalua.exe -a "d:\program files\txgameassistant\appmarket\GF186\TUninstall.exe"
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
O23 - Service R2: BBUpdate - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
O23 - Service R2: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service S2: Huwiied - C:\Windows\SysWOW64\svchost.exe -k Huwiied; "ServiceDll" = C:\Program Files (x86)\Daniph\Cluseganeringmng.dll (file missing)
O23 - Service S2: Mobizen plugin - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe Files (x86)\RSUPPORT\MobizenService\MobizenService.exe (file missing)

Linux Kaymak · 18 Ocak 2022

Murat5038 dedi:

Konsol kolu filan mı takıyorsunuz, emu mu kullanıyorsunuz?

Bunları fixleyin:

Kod:

O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\PC\AppData\Local\Discord\Update.exe --processStart Discord.exe (2021/12/22)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2021/07/27)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/06/18)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2021/07/01)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/06/18)
O4 - HKLM\..\StartupApproved\Run: [XboxStat] = C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun (2021/07/01)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2021/06/24)
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2021/06/22)
O4 - HKLM\..\StartupApproved\Run32: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe (2021/07/05)
O4 - HKLM\..\StartupApproved\Run32: [KiesTrayAgent] = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (2021/07/27)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2021/06/22)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/07/05)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk -> C:\Program Files (x86)\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (2021/12/22)
O4-32 - HKLM\..\Run: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\vsocklib.dll
O22 - Task: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=PHSP --productVersion=22.4.2 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Task: MSI Task Host - Detect_Monitor - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_Monitor (file missing)
O22 - Task: MSI Task Host - DisplayID - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_DisplayID (file missing)
O22 - Task: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
O22 - Task: MSI Task Host - MSI.True Color - C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe (file missing)
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: OneDrive Reporting Task-S-1-5-21-122903957-1816147749-2946985179-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: updater - C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe

Adware olanlar yazılımlaırn yanında gelen reklamlar bulunanları temizleyebilirsiniz.
Bu bilgisayara neden format atılmadı 2016'dan beri işlem yapılmamış gözüküyor.
Donanımsal bakım yapılmadıysa onu da yaptırın. BIOS da güncel değildir Allah bilir

Bunları fixleyin:

Kod:

O2 - HKLM\..\BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2-32 - HKLM\..\BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O4 - HKU\S-1-5-18\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'LocalSystem')
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk [backup] => C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (2016/03/07) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk [backup] => C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d (2016/03/07)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk [backup] => C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h (2016/03/07)
O4 - MSConfig\startupreg: Acrobat Assistant 8.0 [command] = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: AmIcoSinglun64 [command] = C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: background_fault [command] = C:\Users\User\AppData\Local\background_fault\aswRD.exe "C:\Users\User\AppData\Local\background_fault\bf.dll",background_fault_collector (HKCU) (2021/05/14)
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/06/24) (file missing)
O4 - MSConfig\startupreg: MDS_Menu [command] = C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: PDVD9LanguageShortcut [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: RemoteControl9 [command] = C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: Setwallpaper [command] = c:\programdata\SetWallpaper.cmd (HKLM) (2016/03/07) (file missing)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2021/08/11)
O4 - MSConfig\startupreg: UpdateLBPShortCut [command] = C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdateP2GoShortCut [command] = C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePDRShortCut [command] = C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" (HKLM) (2016/03/07)
O4 - MSConfig\startupreg: UpdatePSTShortCut [command] = C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (HKLM) (2016/03/07)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\system32\AcSignIcon.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
O22 - BITS Job: (download) {859D0771-F7B2-4AF9-A38F-37A8329449F5} - http://edgedl.me.gvt1.com/edgedl/delta-update/laoigpblnllgcgjnjnllmfolckpjlhki/1.db60fc5d4ab81e28fe58d82f3ad26622c4ca4cade28e2b636068ac91ca62224d/1.35ea2e4d93c1cbeb95d5c91a8e09e07ad08fbe93517458d69889216fd793d597/04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd -> C:\Users\User\AppData\Local\Temp\chrome_BITS_3336_106670764\04f7ceb90285e8e394094d0ce4f62280555299ef13922752b7a02a1cfea82bc7.crxd
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games (empty)
O22 - Task: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: {290165B4-5BAF-4CDF-AB45-FC0CB1BF4EC1} - C:\Windows\system32\pcalua.exe -a "C:\Users\User_2\Desktop\Yeni klasör (2)\SETUP.EXE" -d "C:\Users\User_2\Desktop\Yeni klasör (2)"
O22 - Task: {7259A64B-10BB-430A-8C43-CE332056E8F8} - C:\Windows\system32\pcalua.exe -a "d:\program files\txgameassistant\appmarket\GF186\TUninstall.exe"
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
O23 - Service R2: BBUpdate - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
O23 - Service R2: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service S2: Huwiied - C:\Windows\SysWOW64\svchost.exe -k Huwiied; "ServiceDll" = C:\Program Files (x86)\Daniph\Cluseganeringmng.dll (file missing)
O23 - Service S2: Mobizen plugin - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe Files (x86)\RSUPPORT\MobizenService\MobizenService.exe (file missing)

Çok sağ olun hocam, evde buldum zaten.

Murat5038 · 18 Ocak 2022

Lintos dedi:
Sisteme korsan yazılım yükleme sonrası virüs bulaştı. Hem Malwarebytes, hem Kaspersky aracılığı ile elimden geldiğince virüslerin hepsini tespit edip silmeye kalktım. Şu an taramalara göre sistemde hiç virüs yok görünüyor fakat benim şüphelerim devam ediyor.

Bunları fixleyin:

Kod:

O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Startup = C:\Users\Lintos\AppData\Local\Temp\b4af406cd1\
O10 - Unknown file in Winsock LSP: C:\Windows\system32\nlansp_c.dll
O22 - Task (.job): (Not scheduled) bYxgmeNmPKxnvwIHJl.job - C:\Users\Lintos\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\fLxnMVc.exe (file missing)
O22 - Task: bYxgmeNmPKxnvwIHJl - C:\Users\Lintos\AppData\Local\Temp\xEOjRzFzELfOqmUYL\tCCPvaqDlavRIBp\fLxnMVc.exe W4 /site_id 525403 /S (file missing)
O22 - Task: gSWjGcUsw - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==
O22 - Task: mjlooy.exe - C:\Users\Lintos\AppData\Local\Temp\b4af406cd1\mjlooy.exe (file missing)
O22 - Task: OneDrive Reporting Task-S-1-5-21-3190068649-2190600804-1391482132-1001 - C:\Users\Lintos\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

Solistrakya · 18 Ocak 2022

Evet scp tool kit ile PS3 kolu kullanıyorum.

StormAngel1 · 28 Ocak 2022

[CODE title="Performans düşüklüğü"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform: x64 Windows 8.1 (Home Single Language), 6.3.9600.20246, Service Pack: 0
Time: 26.01.2022 - 12:01 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: PC (group: Administrators) on STORMANGEL, FirstRun: no

Chrome: 97.0.4692.99
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
14 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Windows Defender\MpCmdRun.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\Ekrem\Downloads\HiJackThis.exe
2 C:\Windows\explorer.exe
1 C:\Windows\System32\AudioDeviceService.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SkyDrive.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
13 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WWAHost.exe
1 E:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?ocid=iehp
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Ekrem\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/01/17)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Ekrem\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2022/01/22)
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MSASCuiL.exe (file missing)
O4 - HKLM\..\StartupApproved\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized (2022/01/17)
O4 - HKLM\..\StartupApproved\Run32: [Rampage Gaming Headset] = C:\Program Files (x86)\Rampage Gaming Headset\Rampage Gaming Headset.exe -boot (2022/01/17)
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O17 - DHCP DNS 1: 192.168.1.1
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) (user missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\CompatTelRunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll

--
End of file - Time spent: 6,5 sec. - 14314 bytes, CRC32: FFFFFFFF. Sign: ㆭ茅[/CODE]

StormAngel1 dedi:
[CODE title="Performans düşüklüğü"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform: x64 Windows 8.1 (Home Single Language), 6.3.9600.20246, Service Pack: 0
Time: 26.01.2022 - 12:01 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: PC (group: Administrators) on STORMANGEL, FirstRun: no

Chrome: 97.0.4692.99
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
14 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Windows Defender\MpCmdRun.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\Ekrem\Downloads\HiJackThis.exe
2 C:\Windows\explorer.exe
1 C:\Windows\System32\AudioDeviceService.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SkyDrive.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
13 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WWAHost.exe
1 E:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?ocid=iehp
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Ekrem\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/01/17)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Ekrem\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2022/01/22)
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MSASCuiL.exe (file missing)
O4 - HKLM\..\StartupApproved\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized (2022/01/17)
O4 - HKLM\..\StartupApproved\Run32: [Rampage Gaming Headset] = C:\Program Files (x86)\Rampage Gaming Headset\Rampage Gaming Headset.exe -boot (2022/01/17)
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O17 - DHCP DNS 1: 192.168.1.1
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) (user missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\CompatTelRunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll

--
End of file - Time spent: 6,5 sec. - 14314 bytes, CRC32: FFFFFFFF. Sign: ㆭ茅[/CODE]

Performans düşüklüğü var, 8.1 kullanıyorum. Görev yöneticisine girdiğimde cpu tavan oluyor. Yardımcı olursanız sevinirim.

acv · 28 Ocak 2022

Bunları fixleyip rehberde yazılanları uygulayın. Görev yöneticisine girildiğinde anlık CPU artışı olması normaldir.

Kod:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/tr-tr/?ocid=iehp
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Ekrem\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/01/17)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Ekrem\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2022/01/22)
O4 - HKLM\..\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MSASCuiL.exe (file missing)
O4 - HKLM\..\StartupApproved\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized (2022/01/17)
O4 - HKLM\..\StartupApproved\Run32: [Rampage Gaming Headset] = C:\Program Files (x86)\Rampage Gaming Headset\Rampage Gaming Headset.exe -boot (2022/01/17)
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) (user missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\CompatTelRunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll

Temel Sistem Bakım ve Performans Optimizasyonu Yönergesi

Merhabalar, Çoğu Technopat üyelerimizin de sıkıntı çektiği sistem yavaşlığı ve aralıklı donmalarla maruz kalanlar ve maruz kalmamak isteyenler için temel düzeyde bir yönerge hazırladım. Bu yönergedeki adımlar sonucunda bilgisiyarınızdaki gereksiz süprüntü dosyalar ve adware tarzındaki...

www.technopat.net

HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

Murat5038

Yottapat!

Solistrakya

Hectopat

Linux Kaymak

Hectopat

Lintos

Megapat

Murat5038

Yottapat!

Linux Kaymak

Hectopat

Murat5038

Yottapat!

Solistrakya

Hectopat

StormAngel1

Decapat

acv

Megapat

Temel Sistem Bakım ve Performans Optimizasyonu Yönergesi

Benzer konular

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz