HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode
Paste Code

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleyen: Moderatör:
Genişletmek için tıkla...
Murat5038 dedi:
Zararlı olarak gözüken bir şey yok sadece Google, Onedrive gibi şeyleri otomatik gereksiz ise kaldırarak hafifletebilirsiniz. 2 VPN gözüküyor birini kaldırın.

Bunlarıda fixleyin:
Kod: 
O4 - HKCU\..\Run: [Bright VPN] = C:\Program Files (x86)\Bright VPN\Bright VPN.exe --silent
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe --mode=CCDI --lbsWorkflowID={5A785F6F-6084-4E69-9F1E-62EA991F9182} --lbsInstallerWorkflowID={DD16FED7-D94E-487A-8B61-64E1ED1ACE98} --skipCCDUpdate=true --helperBridgeName={03EC742C-3BD9-454F-8C38-3E2C94011E88} --appletID=AppsPanel_BL --appletVersion=1.0 --inputXmlPath="C:\Users\ACER\AppData\Local\Temp\productInfo.xml" /RestartByRestartManager:ACDA24C0-68BA-4a76-B83C-A07319469529
O4 - HKCU\..\StartupApproved\Run: [AceStream] = C:\Users\ACER\AppData\Roaming\ACEStream\engine\ace_engine.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [com.deezer.deezer-desktop] = C:\Users\ACER\AppData\Local\Programs\deezer-desktop\Deezer.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\ACER\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Krisp] = C:\Program Files\Krisp\Krisp.exe -s (file missing) (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1E4BAC462ABB5FE492577DAC701576BA] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/25)
O4 - HKCU\..\StartupApproved\Run: [Rave] = C:\Users\ACER\AppData\Local\Programs\rave-desktop\Rave.exe --hidden (file missing) (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [sonicsvpn] = C:\Program Files (x86)\SonicsVPN\sonicsvpn.exe (2023/01/23)
O4 - HKCU\..\StartupApproved\Run: [Voicemod] = C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (file missing) (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [YandexDisk2] = C:\Users\ACER\AppData\Roaming\Yandex\YandexDisk2\3.2.23.4755\YandexDisk2.exe -autostart (file missing) (2023/01/23)
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Network service')
Genişletmek için tıkla...
Discord ve Deezer gibi şeyleri neden fixleyeyim hocam?
 
Game Pass kodu aktif edebilmek için Chrome üzerinden PLANET VPN adlı bir uygulama eklentisi kullandım. Microsoft sitesinde hesap detaylarını düzenlerken sürekli bir pencere açılıp proxy ayarları için giriş yapın vs. diyor, Çince siteler açıldı. Bilgisayarıma herhangi bir zararlı bulaşmasından ve kişisel verilerimin kullanılmasından şüpheleniyorum. Çok kısa süre VPN'i kullandım ve hesapa giriş yaparken açık değildi. Ayrıca başlangıçta da performans düşüşü hissediyorum.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.25

Platform:  x64 Windows 11 (Pro), 10.0.22621.1194 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      09.02.2023 - 00:15 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    10623 MiB Free (35 %). CPU Loading: (1 %)
Elevated:  Yes
Ran by:    ceoab    (group: Administrators) on CEO, FirstRun: yes

Chrome:  109.0.5414.120
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Feature Manager\Feature_Manager.exe
   1  C:\Program Files (x86)\Feature Manager\MSIAPService.exe
   1  C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3 (1)\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3 (1)\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3 (1)\plugins_nms.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe
   2  C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
   7  C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files\Intel\Intel Arc Control\ArcControl.exe
   5  C:\Program Files\Intel\Intel Arc Control\ArcControlAssist.exe
   1  C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
   1  C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
   1  C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2302.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
   1  C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3000.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   6  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe
   1  C:\Users\ceoab\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\AggregatorHost.exe
   3  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\cmd.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_5d2e576bb8443cb9\igfxCUIServiceN.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_5d2e576bb8443cb9\igfxEMN.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_fd482888e9c3df70\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3b8fcc474a0d597c\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_12fcf13c64a54761\AS\IAS\IntelAudioService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_31b6b410a25ec0b8\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3623bab62426ba87\Intel_PIE_Service.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_19d333f59f2c41d3\RtkAudUService64.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\msiexec.exe
   1  C:\Windows\System32\rundll32.exe
  11  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\Sgrm\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  93  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wermgr.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\backgroundTaskHost.exe
   1  C:\Windows\SysWOW64\MSIService.exe
   1  C:\Windows\TbtP2pShortcutService.exe
   1  C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\ceoab\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/02/13)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_17D6D8816FFB658167D10665BDF990DF] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/10/14)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/02/13)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_19d333f59f2c41d3\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4-32 - HKLM\..\Run: [Intel® Arc™ Control] = C:\Program Files\Intel\Intel Arc Control\ArcControl.exe /s
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{f83f3caf-5ab9-4f7c-a8ea-bcd37c59cb5f}: [NameServer] = 198.51.100.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{f83f3caf-5ab9-4f7c-a8ea-bcd37c59cb5f}: [NameServer] = 198.51.100.2
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1340785609-3455622099-763304044-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: Feature Manager - C:\Program Files (x86)\Feature Manager\Feature_Manager.exe
O22 - Tasks: GoogleUpdateTaskMachineCore{59056055-EDAF-450F-9940-004CCBD12DC1} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{635AC837-FC5C-484E-BAAB-1E47FA32940F} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Tasks: MicrosoftEdgeShadowStackRollbackTask - C:\Program Files (x86)\Microsoft\Edge\Application\107.0.1418.26\Installer\setup.exe --handle-crash="$(ProcessPath)" (file missing)
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: OmApSvcBroker - C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1340785609-3455622099-763304044-1001 - C:\Users\ceoab\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: Feature Manager - C:\Program Files (x86)\Feature Manager\Feature_Manager.exe
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{59056055-EDAF-450F-9940-004CCBD12DC1} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{635AC837-FC5C-484E-BAAB-1E47FA32940F} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Tasks_Migrated: MicrosoftEdgeShadowStackRollbackTask - C:\Program Files (x86)\Microsoft\Edge\Application\107.0.1418.26\Installer\setup.exe --handle-crash="$(ProcessPath)" (file missing)
O22 - Tasks_Migrated: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks_Migrated: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks_Migrated: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks_Migrated: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks_Migrated: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks_Migrated: OmApSvcBroker - C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1340785609-3455622099-763304044-1001 - C:\Users\ceoab\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Arc Control Service - (IntelArcControlService) - C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe
O23 - Service R2: Intel(R) Audio Service - (IntelAudioService) - C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_12fcf13c64a54761\\AS\\IAS\\IntelAudioService.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3b8fcc474a0d597c\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_fd482888e9c3df70\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_5d2e576bb8443cb9\igfxCUIServiceN.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3 (1)\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.8 - (KSDE5.8) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe -r
O23 - Service R2: Micro Star SCM - C:\Windows\SysWOW64\MSIService.exe
O23 - Service R2: MSI Foundation Service - C:\Program Files (x86)\Feature Manager\MSIAPService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_31b6b410a25ec0b8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_31b6b410a25ec0b8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_19d333f59f2c41d3\RtkAudUService64.exe
O23 - Service R2: Thunderbolt(TM) Peer to Peer Shortcut - (TbtP2pShortcutService) - C:\WINDOWS\TbtP2pShortcutService.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3623bab62426ba87\Intel_PIE_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Futuremark SystemInfo Service - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3 (1)\x64\vssbridge64.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe


--
End of file - Time spent: 9,2 sec. - 49048 bytes, CRC32: FFFFFFFF. Sign: ⿁뻈
 
LeonS.Kennedy dedi:
Discord ve Deezer gibi şeyleri neden fixleyeyim hocam?
Genişletmek için tıkla...
Açılırken gereksiz çünkü.

ANKARALI BELA dedi:
Ayrıca başlangıçta da performans düşüşü hissediyorum.
Genişletmek için tıkla...
Bunları fixleyin:

Kod: 
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: Feature Manager - C:\Program Files (x86)\Feature Manager\Feature_Manager.exe
O22 - Tasks: OmApSvcBroker - C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1340785609-3455622099-763304044-1001 - C:\Users\ceoab\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks_Migrated: OmApSvcBroker - C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1340785609-3455622099-763304044-1001 - C:\Users\ceoab\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

Kişisel veriler hakkında bir ey diyemem onlar gelip geçmiştir olduysa. Kaspersky önceden kurulduysa önlemi almıştır. Değilse ileriki zamanlarda şüpheli şeyleri kontrol edip ilgili hesaplarınızı korumaya alabilirsiniz.
 
Son düzenleme:
Merhabalar ben oyunlarda ara ara %100 cpu kullanımı görüyorum. Sürekli oluyor normale dönüyor bir daha oluyor. Normal kullanımdada görev yöneticisi açtığımda %100 cpu görüyorum bir süre düşüyor sonra tekrar %100 oluyor. Crackli olarak birkaç adobe uygulaması kullanıyorum.
İşlemci 11400f Ekran Kartı olarak Rx 6500XT var. Darboğaz olduğunu düşünmüyorum.
Yardımlarınız için şimdiden teşekkür ederim.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.25

Platform:  x64 Windows 11 (Pro), 10.0.22621.1194 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      10.02.2023 - 20:46 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    11938 MiB Free (28 %). CPU Loading: (4 %)
Elevated:  Yes
Ran by:    Nssng    (group: Administrators) on NSSNG, FirstRun: yes

Chrome:  110.0.5481.77
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Steam\steamservice.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   1  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe
   1  C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
   8  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   4  C:\Program Files\LGHUB\lghub.exe
   1  C:\Program Files\LGHUB\lghub_agent.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   2  C:\Program Files\LGHUB\logi_crashpad_handler.exe
   1  C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
   1  C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.6.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3000.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Users\Nssng\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\cmd.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8f1ca5219e9493c\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\IPROSetMonitor.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\Sgrm\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  75  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\dllhost.exe
   2  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_74AE9ECCE8CC1CDF771139B6C53BDBA6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/10)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8f1ca5219e9493c\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2022/12/20)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2023/01/24)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - TroubleShooting: (EV) HKLM\..\Environment: [PSModulePath] = %ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files\Intel\Wired Networking\
O17 - DHCP DNS 1: 192.168.1.1
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks: GoogleUpdateTaskMachineCore{AE18A20E-BB3B-440F-911D-6BF087AA1068} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{8C63A961-72FE-45D1-B836-16499C41BC86} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: RTSS - C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe /s
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe $(Arg0) (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{AE18A20E-BB3B-440F-911D-6BF087AA1068} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{8C63A961-72FE-45D1-B836-16499C41BC86} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks_Migrated: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks_Migrated: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: RTSS - C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe /s
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Intel(R) PROSet Monitoring Service - C:\Windows\system32\IProsetMonitor.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: MSI Center Service - (MSI_Center_Service) - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
O23 - Service R2: MSI Voice Control Service - (MSI_VoiceControl_Service) - C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
O23 - Service R2: MSI_Case_Service - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
O23 - Service R2: MSI_Super_Charger_Service - C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8f1ca5219e9493c\RtkAudUService64.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S2: XTUOCDriverService - (XTU3SERVICE) - C:\WINDOWS\SysWOW64\XtuService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\110.0.5481.77\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe


--
End of file - Time spent: 9,9 sec. - 38462 bytes, CRC32: FFFFFFFF. Sign: 䘰묃
 
İyi Günler hocam 1 2 gün önce kaspersky free cloud ile bilgisayarımı tam şekilde taratırken Trojan.Win32.Hosts2.gen adında bir trojen buldu ve sildi fakat sistemimde kalıntılar olabilir mi merak ediyorum rica etsem benim için kontrol edebilir misiniz
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.18

Platform:  x64 Windows 11 (Pro), 10.0.22621.1194 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      13.02.2023 - 03:08 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    0xbla    (group: Administrators) on BECO-NECO-PC, FirstRun: yes

Chrome:  109.0.5414.120
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
   1  C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
   2  C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
   1  C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\Overwolf\0.218.0.8\OverwolfHelper.exe
   1  C:\Program Files (x86)\Common Files\Overwolf\0.218.0.8\OverwolfHelper64.exe
   1  C:\Program Files (x86)\Common Files\Steam\steamservice.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
   1  C:\Program Files (x86)\LightingService\LightingService.exe
   2  C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
   4  C:\Program Files (x86)\Overwolf\0.218.0.8\OverwolfBrowser.exe
   1  C:\Program Files (x86)\Overwolf\Overwolf.exe
   9  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
   1  C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
   1  C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
   1  C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
   1  C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
   1  C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
   2  C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe
  32  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
   1  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2304.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
   6  C:\Users\0xbla\AppData\Local\Discord\app-1.0.9010\Discord.exe
   1  C:\Users\0xbla\AppData\Local\Microsoft\OneDrive\23.023.0129.0002\FileCoAuth.exe
   1  C:\Users\0xbla\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\0xbla\AppData\Local\Overwolf\ProcessCache\0.218.0.8\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
   1  C:\Users\0xbla\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\DataExchangeHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_346bd04e375689ec\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0387206.inf_amd64_081d192bd0a4e0cb\B386218\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0387206.inf_amd64_081d192bd0a4e0cb\B386218\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\Sgrm\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  79  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

O1 - Hosts: ::1 localhost
O1 - Hosts.ICS: 127.0.0.1 localhost
O1 - Hosts.ICS: ::1 localhost
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_361\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_361\bin\ssv.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\0xbla\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2023/02/13)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2023/02/13)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_2176DE4668CCE185C5BCC506E69DFCC9] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/12)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\0xbla\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/13)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2023/02/13)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Task: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
O22 - Task: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
O22 - Task: \ASUS\ASUS AISuiteIII - C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe -schedule
O22 - Task: \ASUS\ASUS DIPAwayMode - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
O22 - Task: \ASUS\ASUSUpdateTaskMachineCore1d92e98afa76ae1 - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c
O22 - Task: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler
O22 - Task: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
O22 - Task: \ASUS\GpuFanHelper - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
O22 - Task: \Microsoft\Windows\CloudRestore\Restore - {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} - C:\WINDOWS\system32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - C:\WINDOWS\system32\IntelligentPwdlessTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Task: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: GoogleUpdateTaskMachineCore{ABA83771-E610-4D0A-8367-5BD82B18EB90} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA{50E4734C-AF30-472E-973E-C5ECA95FE9DA} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-3965386302-361511093-3195784799-1001 - C:\Users\0xbla\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
O22 - Task: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0387206.inf_amd64_081d192bd0a4e0cb\B386218\atiesrxx.exe
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe
O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iastorvd.inf_amd64_346bd04e375689ec\RstMwService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe
O23 - Service R3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc
O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe


--
End of file - Time spent: 5,7 sec. - 43584 bytes, CRC32: FFFFFFFF. Sign: 㞹쁈
 
Nssng dedi:
Crackli olarak birkaç adobe uygulaması kullanıyorum.
Genişletmek için tıkla...
Bunlar genelde zararlı olabiliyor. Kaspersky ile tam tarama yaptığınızda tespit etmiyorsa sorun yok ediyorsa da kimliği bildirin kontrol edeyim.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_74AE9ECCE8CC1CDF771139B6C53BDBA6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/10)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (telemetry) \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks_Migrated: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks_Migrated: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

MSI gereksiz araçlarını kaldırın.

BlackOwl34 dedi:
İyi günler hocam 1/2 gün önce Kaspersky Free Cloud ile bilgisayarımı tam şekilde taratırken Trojan.Win32.Hosts2.gen adında bir trojan buldu ve sildi fakat sistemimde kalıntılar olabilir mi merak ediyorum rica etsem benim için kontrol edebilir misiniz?
Genişletmek için tıkla...
Belirtmeniz iyi oldu bu genelde bir zarrlı olmuyor hosts dosyasının değişmesi ile uyarılan bir durum. Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_2176DE4668CCE185C5BCC506E69DFCC9] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/12)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
 
Son düzenleme:
Murat5038 dedi:
Bunlar genelde zararlı olabiliyor. Kaspersky ile tam tarama yaptığınızda tespit etmiyorsa sorun yok ediyorsa da kimliği bildirin kontrol edeyim.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_74AE9ECCE8CC1CDF771139B6C53BDBA6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/10)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (telemetry) \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks_Migrated: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks_Migrated: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

MSI gereksiz araçlarını kaldırın.


Belirtmeniz iyi oldu bu genelde bir zarrlı olmuyor hosts dosyasının değişmesi ile uyarılan bir durum. Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_2176DE4668CCE185C5BCC506E69DFCC9] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/12)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Genişletmek için tıkla...
hocam birşey sorucam bunu soralı 2 gün oldu uygulamayı kapattım tekrar tarama yaptıgım zaman farklı bir kod yığını çıkıyor nasıl yaparım
 
Murat5038 dedi:
Bunlar genelde zararlı olabiliyor. Kaspersky ile tam tarama yaptığınızda tespit etmiyorsa sorun yok ediyorsa da kimliği bildirin kontrol edeyim.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_74AE9ECCE8CC1CDF771139B6C53BDBA6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/10)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (telemetry) \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Tasks_Migrated: MSI Task Host - FixNorton.exe - C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe
O22 - Tasks_Migrated: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1333787283-2322133202-99207257-1001 - C:\Users\Nssng\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting

MSI gereksiz araçlarını kaldırın.


Belirtmeniz iyi oldu bu genelde bir zarrlı olmuyor hosts dosyasının değişmesi ile uyarılan bir durum. Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_2176DE4668CCE185C5BCC506E69DFCC9] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/12)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Genişletmek için tıkla...
Kaspersky ile tarama yaptığımda herhangi bi zararlı bulmuyor hocam geri dönüşünüz için teşekkür ederim msi centerın hizmetlerinden biri yapıyormuş siz yazmadan önce yaptığım denemelerde farkettim ve yazılımı ve hizmetlerini tamamen kaldırdım. Şuan bir sıkıntı gözükmüyor işlemci kullanımında.
 
Nssng dedi:
msi centerın hizmetlerinden biri yapıyormuş siz yazmadan önce yaptığım denemelerde farkettim ve yazılımı ve hizmetlerini tamamen kaldırdım.
Genişletmek için tıkla...
Altta belirtmiştim zaten :) Kaldırın diye.

BlackOwl34 dedi:
Hocam bir şey soracağım bunu soralı 2 gün oldu uygulamayı kapattım tekrar tarama yaptığım zaman farklı bir kod yığını çıkıyor nasıl yaparım?
Genişletmek için tıkla...
Farklı kod dediğiniz hangisi? Rapor mu farklı çıkıyor. Dediklerimi fixlediniz mi?
 

Benzer konular

Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
637
acv
A
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5B
quarest
quarest
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
10B
Windows 11 Bükücü
Windows 11 Bükücü
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
2B
Murat5038
Murat5038
B
Trojan ve Keylogger Temizleme
Mesaj
3
Görüntüleme
4B
Murat5038
Murat5038

Yeni konular

Yeni mesajlar

Geri
Yukarı