Windows 10 güncellemesi yaptıktan sonra bilgisayar yavaşladı
- Konuyu başlatan XFalcon
- Başlangıç Tarihi
- Mesaj 13
- Görüntüleme 3.481
EmreSploit
Hectopat
Raporları paylaş. @Murat5038
Rehber: HijackThis Log Paylaşımı ve Çözümleri
Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir...
GetSystemInfo Rapor Oluşturma Resimli Anlatım
Yeni sürümü buradan indirip çalıştırın. https://media.kaspersky.com/utilities/ConsumerUtilities/GSI-6.2.2.43.zip Accept seçip sözleşmeyi kabul edeceksiniz. Alttaki kısımda "..." kısımdan zip/rar dosyasının nereye çıkartmak istiyorsanız seçebilirsiniz. Tikleri işaretleyin ve Start'a basın...
KS
KS
XFalcon
Hectopat
- Katılım
- 27 Mayıs 2018
- Mesajlar
- 28
Kod:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Pro), 10.0.18362.295 (ReleaseId: 1903), Service Pack: 0
Time: 31.08.2019 - 10:50 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Umutcan (group: Administrator) on DESKTOP-OMQK7IC, FirstRun: yes
Chrome: 76.0.3809.132
Edge: 11.0.18362.267
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
1 C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
1 C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
1 C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
1 C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
1 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
1 C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe
14 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WinRAR\WinRAR.exe
1 C:\Program Files\WinZip\FAHWindow64.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Users\Umutcan\Desktop\HiJackThis\HiJackThis.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\msdtc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
2 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\explorer.exe
1 F:\LWS\Webcam Software\CameraHelperShell.exe
1 F:\LWS\Webcam Software\LWS.exe
1 F:\Origin\OriginWebHelperService.exe
1 F:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [Discord] = C:\Users\Umutcan\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = F:\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [com.blitz.app] = C:\Users\Umutcan\AppData\Local\Blitz\Update.exe --processStart "Blitz.exe" --process-start-args "--hidden"
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Umutcan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/06/13)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Umutcan\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2018/06/13)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\Umutcan\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2018/06/13)
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [WinZip FAH] = C:\Program Files\WinZip\FAHConsole.exe
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2018/07/22)
O4 - HKLM\..\StartupApproved\Run: [WinZip PreLoader] = C:\Program Files\WinZip\WzPreloader.exe (2018/06/13)
O4 - HKLM\..\StartupApproved\Run: [WinZip UN] = C:\Program Files\WinZip\WZUpdateNotifier.exe -show (2018/06/13)
O4-32 - HKLM\..\Run: [BCSSync] = C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices
O4-32 - HKLM\..\Run: [LWS] = F:\LWS\Webcam Software\LWS.exe -hide
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) Intel PTT EK Recertification.job - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe
O22 - Task (.job): gxx speed launcher.job - C:\Program Files (x86)\Garena\Garena\Garena.exe -silentlaunch -gxxsvclaunch
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service R2: ASUS System Control Service - (AsSysCtrlService) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
O23 - Service R2: Garena platform service - (GarenaPlatform) - C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe run
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - F:\Origin\OriginWebHelperService.exe
O23 - Service R2: QMEmulatorService - F:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service S2: SetupARService - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Origin Client Service - F:\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
--
End of file - Time spent: 18,6 sec. - 25064 bytes, CRC32: FFFFFFFF. Sign: ॵ펣
Kod:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
AO Kaspersky Lab
Kaspersky Get System Info 6.2.0.427
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 10:52:38 INFO StartupPath: C:\Users\Umutcan\AppData\Local\Temp\s130
31.08.2019 10:52:38 INFO Current culture: tr-TR
31.08.2019 10:52:38 INFO SilentMode: True
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 10:52:38 DEBUG Program.Run() is invoked
31.08.2019 10:52:38 DEBUG MGsiApplication constructor is invoked
31.08.2019 10:52:38 DEBUG Exceptions list is cleared
31.08.2019 10:52:38 DEBUG Directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo" isn't existed
31.08.2019 10:52:38 DEBUG Directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo" is created
31.08.2019 10:52:38 DEBUG Attribute Hidden is set for dirrectory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo"
31.08.2019 10:52:39 INFO Set Full Access to directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo"
31.08.2019 10:52:39 DEBUG Directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache" isn't existed
31.08.2019 10:52:39 DEBUG Directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache" is created
31.08.2019 10:52:39 DEBUG Attribute Hidden is set for dirrectory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache"
31.08.2019 10:52:39 INFO Set Full Access to directory "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache"
31.08.2019 10:52:39 INFO Temp environment for "Get System Information" tool is created.
31.08.2019 10:52:39 INFO 40 application modules were loaded:
ModuleName: "Load module" Enabled: Getting System Information Priority:True
ModuleName: "Load module" Enabled: Executing AVZ Priority:True
ModuleName: "Load module" Enabled: Get the "Updater" task report Priority:True
ModuleName: "Load module" Enabled: Get the "Scan My Computer" task report Priority:True
ModuleName: "Load module" Enabled: Windows update log collecting Priority:True
ModuleName: "Load module" Enabled: Overview of Kaspersky Lab files in Application Data Priority:True
ModuleName: "Load module" Enabled: Getting information about versions of databases files for Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Getting information about versions of drivers of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Getting information about versions of modules of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Getting information about versions of modules from Program Data of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Collecting console output of "klnagchk.exe" Priority:True
ModuleName: "Load module" Enabled: Network diagnostics Priority:True
ModuleName: "Load module" Enabled: InstalledDotNetFrameworksInfoExtractor Priority:True
ModuleName: "Load module" Enabled: InstalledSoftwareInformationExtractor Priority:True
ModuleName: "Load module" Enabled: Collecting the "avp.com" settings Priority:True
ModuleName: "Load module" Enabled: Collecting the "avp.com" task statistics Priority:True
ModuleName: "Load module" Enabled: Collecting "Kavremover" logs Priority:True
ModuleName: "Load module" Enabled: Collecting tiny dumps Priority:True
ModuleName: "Load module" Enabled: Collecting logs of patches of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Collecting logs of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: Collecting update status files Priority:True
ModuleName: "Load module" Enabled: Overview of Kaspersky Security Center dump files Priority:True
ModuleName: "Load module" Enabled: Collecting NTFS junction points from Application Data Priority:True
ModuleName: "Load module" Enabled: Collecting "Kleaner" logs Priority:True
ModuleName: "Load module" Enabled: Collecting error logs of Microsoft SQL Server Priority:True
ModuleName: "Load module" Enabled: Collecting Microsoft .NET Framework setup logs Priority:True
ModuleName: "Load module" Enabled: Collecting versions of hotfixes of Kaspersky Lab products Priority:True
ModuleName: "Load module" Enabled: ControlRegistryPathExtractor Priority:True
ModuleName: "Load module" Enabled: ServicesRegistryPathExtractor Priority:True
ModuleName: "Load module" Enabled: ProductRegistryPathExtraction Priority:True
ModuleName: "Load module" Enabled: Getting information about versions of plug-ins of Kaspersky Security Center Priority:True
ModuleName: "Load module" Enabled: Collecting setup API logs Priority:True
ModuleName: "Load module" Enabled: Collecting Windows event logs Priority:True
ModuleName: "Load module" Enabled: ChromeFeatureExtractor Priority:True
ModuleName: "Load module" Enabled: MSIESearchScopes Priority:True
ModuleName: "Load module" Enabled: IEFeaturesExtractor Priority:True
ModuleName: "Load module" Enabled: MSIERegistryPathExtractor Priority:True
ModuleName: "Load module" Enabled: FirefoxFeatureExtractor Priority:False
ModuleName: "Load module" Enabled: Collecting Mozilla Firefox files Priority:False
ModuleName: "Load module" Enabled: Detecting of incompatible software Priority:True
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 10:52:39 DEBUG MGsiApplication.InitializeBackgroundWorkers() is invoked
31.08.2019 10:52:39 DEBUG MGsiApplication.InitializeCancellatedBgWorker() is invoked
31.08.2019 10:52:39 DEBUG MGsiApplication.InitializeCancellatedBgWorker() is invoked
31.08.2019 10:52:39 DEBUG MGsiApplication instance is created
31.08.2019 10:52:39 DEBUG Program.Run() is invoked
31.08.2019 10:52:39 DEBUG Operating System IETF language code is tr-TR
31.08.2019 10:52:39 DEBUG Localized EULA file name is "LicAgreementEn.rtf"
31.08.2019 10:52:39 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 10:52:39 DEBUG Localized EULA file path is "C:\Users\Umutcan\AppData\Local\Temp\s130\LicAgreementEn.rtf"
31.08.2019 10:52:39 DEBUG Localized EULA file has been found
31.08.2019 10:52:41 DEBUG Loaded font name is "Tahoma"
31.08.2019 10:52:41 DEBUG Tahoma was found. Use it for controls.
31.08.2019 10:52:41 DEBUG Tahoma was found. Use it for controls.
31.08.2019 10:52:41 DEBUG Tahoma was found. Use it for controls.
31.08.2019 10:52:44 DEBUG Output path is "C:\Users\Umutcan\Desktop\GSI6_DESKTOP-OMQK7IC_Umutcan_08_31_2019_10_52_38.zip"
31.08.2019 10:52:44 DEBUG Rooted output path is "C:\Users\Umutcan\Desktop\GSI6_DESKTOP-OMQK7IC_Umutcan_08_31_2019_10_52_38.zip"
31.08.2019 10:52:44 INFO Enter to critical area...
31.08.2019 10:52:44 INFO Data extracting started.
31.08.2019 10:52:44 INFO Starting module: Getting System Information
31.08.2019 10:52:44 INFO Old Get System Info arguments: "/EULA=1 /qn /l=3 /path="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo""
31.08.2019 10:52:44 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 10:52:44 INFO The old version of Get System Information PE is extracted at path: "C:\Users\Umutcan\AppData\Local\Temp\s130\GetSystemInfo.exe"
31.08.2019 10:52:44 INFO The old version of Get System Information PE is started.
31.08.2019 10:52:44 DEBUG Command-line format for arguments in the old Get System Information version is "/EULA=1 /qn /l=3 /path="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo""
31.08.2019 10:53:39 INFO The old version of Get System Information PE is finished.
31.08.2019 10:53:39 INFO Finished module: Getting System Information
31.08.2019 10:53:39 INFO Starting module: Executing AVZ
31.08.2019 10:53:40 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 10:53:40 DEBUG SpinWait timeout = 00:30:00 pollingInterval = 00:00:00.1000000
31.08.2019 10:53:40 DEBUG Elapsed time is 100
31.08.2019 10:53:40 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 10:53:40 INFO The old version of Get System Information PE is extracted at path: "C:\Users\Umutcan\AppData\Local\Temp\s130\GetSystemInfo.exe"
31.08.2019 10:53:40 INFO The old version of Get System Information PE is started.
31.08.2019 10:53:40 DEBUG Command-line format for arguments in the old Get System Information version is "/unpack /format=7z /destinationPath="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\avz" /archivePath="C:\Users\Umutcan\AppData\Local\Temp\s130\avz.7z""
31.08.2019 10:53:41 INFO The old version of Get System Information PE is finished.
31.08.2019 10:53:41 INFO AVZ extracted at path "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\avz\avz.exe"
31.08.2019 11:00:55 INFO File "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\avz\avz.exe" executed with arguments "Script="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\avz\asa.avz" HiddenMode="3" SpoolLog="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\avz.log" TempFolder="C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\AvzTemp" ".
31.08.2019 11:00:55 INFO Finished module: Executing AVZ
31.08.2019 11:00:55 INFO Starting module: Get the "Updater" task report
31.08.2019 11:00:55 INFO Start searching for "avp.com" in "C:\Program Files".
31.08.2019 11:00:55 INFO The "C:\Program Files" directory exists.
31.08.2019 11:00:55 INFO Search avp.com pattern: "C:\Program Files\*\avp.com"
31.08.2019 11:00:55 WARNING An exception skipped: System.UnauthorizedAccessException: 'C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Configuration' yoluna erişim reddedildi.
konum: System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
konum: System.IO.FileSystemEnumerableIterator`1.AddSearchableDirsToStack(SearchData localSearchData)
konum: System.IO.FileSystemEnumerableIterator`1.MoveNext()
konum: System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
konum: System.IO.Directory.GetFiles(String path, String searchPattern, SearchOption searchOption)
konum: KasperskySystemInspector.Model.CommonUtilites.StandardClassesExtensions.PathUtilites.GetFilesByPattern(String pattern, SearchOption searchOptionrOption)
for files search for path
31.08.2019 11:00:55 WARNING An exception skipped: System.UnauthorizedAccessException: 'C:\Program Files\Windows NT\Donatılar' yoluna erişim reddedildi.
konum: System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
konum: System.IO.FileSystemEnumerableIterator`1.AddSearchableDirsToStack(SearchData localSearchData)
konum: System.IO.FileSystemEnumerableIterator`1.MoveNext()
konum: System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
konum: System.IO.Directory.GetFiles(String path, String searchPattern, SearchOption searchOption)
konum: KasperskySystemInspector.Model.CommonUtilites.StandardClassesExtensions.PathUtilites.GetFilesByPattern(String pattern, SearchOption searchOptionrOption)
for files search for path
31.08.2019 11:01:00 INFO Founded 0 avp.com files.
31.08.2019 11:01:00 INFO Start searching for "avp.com" in "C:\Program Files (x86)".
31.08.2019 11:01:00 INFO The "C:\Program Files (x86)" directory exists.
31.08.2019 11:01:00 INFO Search avp.com pattern: "C:\Program Files (x86)\*\avp.com"
31.08.2019 11:01:02 INFO Founded 0 avp.com files.
31.08.2019 11:01:02 INFO The "avp.com" file is not found.
31.08.2019 11:01:02 INFO Finished module: Get the "Updater" task report
31.08.2019 11:01:02 INFO Starting module: Get the "Scan My Computer" task report
31.08.2019 11:01:02 INFO The "avp.com" file is not found.
31.08.2019 11:01:02 INFO Finished module: Get the "Scan My Computer" task report
31.08.2019 11:01:02 INFO Starting module: Windows update log collecting
31.08.2019 11:01:02 INFO Windows update log collecting: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:02 INFO List of templates to collect:
31.08.2019 11:01:02 INFO Microsoft Windows 10 RS1 plus detected. Collect the windowsupdate.log by Microsoft PowerShell
31.08.2019 11:01:02 DEBUG WindowsUpdate log path is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\WindowsUpdateLog\windowsupdate.log"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:02 INFO The PowerShell script that will be executed:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Get-WindowsUpdateLog -LogPath "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\WindowsUpdateLog\windowsupdate.log"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO Starting module: Overview of Kaspersky Lab files in Application Data
31.08.2019 11:01:07 INFO Overview of Kaspersky Lab files in Application Data: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO List of templates to collect:
SearchPattern:C:\ProgramData\Kaspersky Lab\*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*" aren't found
31.08.2019 11:01:07 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO Finished module: Overview of Kaspersky Lab files in Application Data
31.08.2019 11:01:07 INFO Starting module: Getting information about versions of databases files for Kaspersky Lab products
31.08.2019 11:01:07 INFO ExtractData started:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO NeedWow64FsRedirectionDisable:False
31.08.2019 11:01:07 INFO FilesSearchOptions:AllDirectories
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO The scope of the "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" directory
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.dll.*".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.exe.*".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.sys.*".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.kdl.*".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.enc1.*".
31.08.2019 11:01:07 INFO The scope of the "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" directory
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.dll.*".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.exe.*".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.sys.*".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.kdl.*".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*\Bases\Cache\" found 0 files for pattern "*.enc1.*".
31.08.2019 11:01:07 INFO Finished module: Getting information about versions of databases files for Kaspersky Lab products
31.08.2019 11:01:07 INFO Starting module: Getting information about versions of drivers of Kaspersky Lab products
31.08.2019 11:01:07 INFO ExtractData started:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO NeedWow64FsRedirectionDisable:True
31.08.2019 11:01:07 INFO FilesSearchOptions:TopDirectoryOnly
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO Wow64 FileSystem Redirection is disabled.
31.08.2019 11:01:07 INFO The scope of the "C:\WINDOWS\system32\drivers" directory
31.08.2019 11:01:07 INFO At path "C:\WINDOWS\system32\drivers" found 0 files for pattern "kl*.sys".
31.08.2019 11:01:07 INFO At path "C:\WINDOWS\system32\drivers" found 0 files for pattern "kneps.sys".
31.08.2019 11:01:07 INFO At path "C:\WINDOWS\system32\drivers" found 0 files for pattern "cm_km*.sys".
31.08.2019 11:01:07 INFO Finished module: Getting information about versions of drivers of Kaspersky Lab products
31.08.2019 11:01:07 INFO Starting module: Getting information about versions of modules of Kaspersky Lab products
31.08.2019 11:01:07 INFO ExtractData started:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO NeedWow64FsRedirectionDisable:False
31.08.2019 11:01:07 INFO FilesSearchOptions:TopDirectoryOnly
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO The scope of the "C:\Program Files\Kaspersky Lab\*\*" directory
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO The scope of the "C:\Program Files\Kaspersky Lab\*\*\*" directory
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\Program Files\Kaspersky Lab\*\*\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO The scope of the "C:\Program Files (x86)\Kaspersky Lab\*\*" directory
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO The scope of the "C:\Program Files (x86)\Kaspersky Lab\*\*\*" directory
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\Program Files (x86)\Kaspersky Lab\*\*\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO Finished module: Getting information about versions of modules of Kaspersky Lab products
31.08.2019 11:01:07 INFO Starting module: Getting information about versions of modules from Program Data of Kaspersky Lab products
31.08.2019 11:01:07 INFO ExtractData started:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO NeedWow64FsRedirectionDisable:False
31.08.2019 11:01:07 INFO FilesSearchOptions:TopDirectoryOnly
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:01:07 INFO The scope of the "C:\ProgramData\Kaspersky Lab\*" directory
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\ProgramData\Kaspersky Lab\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO The scope of the "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" directory
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" found 0 files for pattern "*.dll".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" found 0 files for pattern "*.exe".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" found 0 files for pattern "*.sys".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" found 0 files for pattern "*.kdl".
31.08.2019 11:01:07 INFO At path "C:\Users\Umutcan\AppData\Roaming\Kaspersky Lab\*" found 0 files for pattern "*.enc1".
31.08.2019 11:01:07 INFO Finished module: Getting information about versions of modules from Program Data of Kaspersky Lab products
31.08.2019 11:01:07 INFO Starting module: Collecting console output of "klnagchk.exe"
31.08.2019 11:01:07 INFO Finished module: Collecting console output of "klnagchk.exe"
31.08.2019 11:01:07 INFO Starting module: Network diagnostics
31.08.2019 11:01:07 INFO Execute network diagnostics commands
31.08.2019 11:01:07 INFO ACP is 1254
31.08.2019 11:01:07 INFO EncodingName is "Türkçe (Windows)"
31.08.2019 11:01:07 DEBUG Temporary ASCII file name is "uor1l11y.qck"
31.08.2019 11:01:07 DEBUG Temporary file for network diagnostic command execution is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\uor1l11y.qck"
31.08.2019 11:01:07 DEBUG Temporary ASCII file name is "n0v1mlrf.s3b"
31.08.2019 11:01:07 DEBUG cmd arguments are "/C " "tracert" activation-v2.kaspersky.com >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\uor1l11y.qck" ""
31.08.2019 11:01:07 DEBUG Temporary file for network diagnostic command execution is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\n0v1mlrf.s3b"
31.08.2019 11:01:07 DEBUG Temporary ASCII file name is "vhp4dinf.h4b"
31.08.2019 11:01:07 DEBUG Temporary file for network diagnostic command execution is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\vhp4dinf.h4b"
31.08.2019 11:01:07 DEBUG cmd arguments are "/C " "tracert" dnl-00.geo.kaspersky.com >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\n0v1mlrf.s3b" ""
31.08.2019 11:01:07 DEBUG cmd arguments are "/C " "ipconfig" /all >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\vhp4dinf.h4b" ""
31.08.2019 11:02:19 INFO Convert ASCII-file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\uor1l11y.qck" to unicode file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt"
31.08.2019 11:02:19 DEBUG ASII to UNICODE conversion cmd.exe arguments is "/u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\uor1l11y.qck""""
31.08.2019 11:02:19 DEBUG cmd arguments are "/C " "C:\WINDOWS\system32\cmd.exe" /u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\uor1l11y.qck""" >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt" ""
31.08.2019 11:02:19 INFO Convert ASCII-file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\n0v1mlrf.s3b" to unicode file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt"
31.08.2019 11:02:19 DEBUG ASII to UNICODE conversion cmd.exe arguments is "/u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\n0v1mlrf.s3b""""
31.08.2019 11:02:19 DEBUG cmd arguments are "/C " "C:\WINDOWS\system32\cmd.exe" /u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\n0v1mlrf.s3b""" >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt" ""
31.08.2019 11:02:19 INFO Convert ASCII-file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\vhp4dinf.h4b" to unicode file "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt"
31.08.2019 11:02:19 DEBUG ASII to UNICODE conversion cmd.exe arguments is "/u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\vhp4dinf.h4b""""
31.08.2019 11:02:19 DEBUG cmd arguments are "/C " "C:\WINDOWS\system32\cmd.exe" /u /c "type ""C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\vhp4dinf.h4b""" >> "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Network_diagnostics.txt" ""
31.08.2019 11:02:19 INFO Finished module: Network diagnostics
31.08.2019 11:02:19 INFO Starting module: InstalledDotNetFrameworksInfoExtractor
31.08.2019 11:02:19 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HCR_Net_Frameworks.reg" file.
31.08.2019 11:02:19 INFO Extraction of registry image is complete.
31.08.2019 11:02:19 INFO Finished module: InstalledDotNetFrameworksInfoExtractor
31.08.2019 11:02:19 INFO Starting module: InstalledSoftwareInformationExtractor
31.08.2019 11:02:19 INFO Extracting registry image from "HKEY_CLASSES_ROOT\Installer\Products\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HCR_Installer_Products.reg" file.
31.08.2019 11:02:19 INFO Extraction of registry image is complete.
31.08.2019 11:02:19 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_Wow6432Node_Uninstall.reg" file.
31.08.2019 11:02:19 INFO Extraction of registry image is complete.
31.08.2019 11:02:19 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_Uninstall.reg" file.
31.08.2019 11:02:20 INFO Extraction of registry image is complete.
31.08.2019 11:02:20 INFO Finished module: InstalledSoftwareInformationExtractor
31.08.2019 11:02:20 INFO Starting module: Collecting the "avp.com" settings
31.08.2019 11:02:20 INFO The "avp.com" file is not found.
31.08.2019 11:02:20 INFO Finished module: Collecting the "avp.com" settings
31.08.2019 11:02:20 INFO Starting module: Collecting the "avp.com" task statistics
31.08.2019 11:02:20 INFO The "avp.com" file is not found.
31.08.2019 11:02:20 INFO Finished module: Collecting the "avp.com" task statistics
31.08.2019 11:02:20 INFO Starting module: Collecting "Kavremover" logs
31.08.2019 11:02:20 INFO Collecting "Kavremover" logs: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\kavrem*.log;DisableWow64Redirect:True;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\kavrem*.log;DisableWow64Redirect:True;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\kavrem*.log;DisableWow64Redirect:True;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\kavrem*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\kavrem*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\kavrem*.log" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Collecting "Kavremover" logs: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:20 INFO Finished module: Collecting "Kavremover" logs
31.08.2019 11:02:20 INFO Starting module: Collecting tiny dumps
31.08.2019 11:02:20 INFO Collecting tiny dumps: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\ProgramData\Kaspersky Lab\*.tiny.dmp*;DisableWow64Redirect:True;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*.tiny.dmp*" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Collecting tiny dumps: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:20 INFO Finished module: Collecting tiny dumps
31.08.2019 11:02:20 INFO Starting module: Collecting logs of patches of Kaspersky Lab products
31.08.2019 11:02:20 INFO Collecting logs of patches of Kaspersky Lab products: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\kavpatcher.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\KESpatch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\ak_patch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\kavpatcher.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\KESpatch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\ak_patch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\kavpatcher.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\KESpatch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\ak_patch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\kavpatcher.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\KESpatch*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\ak_patch*;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\kavpatcher.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\KESpatch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\ak_patch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\kavpatcher.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\KESpatch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\ak_patch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\kavpatcher.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\KESpatch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\ak_patch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\kavpatcher.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\KESpatch*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\ak_patch*" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Collecting logs of patches of Kaspersky Lab products: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:20 INFO Finished module: Collecting logs of patches of Kaspersky Lab products
31.08.2019 11:02:20 INFO Starting module: Collecting logs of Kaspersky Lab products
31.08.2019 11:02:20 INFO Collecting logs of Kaspersky Lab products: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\kl*.log*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\$kl*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\kav8wsee*.log*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\kl*.log*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\$kl*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\kav8wsee*.log*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\kl*.log*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\$kl*;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\kav8wsee*.log*;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\kl*.log*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\$kl*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\kav8wsee*.log*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\kl*.log*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\$kl*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\kav8wsee*.log*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\kl*.log*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\$kl*" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\kav8wsee*.log*" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Collecting logs of Kaspersky Lab products: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:20 INFO Finished module: Collecting logs of Kaspersky Lab products
31.08.2019 11:02:20 INFO Starting module: Collecting update status files
31.08.2019 11:02:20 INFO Collecting update status files : ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\ProgramData\Kaspersky Lab\*\Data\u0607g.xml;DisableWow64Redirect:True;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\*\Data\u1313g.xml;DisableWow64Redirect:True;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*\Data\u0607g.xml" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*\Data\u1313g.xml" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Collecting update status files : ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:20 INFO Finished module: Collecting update status files
31.08.2019 11:02:20 INFO Starting module: Overview of Kaspersky Security Center dump files
31.08.2019 11:02:20 INFO Overview of Kaspersky Security Center dump files: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\WINDOWS\Minidump\*.dmp;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\MEMORY.dmp;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.dmp;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.enc1;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.dmp;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.enc1;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\*.dmp;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\*.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\ProgramData\Kaspersky Lab\*.enc1;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Minidump\*.dmp" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\MEMORY.dmp" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.dmp" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.txt" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files\Kaspersky Lab\Kaspersky Security Center\~dumps\*.enc1" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.dmp" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.txt" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center\~dumps\*.enc1" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*.dmp" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*.txt" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\ProgramData\Kaspersky Lab\*.enc1" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO Finished module: Overview of Kaspersky Security Center dump files
31.08.2019 11:02:20 INFO Starting module: Collecting NTFS junction points from Application Data
31.08.2019 11:02:20 INFO Junction points collection is started for the "C:\ProgramData" directory.
31.08.2019 11:02:20 INFO Drive "C:\" has File System "NTFS"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Adobe"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Application Data"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\ASUS"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Belgeler"
31.08.2019 11:02:20 INFO "C:\ProgramData\Belgeler" is Junction Point
31.08.2019 11:02:20 INFO "C:\ProgramData\Belgeler" targeted to "C:\Users\Public\Documents"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\BlueStacks"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\boost_interprocess"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Comms"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Desktop"
31.08.2019 11:02:20 INFO "C:\ProgramData\Desktop" is Junction Point
31.08.2019 11:02:20 INFO "C:\ProgramData\Desktop" targeted to "C:\Users\Public\Desktop"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\DynEd"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Electronic Arts"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Epic"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Garena"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\GRETECH"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Intel"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\KONAMI"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\LogiShrd"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\LogMeIn"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Malwarebytes"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Microsoft"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Microsoft Help"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Microsoft OneDrive"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\NVIDIA"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\NVIDIA Corporation"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Oracle"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Origin"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Package Cache"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Packages"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\PUBG"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\regid.1991-06.com.microsoft"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Riot Games"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\s6os"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\s934"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\sa4c"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\sa4k"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Samsung"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\sanc"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\SoftwareDistribution"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Start Menu"
31.08.2019 11:02:20 INFO "C:\ProgramData\Start Menu" is Junction Point
31.08.2019 11:02:20 INFO "C:\ProgramData\Start Menu" targeted to "C:\ProgramData\Microsoft\Windows\Start Menu"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Templates"
31.08.2019 11:02:20 INFO "C:\ProgramData\Templates" is Junction Point
31.08.2019 11:02:20 INFO "C:\ProgramData\Templates" targeted to "C:\ProgramData\Microsoft\Windows\Templates"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\Tencent"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\TruckersMP"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\UniqueId"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\USOPrivate"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\USOShared"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\WEBZEN"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\WindowsHolographicDevices"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\WinZip"
31.08.2019 11:02:20 DEBUG Check for exists directory "C:\ProgramData\X360CE"
31.08.2019 11:02:20 INFO Junction points list is written to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Junction_ProgramData_DESKTOP-OMQK7IC.txt" file.
31.08.2019 11:02:20 INFO Execution of NtfsJunctionListCollectorBase::ExtractData for "C:\ProgramData" directory is complete.
31.08.2019 11:02:20 INFO Finished module: Collecting NTFS junction points from Application Data
31.08.2019 11:02:20 INFO Starting module: Collecting "Kleaner" logs
31.08.2019 11:02:20 INFO Collecting "Kleaner" logs: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 INFO List of templates to collect:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\kleaner*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\Temp\kleaner*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\kleaner*.log;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\kleaner*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\WINDOWS\Temp\kleaner*.log" aren't found
31.08.2019 11:02:20 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\kleaner*.log" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO Collecting "Kleaner" logs: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:21 INFO Finished module: Collecting "Kleaner" logs
31.08.2019 11:02:21 INFO Starting module: Collecting error logs of Microsoft SQL Server
31.08.2019 11:02:21 INFO Collecting error logs of Microsoft SQL Server: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO List of templates to collect:
SearchPattern:C:\Program Files\Microsoft SQL Server\*\MSSQL\Log\ERRORLOG*;DisableWow64Redirect:True;AdditionalData:X64
SearchPattern:C:\Program Files (x86)\Microsoft SQL Server\*\MSSQL\Log\ERRORLOG*;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Program Files\Microsoft SQL Server\*\MSSQL\Log\ERRORLOG*" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Program Files (x86)\Microsoft SQL Server\*\MSSQL\Log\ERRORLOG*" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO Collecting error logs of Microsoft SQL Server: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:21 INFO Finished module: Collecting error logs of Microsoft SQL Server
31.08.2019 11:02:21 INFO Starting module: Collecting Microsoft .NET Framework setup logs
31.08.2019 11:02:21 INFO Collecting Microsoft .NET Framework setup logs : ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO List of templates to collect:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\dd_dotNetFx*_*_x86_x64_decompression_log.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\dd_SetupUtility.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\Microsoft .NET Framework *Setup*.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Local\Temp\Microsoft .NET Framework *Setup*.html;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\dd_dotNetFx*_*_x86_x64_decompression_log.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\dd_SetupUtility.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\Microsoft .NET Framework *Setup*.txt;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\Users\Umutcan\AppData\Temp\Microsoft .NET Framework *Setup*.html;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\dd_dotNetFx*_*_x86_x64_decompression_log.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\dd_SetupUtility.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\Microsoft .NET Framework *Setup*.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Local\Temp\Microsoft .NET Framework *Setup*.html" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\dd_dotNetFx*_*_x86_x64_decompression_log.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\dd_SetupUtility.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\Microsoft .NET Framework *Setup*.txt" aren't found
31.08.2019 11:02:21 DEBUG The files by pattern "C:\Users\Umutcan\AppData\Temp\Microsoft .NET Framework *Setup*.html" aren't found
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO Collecting Microsoft .NET Framework setup logs : ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 0 files.
31.08.2019 11:02:21 INFO Finished module: Collecting Microsoft .NET Framework setup logs
31.08.2019 11:02:21 INFO Starting module: Collecting versions of hotfixes of Kaspersky Lab products
31.08.2019 11:02:21 INFO Products info collector start.
31.08.2019 11:02:21 INFO Environment registry keys:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:21 INFO Execution of ProductInfoCollector is complete.
31.08.2019 11:02:21 INFO Finished module: Collecting versions of hotfixes of Kaspersky Lab products
31.08.2019 11:02:21 INFO Starting module: ControlRegistryPathExtractor
31.08.2019 11:02:21 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_System_CurrentControlSet_Control.reg" file.
31.08.2019 11:02:21 INFO Extraction of registry image is complete.
31.08.2019 11:02:21 INFO Finished module: ControlRegistryPathExtractor
31.08.2019 11:02:21 INFO Starting module: ServicesRegistryPathExtractor
31.08.2019 11:02:21 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_System_CurrentControlSet_Services.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Finished module: ServicesRegistryPathExtractor
31.08.2019 11:02:22 INFO Starting module: ProductRegistryPathExtraction
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\KasperskyLab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_KasperskyLab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Wow6432Node\KasperskyLab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_Wow6432Node_KasperskyLab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\KasperskyLab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKCU_Software_KasperskyLab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Wow6432Node\KasperskyLab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKCU_Software_Wow6432Node_KasperskyLab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Kaspersky Lab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_Kaspersky_Lab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Kaspersky Lab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKLM_Software_Wow6432Node_Kaspersky_Lab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Kaspersky Lab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKCU_Software_Kaspersky_Lab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Wow6432Node\Kaspersky Lab\" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Registry\HKCU_Software_Wow6432Node_Kaspersky_Lab.reg" file.
31.08.2019 11:02:22 INFO Extraction of registry image is complete.
31.08.2019 11:02:22 INFO Finished module: ProductRegistryPathExtraction
31.08.2019 11:02:22 INFO Starting module: Getting information about versions of plug-ins of Kaspersky Security Center
31.08.2019 11:02:22 INFO Security Center plugins info extracting started...
31.08.2019 11:02:22 INFO Getting information about Kaspersky Security Center plug-ins is complete.
31.08.2019 11:02:22 INFO Finished module: Getting information about versions of plug-ins of Kaspersky Security Center
31.08.2019 11:02:22 INFO Starting module: Collecting setup API logs
31.08.2019 11:02:22 INFO Collecting setup API logs: ExtractData(Action<int> setProgressValue): Data extracting started.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:22 INFO List of templates to collect:
SearchPattern:C:\WINDOWS\inf\setupapi.*.log;DisableWow64Redirect:False;AdditionalData:
SearchPattern:C:\WINDOWS\setup*.log;DisableWow64Redirect:False;AdditionalData:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\INF\setupapi.dev.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\INF\setupapi.dev.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupapi.dev.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\INF\setupapi.offline.20190318_215229.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\INF\setupapi.offline.20190318_215229.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupapi.offline.20190318_215229.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\INF\setupapi.offline.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\INF\setupapi.offline.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupapi.offline.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\INF\setupapi.setup.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\INF\setupapi.setup.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupapi.setup.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\INF\setupapi.upgrade.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\INF\setupapi.upgrade.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupapi.upgrade.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\setupact.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\setupact.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setupact.log"
31.08.2019 11:02:22 DEBUG File to collect is "C:\Windows\setuperr.log"
31.08.2019 11:02:22 INFO Copy file from "C:\Windows\setuperr.log" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Setupapi\setuperr.log"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:22 INFO Collecting setup API logs: ExtractData(Action<int> setProgressValue): Data extracting finished. Collected 7 files.
31.08.2019 11:02:22 INFO Finished module: Collecting setup API logs
31.08.2019 11:02:22 INFO Starting module: Collecting Windows event logs
31.08.2019 11:02:22 INFO Export event logs
31.08.2019 11:02:22 INFO Export eventlog by wevapi: System
31.08.2019 11:02:22 DEBUG Event log export path is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Eventlogs\System"
31.08.2019 11:02:23 INFO Export eventlog by wevapi: Application
31.08.2019 11:02:23 DEBUG Event log export path is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Eventlogs\Application"
31.08.2019 11:02:23 INFO Export eventlog by wevapi: Kaspersky Event Log
31.08.2019 11:02:23 DEBUG Event log export path is "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Eventlogs\Kaspersky Event Log"
31.08.2019 11:02:23 ERROR Unable to export "Kaspersky Event Log" event log. Last Win32 error is 15007
31.08.2019 11:02:23 INFO Finished module: Collecting Windows event logs
31.08.2019 11:02:23 INFO Starting module: ChromeFeatureExtractor
31.08.2019 11:02:23 INFO Copy file from "C:\Users\Umutcan\AppData\Local\Google\Chrome\User Data\Default\Preferences" to "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Google Chrome\Preferences"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
31.08.2019 11:02:23 INFO Starting module: MSIESearchScopes
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Search Scopes\SearchScopes.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Finished module: MSIESearchScopes
31.08.2019 11:02:23 INFO Starting module: IEFeaturesExtractor
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\HKLM_IE_OBTAINED.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfoDllCache\HLCU_IE_OBTAINED.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Finished module: IEFeaturesExtractor
31.08.2019 11:02:23 INFO Starting module: MSIERegistryPathExtractor
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKLM_IE_Toolbar.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKCU_IE_Toolbar.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKLM_IE_Explorer_Bars.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKCU_IE_Explorer_Bars.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MenuExt" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKLM_IE_MenuExt.reg" file.
31.08.2019 11:02:23 INFO Extraction of registry image is complete.
31.08.2019 11:02:23 INFO Extracting registry image from "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKCU_IE_MenuExt.reg" file.
31.08.2019 11:02:24 INFO Extraction of registry image is complete.
31.08.2019 11:02:24 INFO Extracting registry image from "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions" to the "C:\Users\Umutcan\AppData\Local\Temp\dselbf2q.cyh\GetSystemInfo\Microsoft Internet Explorer\Extensions (registry images)\HKLM_IE_Extensions.reg" file.
31.08.2019 11:02:24 INFO Extraction of registry image is complete.
31.08.2019 11:02:24 INFO Finished module: MSIERegistryPathExtractor
31.08.2019 11:02:24 INFO Starting module: Detecting of incompatible software
31.08.2019 11:02:24 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 11:02:24 DEBUG Executing assembly dirrectory path is "C:\Users\Umutcan\AppData\Local\Temp\s130"
31.08.2019 11:02:27 INFO Finished module: Detecting of incompatible software
31.08.2019 11:02:27 INFO Data extracting finished.
Son düzenleme:
EmreSploit
Hectopat
@Murat5038 rapor okumayı bilsem yardımcı olurum fakat Murat hocamızı beklemekten başka çare yok.
Bunları fixleyin:
Temiz önyükleme yapın. Winzip ve Garena kaldırın.
2. rapor doğru verilmemiş rehberi okuyun düzgün şekilde.
Kod:
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKLM\..\Run: [WinZip FAH] = C:\Program Files\WinZip\FAHConsole.exe
O4 - HKLM\..\StartupApproved\Run: [WinZip PreLoader] = C:\Program Files\WinZip\WzPreloader.exe (2018/06/13)
O4 - HKLM\..\StartupApproved\Run: [WinZip UN] = C:\Program Files\WinZip\WZUpdateNotifier.exe -show (2018/06/13)
O4-32 - HKLM\..\Run: [LWS] = F:\LWS\Webcam Software\LWS.exe -hide
O22 - Task (.job): gxx speed launcher.job - C:\Program Files (x86)\Garena\Garena\Garena.exe -silentlaunch -gxxsvclaunch
O23 - Service R2: Garena platform service - (GarenaPlatform) - C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe runTemiz önyükleme yapın. Winzip ve Garena kaldırın.
2. rapor doğru verilmemiş rehberi okuyun düzgün şekilde.
EmreSploit
Hectopat
Öğretebilir misiniz rapor okumayı?
Önceden cevaplamıştım. Öğretilebilecek bir şey değil deneyim kazanmanız lazım. Windows Regedit yapısını, temel Windows dosyalarını bilmeniz, varsayılan klasörleri nerelerdedir bilmeniz lazım. Bilindik dosyaların başlatıcı dosyaları nelerdir öğrenmeniz lazım, zararlı çeşitlerini ve çalışma prensiplerini bilmeniz lazım. Kısaca Bunları bildikten sonra zaten kolay yorumlayabilirsiniz.
EmreSploit
Hectopat
Peki hocam bir kere kendim hijackthis raporu çıkarıp size gönderiyim ve size fixlenecekleri söyleyeyim sizde doğru ise söyleseniz olur mu deneme amaçlı?
Olur. Kendi konunuzu açıp sorabilirsiniz.
EmreSploit
Hectopat
Hijackthis log paylaşımı ve çözümleri adlı konuda paylaştım.
