HijackThis Log Paylaşımı ve Çözümleri

kurga243 · 21 Ocak 2023

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.25

Platform: x64 Windows 10 (Home), 10.0.19045.2486 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 21.01.2023 - 17:45 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 12249 MiB Free (26 %). CPU Loading: (30 %)
Elevated: Yes
Ran by: gener (group: Administrators) on DESKTOP-M561HFI, FirstRun: yes

Chrome: 109.0.5414.75
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
1 C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
12 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Riot Games\League of Legends\LeagueClient.exe
1 C:\Riot Games\League of Legends\LeagueClientUx.exe
6 C:\Riot Games\League of Legends\LeagueClientUxRender.exe
1 C:\Riot Games\League of Legends\LeagueCrashHandler.exe
1 C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
1 C:\Riot Games\Riot Client\RiotClientServices.exe
6 C:\Users\gener\AppData\Local\Discord\app-1.0.9010\Discord.exe
1 C:\Users\gener\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GameBarPresenceWriter.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
2 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
65 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 D:\ISLC v1.0.2.8\Intelligent standby list cleaner ISLC.exe

O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - (no file)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\gener\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2022/11/23)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2022/11/10)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2022/11/17)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2022/12/02)
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [PSUAMain] = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (file missing)
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe
O22 - Task (.job): update-S-1-5-21-800537223-1707955652-2608803916-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C73613A-680F-4F6F-AF2C-24454F2F8BA3} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C73613A-680F-4F6F-AF2C-24454F2F8BA3} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1124F71C-BFC3-44A9-A1EE-016B9D5C0D34} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1124F71C-BFC3-44A9-A1EE-016B9D5C0D34} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A78C3E-A142-4F86-903E-AE26291F646C} - \Microsoft\Windows\Autochk\Proxy (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87094343-6C1F-4855-A6B9-305BA74AB761} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87094343-6C1F-4855-A6B9-305BA74AB761} - (no key)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-800537223-1707955652-2608803916-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: (disabled) update-S-1-5-21-800537223-1707955652-2608803916-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: (disabled) update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b9b8ea29-2995-4404-a973-20a67d0d98fa" --version "6.05.10110" --silent
O22 - Tasks: CCleanerSkipUAC - gener - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: GoogleUpdateTaskMachineCore{8158F491-EBC6-42C5-BBB4-BC5E8DACD76B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{11EF958E-059B-42E7-A2BA-DD4747D2954C} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Intelligent StandbyList Cleaner - D:\ISLC v1.0.2.8\Intelligent standby list cleaner ISLC.exe
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1669209063 - C:\Users\gener\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gener\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Tasks: Opera GX scheduled Autoupdate 1668102108 - C:\Users\gener\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: Panda Cloud Antivirus Service - (NanoServiceMain) - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service R2: Panda Devices Agent - (PandaAgent) - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service R2: Panda Elam Service Protection - (pselamsvc) - C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
O23 - Service R2: Panda Product Service - (PSUAService) - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe

--
End of file - Time spent: 15,5 sec. - 26278 bytes, CRC32: FFFFFFFF. Sign: 䥬芨

kurga243 dedi:
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.25

Platform: x64 Windows 10 (Home), 10.0.19045.2486 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 21.01.2023 - 17:45 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 12249 MiB Free (26 %). CPU Loading: (30 %)
Elevated: Yes
Ran by: gener (group: Administrators) on DESKTOP-M561HFI, FirstRun: yes

Chrome: 109.0.5414.75
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
1 C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
1 C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
12 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Riot Games\League of Legends\LeagueClient.exe
1 C:\Riot Games\League of Legends\LeagueClientUx.exe
6 C:\Riot Games\League of Legends\LeagueClientUxRender.exe
1 C:\Riot Games\League of Legends\LeagueCrashHandler.exe
1 C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
1 C:\Riot Games\Riot Client\RiotClientServices.exe
6 C:\Users\gener\AppData\Local\Discord\app-1.0.9010\Discord.exe
1 C:\Users\gener\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GameBarPresenceWriter.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
2 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
65 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 D:\ISLC v1.0.2.8\Intelligent standby list cleaner ISLC.exe

O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - (no file)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\gener\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2022/11/23)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2022/11/10)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2022/11/17)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2022/12/02)
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [PSUAMain] = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (file missing)
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe
O22 - Task (.job): update-S-1-5-21-800537223-1707955652-2608803916-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C73613A-680F-4F6F-AF2C-24454F2F8BA3} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C73613A-680F-4F6F-AF2C-24454F2F8BA3} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1124F71C-BFC3-44A9-A1EE-016B9D5C0D34} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1124F71C-BFC3-44A9-A1EE-016B9D5C0D34} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A78C3E-A142-4F86-903E-AE26291F646C} - \Microsoft\Windows\Autochk\Proxy (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87094343-6C1F-4855-A6B9-305BA74AB761} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87094343-6C1F-4855-A6B9-305BA74AB761} - (no key)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-800537223-1707955652-2608803916-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: (disabled) update-S-1-5-21-800537223-1707955652-2608803916-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: (disabled) update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b9b8ea29-2995-4404-a973-20a67d0d98fa" --version "6.05.10110" --silent
O22 - Tasks: CCleanerSkipUAC - gener - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: GoogleUpdateTaskMachineCore{8158F491-EBC6-42C5-BBB4-BC5E8DACD76B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{11EF958E-059B-42E7-A2BA-DD4747D2954C} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Intelligent StandbyList Cleaner - D:\ISLC v1.0.2.8\Intelligent standby list cleaner ISLC.exe
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1669209063 - C:\Users\gener\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gener\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Tasks: Opera GX scheduled Autoupdate 1668102108 - C:\Users\gener\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: Panda Cloud Antivirus Service - (NanoServiceMain) - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service R2: Panda Devices Agent - (PandaAgent) - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service R2: Panda Elam Service Protection - (pselamsvc) - C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
O23 - Service R2: Panda Product Service - (PSUAService) - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe

--
End of file - Time spent: 15,5 sec. - 26278 bytes, CRC32: FFFFFFFF. Sign: 䥬芨

takılma performans düşüş anlam veremedim

Balkanaa · 22 Ocak 2023

Bilgisayar gün içinde mavi ekran yedi birkaç saat sonrada biranda restart attı sorunu bilmiyorum performans kaybı yok fakat olay görüntüleyicisine baktığımda

Kernel-Power
Olay Kimliği:41
Sistem düzgün kapatılmadan yeniden başlatılmış. Bu hatanın nedeni sistemin yanıt vermeyi durdurması, kilitlenmesi veya beklenmeyen bir şekilde güç kaybına uğramış olması olabilir.(21.01.2023 21:00:49)

volmgr
Olay Kimliği:161
Döküm dosyası oluşturması, döküm oluşturmasındaki bir hata nedeniyle başarısız oldu.

EventLog
Olay Kimliği:6008
21:00:26, ‎21.‎01.‎2023 tarihinde gerçekleşen önceki sistem kapanışı beklenmiyordu.

DistributedCOM:
uygulamaya özgü izin ayarları
Windows.SecurityCenter.SecurityAppBroker
CLSID'sine ve
Yok
APPID'sine sahip COM Sunucu uygulaması için, Yok SID (Yok) uygulama kapsayıcısında çalışan LocalHost (LRPC Kullanan) adresindeki SID değeri (S-1-5-18) olan NT AUTHORITY\SYSTEM kullanıcısına Yerel Çalıştır izni vermiyor. Bu güvenlik izni, Bileşen Hizmetleri yönetim aracı kullanılarak değiştirilebilir.

DNS Client Events:
wpad adı için ad çözümleme yapılandırılan DNS sunucularının hiçbirinden yanıt gelmedikten sonra zaman aşımına uğradı.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.25

Platform:  x64 Windows 10 (Pro), 10.0.19045.2546 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      22.01.2023 - 00:10 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    4250 MiB Free (48 %). CPU Loading: (6 %)
Elevated:  Yes
Ran by:    balka    (group: Administrators) on DESKTOP-GABVV56, FirstRun: yes

Chrome:  109.0.5414.75
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Steam\steamservice.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
  12  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2022.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
   1  C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
   6  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
   6  C:\Users\balka\AppData\Local\Discord\app-1.0.9010\Discord.exe
   5  C:\Users\balka\AppData\Local\Programs\Blitz\Blitz.exe
   1  C:\Users\balka\Desktop\HiJackThis.exe
   1  C:\Users\balka\Desktop\ps3 controller\ps3 controller\ScpServer\bin\ScpService.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\GigabyteUpdateService.exe
   1  C:\Windows\System32\lsass.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SysWOW64\backgroundTaskHost.exe
   1  D:\Program Files\Microvirt\MEmu\MemuService.exe

O4 - HKCU\..\Run: [com.blitz.app] = C:\Users\balka\AppData\Local\Programs\Blitz\Blitz.exe --autostart
O4 - HKCU\..\Run: [Discord] = C:\Users\balka\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [101XPGameCenterTR] = C:\Program Files\101XP Game Center TR\launcher101xp.exe (2023/01/21)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2022/10/26)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_7A7562710ACCD2DBE86525C558251B55] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/09/29)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\balka\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2022/10/26)
O4 - HKCU\..\StartupApproved\Run: [Soundpad] = C:\Windows\system32\cmd.exe /c start steam://rungameid/629520 (2023/01/21)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe -background
O17 - DHCP DNS 1: 192.168.1.1
O22 - BITS Job: (download) {8B862F79-F678-4AD0-A6C1-8884D8C18B68} - MicrosoftMapsBingGeoStore - (no URL)
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: 101XPOverlaySkipUAC - C:\Program Files\101XP Game Center TR\launcher101xp_overlay_installer_x86.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3)
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Tasks: GoogleUpdateTaskMachineCore{0D220304-28C9-473A-9339-8BC97ECDB49B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{446CB8ED-86E4-4C1D-B663-6054D8949411} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Microsoft_Hardware_Launch_ipoint_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (file missing)
O22 - Tasks: Microsoft_Hardware_Launch_itype_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (file missing)
O22 - Tasks: Microsoft_Hardware_Launch_mousekeyboardcenter_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (file missing)
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1665500177 - C:\Users\balka\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\balka\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Tasks: Opera GX scheduled Autoupdate 1664472291 - C:\Users\balka\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: ViGEmBus_Updater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe /silent
O23 - Service R2: GIGABYTE Update Service - (GigabyteUpdateService) - C:\Windows\system32\GigabyteUpdateService.exe
O23 - Service R2: MEmuSVC - D:\Program Files\Microvirt\MEmu\MemuService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe
O23 - Service R2: SCP DS3 Service - (Ds3Service) - C:\Users\balka\Desktop\ps3 controller\ps3 controller\ScpServer\bin\ScpService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: AsusROGLSLService Download ROGLSLoader - (AsusROGLSLService) - C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe -runservice
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: OCButtonService - C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe (file missing)
O23 - Service S3: Armoury Live Update - (ArmouryLiveUpdate) - C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ArmouryLiveUpdate.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 13,2 sec. - 21178 bytes, CRC32: FFFFFFFF. Sign: 灞

Befehle · 24 Ocak 2023

Merhaba.
Sistem açılır açılmaz herhangi bir işlemde PC fanları son 4-5 gündür otomatik olarak çalışıyor ve şiddeti zamana göre artıyor/azalıyor. ben virüsten şüphelendim Kaspersky ve Malwarebytes ile taramalar yaptım fakat temiz çıktı. Ek olarak oyunlarda bazen anlık donmalar yaşıyorum ve bunun yazılımsal olduğunu düşünüyorum. Yapabileceğim veya paylaşabileceğim ek bir şey varsa belirtirseniz sevinirim. İyi çalışmalar.

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Home Single Language), 10.0.19044.2486 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 24.01.2023 - 22:29 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: 90542 (group: Administrators) on LAPTOP-HKD9V1UH, FirstRun: no.

Chrome: 109.0.5414.75
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal.

Running processes:
Number | Path.
 1 C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe
 2 C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
 7 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
 11 C:\Program Files\Google\Chrome\Application\chrome.exe
 1 C:\Program Files\HPCommRecovery\HPCommRecovery.exe
 1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
 3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
 1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
 1 C:\Program Files\WindowsApps\AD2F1837.myHP_11.52247.86.0_x64__v10z8vjag6ke6\HP.MyHP.exe
 1 C:\Program Files\WindowsApps\AD2F1837.myHP_11.52247.86.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
 1 C:\Program Files\WindowsApps\AD2F1837.myHP_11.52247.86.0_x64__v10z8vjag6ke6\win32\HPAudioSwitch.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
 1 C:\Users\90542\Desktop\Uygulamalar\HiJackThis.exe
 2 C:\Windows\explorer.exe
 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 1 C:\Windows\RtkBtManServ.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\cmd.exe
 3 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\dasHost.exe
 2 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEM.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\AppHelperCap.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\BridgeCommunication.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\DiagsCap.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\NetworkCap.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\SysInfoCap.exe
 1 C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a1ba1c52244db36a\x64\OmenCap\OmenCap.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHDCPSvc.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHeciSvc.exe
 1 C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ce71cac5771f377d\Display.NvContainer\NVDisplay.Container.exe
 3 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe
 1 C:\Windows\System32\dwm.exe
 1 C:\Windows\System32\ETDCtrl.exe
 1 C:\Windows\System32\ETDService.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\PnkBstrA.exe
 1 C:\Windows\System32\rundll32.exe
 3 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchFilterHost.exe
 1 C:\Windows\System32\SearchIndexer.exe
 2 C:\Windows\System32\SearchProtocolHost.exe
 1 C:\Windows\System32\SECOCL64.exe
 1 C:\Windows\System32\SECOMN64.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 73 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\Taskmgr.exe
 1 C:\Windows\System32\wbem\unsecapp.exe
 1 C:\Windows\System32\wbem\WMIADAP.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 2 C:\Windows\System32\WUDFHost.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 C:\Windows\SysWOW64\dllhost.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B070C1DD3F7C0634A55ADA4CD84E9E6E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\StartupApproved\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe (file missing) (2022/02/17)
O4 - HKLM\..\Run: [RtkAudUService] = C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe -background
O17 - DHCP DNS 1: 192.168.43.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\windows\system32\mscoree.dll
O22 - BITS Job: (download) {B448F1E8-B52F-4341-B5F7-37F3545F8F4D} - http://edgedl.me.gvt1.com/edgedl/delta-update/oimompecagnajdejgnnjijobebaeigek/1.d5893d11161ea73163b69676807c8d6b0f6d5fca6b982b33300486e8f8a85ffd/1.22a1cb42639895bc64d9dcbcf5ee5774c67ce01e78e28477420a3a0c6eddcc42/54829fe95c036eeac9f7c5f94eb4f760e7d2be1065a24776647800c7691b53e2.crxd -> C:\Users\90542\AppData\Local\Temp\chrome_BITS_16780_1891814878\54829fe95c036eeac9f7c5f94eb4f760e7d2be1065a24776647800c7691b53e2.crxd
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\windows\explorer.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\windows\system32\MusNotification.exe /RunOnAC EngagedRebootReminder (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\windows\system32\MusNotification.exe /RunOnBattery EngagedRebootReminder (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-330310542-4217721475-3514810156-1001 - C:\windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\windows\system32\rundll32.exe C:\windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler.
O22 - Task: HPAudioSwitch - C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Reporting Task-S-1-5-21-330310542-4217721475-3514810156-1001 - C:\Users\90542\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\windows\RtkBtManServ.exe
O23 - Service R2: ELAN Service - (ETDService) - C:\windows\System32\ETDService.exe
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: HP Analytics service - (HpTouchpointAnalyticsService) - C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\AppHelperCap.exe
O23 - Service R2: HP Comm Recovery - (HP Comm Recover) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\DiagsCap.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\NetworkCap.exe
O23 - Service R2: HP Omen HSA Service - (HPOmenCap) - C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a1ba1c52244db36a\x64\OmenCap\OmenCap.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_9b42a3e82673e3bb\x64\SysInfoCap.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.8 - (KSDE5.8) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe -r
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ce71cac5771f377d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ce71cac5771f377d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: PnkBstrA - C:\windows\system32\PnkBstrA.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe
O23 - Service R2: Sound Research SECOMN Service - (SECOMNService) - C:\windows\System32\SECOMN64.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee0c47404984f8ac\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Audio Service - (IntelAudioService) - C:\windows\system32\cAVS\IAS\IntelAudioService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.75\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\windows\System32\iaStorAfsService.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService

--
End of file - Time spent: 7,7 sec. - 38634 bytes, CRC32: FFFFFFFF. Sign: 箬蕄

Murat5038 · 24 Ocak 2023

Balkanaa dedi:
Bilgisayar gün içinde mavi ekran yedi birkaç saat sonrada biranda restart attı sorunu bilmiyorum performans kaybı yok fakat olay görüntüleyicisine baktığımda

Ps3 controller sorunu çıkabilir, Mavi ekran kısmında bu etken olabilir o konu ayrı olduğundna burada sadece bilgi için diyorum.
Gelelim konumuza bunları fixleyin:

Kod:

O4 - HKCU\..\StartupApproved\Run: [101XPGameCenterTR] = C:\Program Files\101XP Game Center TR\launcher101xp.exe (2023/01/21)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_7A7562710ACCD2DBE86525C558251B55] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/09/29)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\balka\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2022/10/26)
O22 - BITS Job: (download) {8B862F79-F678-4AD0-A6C1-8884D8C18B68} - MicrosoftMapsBingGeoStore - (no URL)
O22 - Tasks: 101XPOverlaySkipUAC - C:\Program Files\101XP Game Center TR\launcher101xp_overlay_installer_x86.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3)
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Tasks: ViGEmBus_Updater - C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe /silent
O23 - Service R2: GIGABYTE Update Service - (GigabyteUpdateService) - C:\Windows\system32\GigabyteUpdateService.exe

EasyTuneEngine kaldırın.

Befehle dedi:
Sistem açılır açılmaz herhangi bir işlemde PC fanları son 4-5 gündür otomatik olarak çalışıyor ve şiddeti zamana göre artıyor/azalıyor. ben virüsten şüphelendim Kaspersky ve Malwarebytes ile taramalar yaptım fakat temiz çıktı. Ek olarak oyunlarda bazen anlık donmalar yaşıyorum ve bunun yazılımsal olduğunu düşünüyorum. Yapabileceğim veya paylaşabileceğim ek bir şey varsa belirtirseniz sevinirim. İyi çalışmalar.

Zrarlıya dair bir şey yok gereksiz yazılımları ve Hp için gereksiz şeyleri kaldırın.
Bunları fixleyin:

Kod:

O22 - BITS Job: (download) {B448F1E8-B52F-4341-B5F7-37F3545F8F4D} - http://edgedl.me.gvt1.com/edgedl/delta-update/oimompecagnajdejgnnjijobebaeigek/1.d5893d11161ea73163b69676807c8d6b0f6d5fca6b982b33300486e8f8a85ffd/1.22a1cb42639895bc64d9dcbcf5ee5774c67ce01e78e28477420a3a0c6eddcc42/54829fe95c036eeac9f7c5f94eb4f760e7d2be1065a24776647800c7691b53e2.crxd -> C:\Users\90542\AppData\Local\Temp\chrome_BITS_16780_1891814878\54829fe95c036eeac9f7c5f94eb4f760e7d2be1065a24776647800c7691b53e2.crxd
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O22 - Task: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Task: OneDrive Reporting Task-S-1-5-21-330310542-4217721475-3514810156-1001 - C:\Users\90542\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: HP Analytics service - (HpTouchpointAnalyticsService) - C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe

xideviwo · 27 Ocak 2023

Kod:

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.18

Platform:  x64 Windows 10 (Pro), 10.0.19045.2486 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      27.01.2023 - 10:51 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    pc    (group: Administrators) on FURKAN, FirstRun: yes

Chrome:  109.0.5414.120
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe
   1  C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe
   1  C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\13.0.0.8122\AdskLicensingService\AdskLicensingService.exe
   1  C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
   1  C:\Program Files (x86)\Common Files\OPC Foundation\UA\Discovery\bin\opcualds.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   2  C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\cofaso 6.2\mysql\bin\mysqld-nt.exe
   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
   1  C:\Program Files\SteelSeries\GG\apps\prismSyncV2\SteelSeriesPrismSync.exe
   1  C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Users\pc\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\FileCoAuth.exe
   1  C:\Users\pc\Downloads\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\servicing\TrustedInstaller.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\cmd.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   1  C:\Windows\System32\msiexec.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\PnkBstrA.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  78  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\rundll32.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 www.nyrexscript.com
O1 - Hosts: 0.0.0.0 nyrexscript.com
O1 - Hosts: 0.0.0.0 apathe.net
O1 - Hosts: 0.0.0.0 www.apathe.net
O1 - Hosts: 0.0.0.0 www.cheatglobal.com
O1 - Hosts: 0.0.0.0 cheatglobal.com
O1 - Hosts: 0.0.0.0 www.cheatglobal.net
O1 - Hosts: 0.0.0.0 cheatglobal.net
O1 - Hosts: 0.0.0.0 www.cheatglobal.org
O1 - Hosts: 0.0.0.0 cheatglobal.org
O1 - Hosts: 0.0.0.0 www.cheatglobal.com
O1 - Hosts: 0.0.0.0 cheatglobal.com
O1 - Hosts: 0.0.0.0 www.metin2bot.com
O1 - Hosts: 0.0.0.0 metin2bot.com
O1 - Hosts: 0.0.0.0 www.metin2bot.org
O1 - Hosts: 0.0.0.0 metin2bot.org
O1 - Hosts: 0.0.0.0 www.metin2bot.net
O1 - Hosts: 0.0.0.0 metin2bot.net
O1 - Hosts: 0.0.0.0 www.dreamfancy.com
O1 - Hosts: 0.0.0.0 dreamfancy.com
O1 - Hosts: 0.0.0.0 www.dreamfancy.org
O1 - Hosts: 0.0.0.0 dreamfancy.org
O1 - Hosts: 0.0.0.0 www.dreamfancy.net
O1 - Hosts: 0.0.0.0 dreamfancy.net
O1 - Hosts: 0.0.0.0 www.realitycheats.com
O1 - Hosts: 0.0.0.0 realitycheats.com
O1 - Hosts: 0.0.0.0 www.realitycheats.org
O1 - Hosts: 0.0.0.0 realitycheats.org
O1 - Hosts: 0.0.0.0 www.realitycheats.net
O1 - Hosts: 0.0.0.0 realitycheats.net
O1 - Hosts: 0.0.0.0 www.realui.com
O1 - Hosts: 0.0.0.0 realui.com
O1 - Hosts: 0.0.0.0 www.realui.org
O1 - Hosts: 0.0.0.0 realui.org
O1 - Hosts: 0.0.0.0 www.realui.net
O1 - Hosts: 0.0.0.0 realui.net
O1 - Hosts: 0.0.0.0 www.artecheats.com
O1 - Hosts: 0.0.0.0 artecheats.com
O1 - Hosts: 0.0.0.0 www.artecheats.org
O1 - Hosts: 0.0.0.0 artecheats.org
O1 - Hosts: 0.0.0.0 www.artecheats.net
O1 - Hosts: 0.0.0.0 artecheats.net
O1 - Hosts: 0.0.0.0 www.samcheats.com
O1 - Hosts: 0.0.0.0 samcheats.com
O1 - Hosts: 0.0.0.0 www.samcheats.org
O1 - Hosts: 0.0.0.0 samcheats.org
O1 - Hosts: 0.0.0.0 www.samcheats.net
O1 - Hosts: 0.0.0.0 samcheats.net
O1 - Hosts: 0.0.0.0 leaguehell.net
O1 - Hosts: 0.0.0.0 www.leaguehell.net
O1 - Hosts: 0.0.0.0 leaguehell.com
O1 - Hosts: 0.0.0.0 www.leaguehell.com
O1 - Hosts: 0.0.0.0 leaguehell.org
O1 - Hosts: 0.0.0.0 www.leaguehell.org
O1 - Hosts.ICS: 0.0.0.0 www.nyrexscript.com
O1 - Hosts.ICS: 0.0.0.0 nyrexscript.com
O1 - Hosts.ICS: 0.0.0.0 apathe.net
O1 - Hosts.ICS: 0.0.0.0 www.apathe.net
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.net
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.net
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.org
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.org
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.com
O1 - Hosts.ICS: 0.0.0.0 metin2bot.com
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.org
O1 - Hosts.ICS: 0.0.0.0 metin2bot.org
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.net
O1 - Hosts.ICS: 0.0.0.0 metin2bot.net
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.com
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.com
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.org
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.org
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.net
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.net
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.com
O1 - Hosts.ICS: 0.0.0.0 realitycheats.com
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.org
O1 - Hosts.ICS: 0.0.0.0 realitycheats.org
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.net
O1 - Hosts.ICS: 0.0.0.0 realitycheats.net
O1 - Hosts.ICS: 0.0.0.0 www.realui.com
O1 - Hosts.ICS: 0.0.0.0 realui.com
O1 - Hosts.ICS: 0.0.0.0 www.realui.org
O1 - Hosts.ICS: 0.0.0.0 realui.org
O1 - Hosts.ICS: 0.0.0.0 www.realui.net
O1 - Hosts.ICS: 0.0.0.0 realui.net
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.com
O1 - Hosts.ICS: 0.0.0.0 artecheats.com
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.org
O1 - Hosts.ICS: 0.0.0.0 artecheats.org
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.net
O1 - Hosts.ICS: 0.0.0.0 artecheats.net
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.com
O1 - Hosts.ICS: 0.0.0.0 samcheats.com
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.org
O1 - Hosts.ICS: 0.0.0.0 samcheats.org
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.net
O1 - Hosts.ICS: 0.0.0.0 samcheats.net
O1 - Hosts.ICS: 0.0.0.0 leaguehell.net
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.net
O1 - Hosts.ICS: 0.0.0.0 leaguehell.com
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.com
O1 - Hosts.ICS: 0.0.0.0 leaguehell.org
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.org
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_361\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_361\bin\ssv.dll
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\pc\AppData\Local\Discord\Update.exe --processStart Discord.exe (2020/02/28)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2022/08/31)
O4 - HKCU\..\StartupApproved\Run: [electron.app.Pi Network] = C:\Users\pc\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (2021/06/19)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2021/05/04)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/24)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/05/12)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk    ->    C:\Users\pc\Autodesk\Genuine Service\GenuineService.exe (2020/05/12)
O4 - HKLM\..\Run: [Cm108Sound] = C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
O4 - HKLM\..\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true
O4 - HKLM\..\Session Manager: [BootExecute] = C:\WINDOWS\system32\autochk.exe /k:C * (Microsoft)
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background (2020/05/12)
O4 - HKLM\..\StartupApproved\Run32: [Autodesk Genuine Service ] = C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe (2023/01/19)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/05/12)
O4 - Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mysqld-max.lnk    ->    C:\Program Files\cofaso 6.2\mysql\bin\mysqld-max.exe
O5 - Applet: C:\WINDOWS\System32\CM108.cpl (not signed)
O5 - Applet: C:\WINDOWS\System32\plotman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\WINDOWS\System32\styleman.cpl (Sign: 'Autodesk, Inc.')
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\WINDOWS\system32\AcSignIcon.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-3946679272-273217619-738506958-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-3946679272-273217619-738506958-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-3946679272-273217619-738506958-1001 - C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
O23 - Service R2: Autodesk Desktop Licensing Service - (AdskLicensingService) - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: MySql - C:\Program Files\cofaso 6.2\mysql\bin\mysqld-nt.exe
O23 - Service R2: OPC UA Local Discovery Server - (UALDS) - C:\Program Files (x86)\Common Files\OPC Foundation\UA\Discovery\bin\opcualds.exe
O23 - Service R2: PnkBstrA - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: SetupARService - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\elevation_service.exe (file missing)
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: Nexon Game Security Service - (NGS) - C:\ProgramData\Nexon\NGS\NGService.exe -service
O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\WINDOWS\system32\GameMon.des -service (file missing)
O23 - Service S3: OpcEnum - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service S3: OPCF Bonjour Service - C:\Program Files (x86)\Common Files\OPC Foundation\UA\Discovery\bin\mDNSResponder.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe
O23 - Service S3: Uncheater for Crowz_ST - (ucldr_Crowz_ST) - C:\Program Files\Common Files\UNCHEATER\ucldr_Crowz_ST.exe


--
End of file - Time spent: 14,7 sec. - 42370 bytes, CRC32: FFFFFFFF. Sign: 枰祫

Bellek kullanımında bir artış söz konusu. SearchApp.exe dosyasından şüpheleniyorum ama ayrıntı bölümüne girince dijital imzada Microsoft Firması yazıyor. Teşekkürler.

Murat5038 · 28 Ocak 2023

xideviwo dedi:
Bellek kullanımında bir artış söz konusu. SearchApp.exe dosyasından şüpheleniyorum ama ayrıntı bölümüne girince dijital imzada Microsoft Firması yazıyor. Teşekkürler.

Belirtttiğiniz dosya MS dosyası bir arama veya bir program işlem yaptığında diskte kullanımı artacaktır.
Bunları fixleyin:

Kod:

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\StartupApproved\Run: [electron.app.Pi Network] = C:\Users\pc\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (2021/06/19)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/24)
O4 - HKLM\..\Session Manager: [BootExecute] = C:\WINDOWS\system32\autochk.exe /k:C * (Microsoft)
O23 - Service S3: Uncheater for Crowz_ST - (ucldr_Crowz_ST) - C:\Program Files\Common Files\UNCHEATER\ucldr_Crowz_ST.exe

kurga243 · 28 Ocak 2023

Murat5038 dedi:

Belirtttiğiniz dosya MS dosyası bir arama veya bir program işlem yaptığında diskte kullanımı artacaktır.
Bunları fixleyin:

Kod:

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\StartupApproved\Run: [electron.app.Pi Network] = C:\Users\pc\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (2021/06/19)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/24)
O4 - HKLM\..\Session Manager: [BootExecute] = C:\WINDOWS\system32\autochk.exe /k:C * (Microsoft)
O23 - Service S3: Uncheater for Crowz_ST - (ucldr_Crowz_ST) - C:\Program Files\Common Files\UNCHEATER\ucldr_Crowz_ST.exe

başkan bizi de görüceksin umarım

Murat5038 · 30 Ocak 2023

kurga243 dedi:
Başkan bizi de görüceksin umarım

Düzgün konu oluşturmadığınızdan gözden kaçmış.
Bunları fixleyin:

Kod:

O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - (no file)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\gener\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2022/11/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2022/11/10)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2022/11/17)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2022/12/02)
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (file missing)
O22 - Tasks: Intelligent StandbyList Cleaner - D:\ISLC v1.0.2.8\Intelligent standby list cleaner ISLC.exe

LeonS.Kennedy · 31 Ocak 2023

Paste ofCode

paste.ofcode.org

Bilgisayarımda Crack'li kullandığım sadece iki program var, biri Premiere Pro diğeri Photoshop 2023.
Son zamanlarda hafif performans düşüşü oldu...

Murat5038 · 31 Ocak 2023

LeonS.Kennedy dedi:
Son zamanlarda hafif performans düşüşü oldu.

Zararlı olarak gözüken bir şey yok sadece Google, Onedrive gibi şeyleri otomatik gereksiz ise kaldırarak hafifletebilirsiniz. 2 VPN gözüküyor birini kaldırın.

Bunlarıda fixleyin:

Kod:

O4 - HKCU\..\Run: [Bright VPN] = C:\Program Files (x86)\Bright VPN\Bright VPN.exe --silent
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe --mode=CCDI --lbsWorkflowID={5A785F6F-6084-4E69-9F1E-62EA991F9182} --lbsInstallerWorkflowID={DD16FED7-D94E-487A-8B61-64E1ED1ACE98} --skipCCDUpdate=true --helperBridgeName={03EC742C-3BD9-454F-8C38-3E2C94011E88} --appletID=AppsPanel_BL --appletVersion=1.0 --inputXmlPath="C:\Users\ACER\AppData\Local\Temp\productInfo.xml" /RestartByRestartManager:ACDA24C0-68BA-4a76-B83C-A07319469529
O4 - HKCU\..\StartupApproved\Run: [AceStream] = C:\Users\ACER\AppData\Roaming\ACEStream\engine\ace_engine.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [com.deezer.deezer-desktop] = C:\Users\ACER\AppData\Local\Programs\deezer-desktop\Deezer.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\ACER\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Krisp] = C:\Program Files\Krisp\Krisp.exe -s (file missing) (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1E4BAC462ABB5FE492577DAC701576BA] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/25)
O4 - HKCU\..\StartupApproved\Run: [Rave] = C:\Users\ACER\AppData\Local\Programs\rave-desktop\Rave.exe --hidden (file missing) (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [sonicsvpn] = C:\Program Files (x86)\SonicsVPN\sonicsvpn.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Voicemod] = C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (file missing) (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [YandexDisk2] = C:\Users\ACER\AppData\Roaming\Yandex\YandexDisk2\3.2.23.4755\YandexDisk2.exe -autostart (file missing) (2023/01/23)
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Network service')

HijackThis Log Paylaşımı ve Çözümleri

Ayrıntılı düzenleme

HiJackThis

kurga243

Kilopat

Balkanaa

Decapat

Befehle

Kilopat

Murat5038

Yottapat!

xideviwo

Zeptopat

Murat5038

Yottapat!

kurga243

Kilopat

Murat5038

Yottapat!

LeonS.Kennedy

Kilopat

Paste ofCode

Murat5038

Yottapat!

Benzer konular

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz