HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Sorun yok, bunları fixleyin.

Kod: 
O4 - HKLM\..\Run: [CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0] = C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0\setuplauncher.exe /run:Installer.exe /args:"/setup-folder:"CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0"" (file missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (damaged) AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1 (file missing)
O22 - Task: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (file missing)
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
 
acv dedi:
Sorun yok, bunları fixleyin.

Kod: 
O4 - HKLM\..\Run: [CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0] = C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0\setuplauncher.exe /run:Installer.exe /args:"/setup-folder:"CL-26-899D33DE-2D2B-4822-B3E0-7420E796AEB0"" (file missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (damaged) AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1 (file missing)
O22 - Task: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (file missing)
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
Genişletmek için tıkla...
peki teşekkürler
 
alperenkocak dedi:
Başlangıçta çalışan setuplauncher ve birkaç uygulama var, Kaspersky kullanıyorum ama güvenemedim. Yardımcı olursanız sevinirim:
Genişletmek için tıkla...
Sorun başlangıçta açılan setup ise bitdefender kurmaya çalışmışssın bunun bir artığı. Kaspersky'a güvenmeme sebebi nedir? Zararlı olarak bir sorunuz yok.
 
Murat5038 dedi:
Sorun başlangıçta açılan setup ise bitdefender kurmaya çalışmışssın bunun bir artığı. Kaspersky'a güvenmeme sebebi nedir? Zararlı olarak bir sorunuz yok.
Murat5038 dedi:
Sorun başlangıçta açılan setup ise bitdefender kurmaya çalışmışssın bunun bir artığı. Kaspersky'a güvenmeme sebebi nedir? Zararlı olarak bir sorunuz yok.
Genişletmek için tıkla...
Genişletmek için tıkla...
bitdefender kullanıyordum önceden ondan olabilir doğru . 3.parti yazılım indirmem gerekti birkaç tane o yüzden setup u görünce başlangıçta şüphelendim . Teşekkürler yardımınız için
 
[CODE title="kod"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.17

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.1586 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 11.04.2022 - 19:30 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: duran (group: Administrators) on DELL-7577, FirstRun: yes.

Chrome: 100.0.4896.75
Firefox: 99.0.0.8124
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal.

Running processes:
Number | Path.
1 C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe
1 C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
1 C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
1 C:\Program Files (x86)\GlassWire\GWIdlMon.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\plugins_nms.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\Origin\OriginWebHelperService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
1 C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
1 C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
1 C:\Program Files\Dell\DellDataVault\nvapiw.exe
1 C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
1 C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
14 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
1 C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft OneDrive\OneDrive.exe
5 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
2 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
1 C:\Program Files\Softdeluxe\Free Download Manager\wenativehost.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.243.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Users\duran.DELL-7577\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\cmd.exe
7 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_f39cc816a9a90f96\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\Intel\DPTF\dptf_helper.exe
1 C:\Windows\System32\Intel\DPTF\esif_uf.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\PnkBstrA.exe
1 C:\Windows\System32\rundll32.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
88 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
3 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\dllhost.exe

O1 - Hosts: 127.0.0.1 localhos.
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\duran.DELL-7577\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [NetLimiter] = C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe /minimized
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (2022/04/11)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtHDVBg_PushButton] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /IM
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [WavesSvc] = C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe -Jack
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/06/19)
O4 - HKLM\..\StartupApproved\Run32: [TeamsMachineInstaller] = C:\Program Files\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (file missing) (2021/09/07)
O4 - HKU\S-1-5-18\..\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (User 'LocalSystem')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5565ef95-a067-4909-8854-b7e2d08dc725}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5565ef95-a067-4909-8854-b7e2d08dc725}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - BITS Job: (download) {6E2B95CF-6A26-4B6E-9E44-49D49FD57AD4} - https://download-installer.cdn.mozilla.net/pub/firefox/releases/99.0/update/win64/tr/firefox-98.0.2-99.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1905615856-3302235518-2247645125-1017 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt application on login if service is up - C:\Program Files (x86)\Intel\Thunderbolt Software\ConditionalAppStarter.exe
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up - C:\Program Files (x86)\Intel\Thunderbolt Software\ConditionalAppStarter.exe
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt application when hardware is detected - C:\Program Files (x86)\Intel\Thunderbolt Software\ConditionalAppStarter.exe
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe ConditionalServiceStart
O22 - Task: \Intel\Thunderbolt\Start Thunderbolt service when hardware is detected - C:\Windows\system32\sc.exe start ThunderboltService.
O22 - Task: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Task: \Microsoft\Office\Office Serviceability Manager - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe /checkin (Microsoft)
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate.
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe AutoUpdate.
O22 - Task: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler.
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe
O22 - Task: OneDrive Reporting Task-S-1-5-21-1905615856-3302235518-2247645125-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-1905615856-3302235518-2247645125-1002 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-1905615856-3302235518-2247645125-1015 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-1905615856-3302235518-2247645125-1017 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: throttlestop - C:\Throttlestop\ThrottleStop.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: CoolerMaster MasterPlus Technology Service - (MPService) - C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe
O23 - Service R2: Dell Client Management Service - (DellClientManagementService) - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
O23 - Service R2: Dell Data Vault Collector - (DDVDataCollector) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service R2: Dell Data Vault Processor - (DDVRulesProcessor) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service R2: Dell Data Vault Service API - (DDVCollectorSvcApi) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service R2: Dell Hardware Support - C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
O23 - Service R2: Dell SupportAssist - (SupportAssistAgent) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: GlassWire Control Service - (GlassWire) - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Platform and Thermal Framework service - (esifsvc) - C:\Windows\System32\Intel\DPTF\esif_uf.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NetLimiter 4 Service - (nlsvc) - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_f39cc816a9a90f96\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_f39cc816a9a90f96\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S2: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start (file missing)
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
O23 - Service S2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Dell Command | Power Manager Notify - (dcpm-notify) - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: EQU8_19 - C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe
O23 - Service S3: EQU8_39 - C:\ProgramData\EQU8\KovaaK's\bin\anticheat.x64.equ8.exe
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\22.055.0313.0001\FileSyncHelper.exe
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\100.0.4896.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\22.055.0313.0001\OneDriveUpdaterService.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Thunderbolt(TM) Service - (ThunderboltService) - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Visual Studio Standard Collector Service - (VSStandardCollectorService140) - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe (file missing)
O25 - WMI Event: DellCommandPowerManagerAlertEventConsumer - DellCommandPowerManagerAlertEventFilter - Event="BIOSEvent", Const EVENT_USER_MESSAGE = &H12¶ Function ZeroPaddedHex(number, padding)¶ ZeroPaddedHex = ""¶ If padding > 0 Then¶ For i = padding-1 To 0 Step -1¶ If number < 16^i Then¶ ZeroPaddedHex = ZeroPaddedHex & "0"¶ Else¶ ZeroPaddedHex = ZeroPaddedHex & Hex(number)¶ Exit For¶ End If¶ Next¶ End If¶ End Functi(1416 bytes)
O25 - WMI Event: DellCommandPowerManagerPolicyChangeEventConsumer - DellCommandPowerManagerPolicyChangeEventFilter - Event="RegistryKeyChangeEvent WHERE Hive = 'HKEY_LOCAL_MACHINE' AND KeyPath = 'SOFTWARE\\Policies\\Dell\\CommandPowerManager' ", Set shell = CreateObject("WScript.Shell")¶ On Error Resume Next¶ installpath = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Dell\CommandPowerManager\InstallPath")¶ If Err.Number <> 0 Then¶ On Error Goto 0¶ progfiles = shell.ExpandEnvironmentStrings("%ProgramFiles%")¶ shell.Run """" & progfiles & "\De(634 bytes)

--
End of file - Time spent: 12,8 sec. - 51630 bytes, CRC32: FFFFFFFF. Sign: Ⅻ訒[/CODE]

RAT trojan ve keylogger gibi şeylerden şüpheliyim.
KRD KIS MBAM ile tarama yaptım fakat bir şey bulamadılar bir de siz bakar mısınız?
Birde tempte .ses catalog.json gibi dosyalar oluyor bazen.
Adobe programı kullanmıyorum.
Ve java çalıştığında tempte bazı dosyalar oluşuyor.
Kodu ekledikten sonra düzenle yaptım bunun yüzünden kodda bazı yerler bozulmuş olabilirmi yeniden ekliyimmi?
 
Son düzenleme:
Zararlı görünmüyor.
Thunderbolt kullanmıyorsanız kaldırın, Dell SupportAssist, Intel(R) Driver & Support Assistant kaldırın.

Bunları fixleyin:
Kod: 
O1 - Hosts: 127.0.0.1 localhos.
O4 - HKCU\..\Run: [NetLimiter] = C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe /minimized
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (2022/04/11)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/06/19)
O4 - HKLM\..\StartupApproved\Run32: [TeamsMachineInstaller] = C:\Program Files\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (file missing) (2021/09/07)
O4 - HKU\S-1-5-18\..\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (User 'LocalSystem')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O22 - BITS Job: (download) {6E2B95CF-6A26-4B6E-9E44-49D49FD57AD4} - https://download-installer.cdn.mozilla.net/pub/firefox/releases/99.0/update/win64/tr/firefox-98.0.2-99.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate.
O22 - Task: Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe AutoUpdate.
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: throttlestop - C:\Throttlestop\ThrottleStop.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: CoolerMaster MasterPlus Technology Service - (MPService) - C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe
O23 - Service S3: EQU8_19 - C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe
O23 - Service S3: EQU8_39 - C:\ProgramData\EQU8\KovaaK's\bin\anticheat.x64.equ8.exe
O25 - WMI Event: DellCommandPowerManagerAlertEventConsumer - DellCommandPowerManagerAlertEventFilter - Event="BIOSEvent", Const EVENT_USER_MESSAGE = &H12¶ Function ZeroPaddedHex(number, padding)¶ ZeroPaddedHex = ""¶ If padding > 0 Then¶ For i = padding-1 To 0 Step -1¶ If number < 16^i Then¶ ZeroPaddedHex = ZeroPaddedHex & "0"¶ Else¶ ZeroPaddedHex = ZeroPaddedHex & Hex(number)¶ Exit For¶ End If¶ Next¶ End If¶ End Functi(1416 bytes)
O25 - WMI Event: DellCommandPowerManagerPolicyChangeEventConsumer - DellCommandPowerManagerPolicyChangeEventFilter - Event="RegistryKeyChangeEvent WHERE Hive = 'HKEY_LOCAL_MACHINE' AND KeyPath = 'SOFTWARE\\Policies\\Dell\\CommandPowerManager' ", Set shell = CreateObject("WScript.Shell")¶ On Error Resume Next¶ installpath = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Dell\CommandPowerManager\InstallPath")¶ If Err.Number <> 0 Then¶ On Error Goto 0¶ progfiles = shell.ExpandEnvironmentStrings("%ProgramFiles%")¶ shell.Run """" & progfiles & "\De(634 bytes)
 
Murat5038 dedi:
Zararlı görünmüyor.
Thunderbolt kullanmıyorsanız kaldırın, Dell supportassist, Intel(r) driver & Support assistant kaldırın.

Bunları fixleyin:
Kod: 
O1 - Hosts: 127.0.0.1 localhos.
O4 - HKCU\..\Run: [NetLimiter] = C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe /minimized
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (2022/04/11)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2021/06/19)
O4 - HKLM\..\StartupApproved\Run32: [TeamsMachineInstaller] = C:\Program Files\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (file missing) (2021/09/07)
O4 - HKU\S-1-5-18\..\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (User 'LocalSystem')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O22 - BITS Job: (download) {6E2B95CF-6A26-4B6E-9E44-49D49FD57AD4} - https://download-installer.cdn.mozilla.net/pub/firefox/releases/99.0/update/win64/tr/firefox-98.0.2-99.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate.
O22 - Task: Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe AutoUpdate.
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Task: throttlestop - C:\Throttlestop\ThrottleStop.exe
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\Windows\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: CoolerMaster MasterPlus Technology Service - (MPService) - C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe
O23 - Service S3: EQU8_19 - C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe
O23 - Service S3: EQU8_39 - C:\ProgramData\EQU8\KovaaK's\bin\anticheat.x64.equ8.exe
O25 - WMI Event: DellCommandPowerManagerAlertEventConsumer - DellCommandPowerManagerAlertEventFilter - Event="BIOSEvent", Const EVENT_USER_MESSAGE = &H12¶ Function ZeroPaddedHex(number, padding)¶ ZeroPaddedHex = ""¶ If padding > 0 Then¶ For i = padding-1 To 0 Step -1¶ If number < 16^i Then¶ ZeroPaddedHex = ZeroPaddedHex & "0"¶ Else¶ ZeroPaddedHex = ZeroPaddedHex & Hex(number)¶ Exit For¶ End If¶ Next¶ End If¶ End Functi(1416 bytes)
O25 - WMI Event: DellCommandPowerManagerPolicyChangeEventConsumer - DellCommandPowerManagerPolicyChangeEventFilter - Event="RegistryKeyChangeEvent WHERE Hive = 'HKEY_LOCAL_MACHINE' AND KeyPath = 'SOFTWARE\\Policies\\Dell\\CommandPowerManager' ", Set shell = CreateObject("WScript.Shell")¶ On Error Resume Next¶ installpath = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Dell\CommandPowerManager\InstallPath")¶ If Err.Number <> 0 Then¶ On Error Goto 0¶ progfiles = shell.ExpandEnvironmentStrings("%ProgramFiles%")¶ shell.Run """" & progfiles & "\De(634 bytes)
Genişletmek için tıkla...

1649697874265.png


Hocam ben logu attıktan sonra programı kapatmıştım programı tekrar açım ilk seçeneğe tekrar basıp oradan mı fix yapayım? @Murat5038
Hocam ben logu alırken fareyi haraket ettirdim gibi hatırlıyorum yeni log atayımmı?
 
Son düzenleme:
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 10 (Enterprise LTSB), 10.0.17763.2746 (ReleaseId: 1809), Service Pack: 0
Time: 12.04.2022 - 00:54 (UTC+03:00)
Language: OS: English (0x809). Display: English (0x809). Non-Unicode: English (0x809)
Elevated: Yes.
Ran by: dogukan (group: Administrators) on DESKTOP-E4LK3T4, FirstRun: yes.

Internet Explorer: 11.0.17763.2145
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal.

Running processes:
Number | Path.
 9 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
 1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 1 C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
 1 C:\Program Files\Acer\NitroSense Service\PSAgent.exe
 1 C:\Program Files\Acer\NitroSense Service\PSSvc.exe
 3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
 1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
 1 C:\Users\dogukan\Desktop\HiJackThis\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 2 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 2 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_df248b15df52c6fa\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
 1 C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 2 C:\Windows\System32\RtkAudUService64.exe
 4 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SettingSyncHost.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 78 C:\Windows\System32\svchost.exe
 1 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\unsecapp.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\System32\wlanext.exe
 1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_EF93B6DC3005231FA543A18DA35FBF3F] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\dogukan\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/04/07)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\dogukan\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2022/04/07)
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [WavesSvc] = C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe -Jack
O17 - DHCP DNS 1: 192.168.43.1
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: NitroSense - C:\Program Files\Acer\NitroSense Service\PSLauncher.exe
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_df248b15df52c6fa\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_df248b15df52c6fa\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
O23 - Service R3: Predator Service - (PSSvc) - C:\Program Files\Acer\NitroSense Service\PSSvc.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

--
End of file - Time spent: 10.6 sec. - 17312 bytes, CRC32: FFFFFFFF. Sign: 뚲䮵

Hocam merhabalar, offline bir oyunda(CIV5) para hilesi yapmak için s*lak gibi .exe dosya uzantılı bir dosyayı açtım. Windows Defender ile tam taradım bir şey çıkmadı, sistemde her hangi bir donma vs. de olmadı. Format için USB hazırladım şansa sizin konunuzu gördüm sorayım dedim. Sizce format atmalı mıyım ?
 
AzPişmişKöfte dedi:
Hocam ben logu attıktan sonra programı kapatmıştım programı tekrar açım ilk seçeneğe tekrar basıp oradan mı fix yapayım? @Murat5038
Genişletmek için tıkla...
Evet.
AzPişmişKöfte dedi:
Hocam ben logu alırken fareyi haraket ettirdim gibi hatırlıyorum yeni log atayım mı?
Genişletmek için tıkla...
Anlamadım. Yeniye gerek yok dediklerimi fixleyin yeterli.
420645 dedi:
Hocam merhabalar, offline bir oyunda(CIV5) para hilesi yapmak için s*lak gibi .exe dosya uzantılı bir dosyayı açtım. Windows Defender ile tam taradım bir şey çıkmadı, sistemde herhangi bir donma vs. de olmadı. Format için USB hazırladım şansa sizin konunuzu gördüm sorayım dedim. Sizce format atmalı mıyım ?
Genişletmek için tıkla...
Zararlı gözükmüyor. Aktif zararlı da yok sadece bunu fixleyin:
Kod: 
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
İçinizde şüphe varsa Malwarebyte kurup taratabilirsiniz.
 
Görev yöneticisinde 2 tane program adlı uygulama var.

[CODE title="Kod"]Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.17

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.1586 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 13.04.2022 - 11:25 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: emred (group: Administrators) on DESKTOP-2C74801, FirstRun: yes

Internet Explorer: 11.0.19041.1566
Default: "C:\Users\emred\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Huawei\BasicService\BasicService.exe
1 C:\Program Files\Huawei\Hiview\HiviewService.exe
1 C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
1 C:\Program Files\Huawei\PCManager\DFSSearchService.exe
1 C:\Program Files\Huawei\PCManager\HiboardDataReport.exe
1 C:\Program Files\Huawei\PCManager\HwMdcCenter.exe
1 C:\Program Files\Huawei\PCManager\MateBookService.exe
1 C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe
1 C:\Program Files\Huawei\PCManager\MessageCenterUI.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
1 C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Users\emred\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\drivers\SessionService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEMN.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\dptf_helper.exe
1 C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
1 C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5dc1a2977f07512e\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_530620add2b09c46\AS\IAS\IntelAudioService.exe
1 C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_0570478011758f12\Intel_PIE_Service.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\RPC\OSD\osdservice.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
82 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
4 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?te...2: FFFFFFFF. Sign: 衊伸[/CODE] [ICODE][/ICODE]
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
656
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı