Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0
Time:      19.04.2019 - 15:07 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    valbu    (group: Administrator) on DESKTOP-S81EA9V, FirstRun: no

Chrome:  73.0.3683.103
Edge:    11.0.17763.379
Internet Explorer: 11.0.17763.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   9  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
   1  C:\Program Files\AutoHotkey\AutoHotkey.exe
   1  C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.714.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
   1  C:\Program Files\WindowsApps\microsoft.windowsstore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe
   1  C:\Users\valbu\Downloads\HiJackThis (1).exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\notepad.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  74  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

O17 - DHCP DNS 1: 176.240.150.250
O17 - DHCP DNS 2: 46.197.15.60
O17 - DHCP DNS 3: 178.233.140.110
 
Kod: 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:09:18, on 19.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)


Boot mode: Normal

Running processes:
C:\Users\valbu\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [Discord] C:\Users\valbu\AppData\Local\Discord\app-0.0.305\Discord.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5088 bytes
 
Performans düşüşü hissediyorum ve sedsvc diye kullanmadığım bir şey açılıyor.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17134.706 (ReleaseId: 1803), Service Pack: 0
Time:      01.05.2019 - 00:07 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Gökhan    (group: Administrator) on GÖKHAN, FirstRun: yes

Chrome:  74.0.3729.108
Firefox: 65.0.2.6995
Edge:    11.0.17134.677
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
   1  C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
   1  C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\rempl\sedsvc.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
   1  C:\Users\Gökhan\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\igfxEM.exe
   1  C:\Windows\System32\ICEsoundService64.exe
   1  C:\Windows\System32\Intel\DPTF\esif_uf.exe
   1  C:\Windows\System32\Locator.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\drivers\AdminService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  62  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiApSrv.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.oyunsunucum.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C334D475-FE3C-45DC-B362-B3F32F7B5843}: [URL] = http://www.google.com.tr/search?hl=tr&q={searchTerms}&meta= - Google Arama
O1 - Hosts: 127.0.0.1 bandicam.com
O1 - Hosts: 127.0.0.1 cert.bandicam.com
O1 - Hosts: 127.0.0.1 ssl.bandicam.com
O1 - Hosts: 127.0.0.1 52.79.86.85127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts.ICS: 192.168.137.40 android-1679ad1089db31ce.mshome.net # 2019 5 0 5 22 49 26 558
O1 - Hosts.ICS: 192.168.137.1 Gökhan.mshome.net # 2024 4 5 26 22 49 26 559
O1 - Hosts.ICS: 9
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: TabExplorerHelper - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2-32 - HKLM\..\BHO: TabExplorerHelper - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper32.dll
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Gökhan\AppData\Local\Discord\app-0.0.301\Discord.exe (2018/08/29)
O4 - HKCU\..\StartupApproved\Run: [Lync] = C:\Program Files\Microsoft Office\Office16\lync.exe /fromrunkey (2018/04/29)
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2018/05/04)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\Gökhan\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2017/02/15)
O4 - HKLM\..\StartupApproved\Run32: [FxSound Enhancer] = C:\Program Files (x86)\DFX\dfx.exe -startup (2019/01/14)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2018/08/23)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2018/10/19)
O4 - HKLM\..\StartupApproved\Run32: [WRSVC] = C:\Program Files\Webroot\WRSA.exe -ul (file missing) (2018/11/11)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2017/01/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2017/09/12)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Button: HKLM\..\{43699cd0-e34f-11de-8a39-0800200c9a66}: Webroot - (no file)
O9 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Tools menu item: HKLM\..\{43699cd0-e34f-11de-8a39-0800200c9a66}: Webroot - (no file)
O9-32 - Button: HKLM\..\{43699cd0-e34f-11de-8a39-0800200c9a66}: Webroot - (no file)
O9-32 - Tools menu item: HKLM\..\{43699cd0-e34f-11de-8a39-0800200c9a66}: Webroot - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{a897ec70-e821-4ef1-89b8-f36a21e0a9e0}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{a897ec70-e821-4ef1-89b8-f36a21e0a9e0}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (file missing) --scan
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service R2: AtherosSvc - C:\WINDOWS\system32\DRIVERS\AdminService.exe
O23 - Service R2: Foxit Reader Service - (FoxitReaderService) - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: ICEsound Service - (ICEsoundService) - C:\WINDOWS\system32\ICEsoundService64.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Platform and Thermal Framework service - (esifsvc) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ccf52835a60db6d4\IntelCpHeciSvc.exe
O23 - Service S2: WRSVC - C:\Program Files\Webroot\WRSA.exe -service (file missing)
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini"
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 39,7 sec. - 31106 bytes, CRC32: FFFFFFFF. Sign: ࿖珼
 
andoqoe dedi:
sedsvc diye kullanmadığım bir şey açılıyor
Genişletmek için tıkla...
Windows yazılımı olduğu için zararlı değil. Güncelleme olduğu zaman genelde çıkar. Güncellemeleri yapmadıysanız yapın.

Sürücü bulucu kullanıyorsunuz, sağlıklı çalışacağını düşünmeyin bu yüzden. Bu yüzden altta yazacaklarımı fixlesen de çok faydası olmayacak.

Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.oyunsunucum.com
O1 - Hosts: 127.0.0.1 bandicam.com
O1 - Hosts: 127.0.0.1 cert.bandicam.com
O1 - Hosts: 127.0.0.1 ssl.bandicam.com
O1 - Hosts: 127.0.0.1 52.79.86.85127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts.ICS: 192.168.137.40 android-1679ad1089db31ce.mshome.net # 2019 5 0 5 22 49 26 558
O1 - Hosts.ICS: 192.168.137.1 Gökhan.mshome.net # 2024 4 5 26 22 49 26 559
O1 - Hosts.ICS: 9
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Gökhan\AppData\Local\Discord\app-0.0.301\Discord.exe (2018/08/29)
O4 - HKCU\..\StartupApproved\Run: [Lync] = C:\Program Files\Microsoft Office\Office16\lync.exe /fromrunkey (2018/04/29)
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2018/05/04)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\Gökhan\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2017/02/15)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2018/08/23)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2018/10/19)
O4 - HKLM\..\StartupApproved\Run32: [WRSVC] = C:\Program Files\Webroot\WRSA.exe -ul (file missing) (2018/11/11)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2017/01/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2017/09/12)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Gökhan\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (file missing) --scan
O23 - Service R2: AtherosSvc - C:\WINDOWS\system32\DRIVERS\AdminService.exe
Bunları fixleyin.
 
Selamlar, yardımcı olabilir misiniz?
Şimdiden teşekkürler.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17134.706 (ReleaseId: 1803), Service Pack: 0
Time:      02.05.2019 - 11:50 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    STarkay    (group: Administrator) on SHAMIL, FirstRun: yes

Chrome:  73.0.3683.103
Edge:    11.0.17134.677
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
   1  C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
   3  C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
   1  C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
   1  C:\Program Files (x86)\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe
   4  C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
   1  C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
   1  C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
   1  C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
   1  C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
   2  C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\NortonSecurity.exe
   1  C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
   1  C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
   2  C:\Program Files (x86)\Yandex\YandexBrowser\18.4.1.871\service_update.exe
   1  C:\Program Files (x86)\turkcellturkey\MW40\BackgroundService\ModemListener.exe
   1  C:\Program Files (x86)\turkcellturkey\MW40\BackgroundService\ServiceManager.exe
   1  C:\Program Files\Aruba Networks\Virtual Internet Agent\arubanetsvc.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
   1  C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\DAEMON Tools Lite\DTAgent.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDService.exe
   1  C:\Program Files\Logitech\SetPointP\SetPoint.exe
   1  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
   1  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
   1  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
   3  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\Windows Defender\MSASCuiL.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Program Files\rempl\sedsvc.exe
   2  C:\Users\STarkay\AppData\Local\Akamai\netsession_win.exe
   1  C:\Users\STarkay\Autodesk\Genuine Service\GenuineService.exe
   1  C:\Users\STarkay\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\RTFTrack.exe
   1  C:\Windows\SysWOW64\lkads.exe
   1  C:\Windows\SysWOW64\lkcitdl.exe
   1  C:\Windows\SysWOW64\lktsrv.exe
   1  C:\Windows\System32\DbxSvc.exe
   1  C:\Windows\System32\ModbusDrv.exe
   1  C:\Windows\System32\ModbusDrvSys.exe
   1  C:\Windows\System32\NA_Service.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\UsbConnect.exe
   1  C:\Windows\System32\UsbConsole.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  80  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NS&pvid=22.11.2.7
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NS&pvid=22.11.2.7
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = proxy2.gazi.edu.tr:2001 (disabled)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\79751cea-f810-11e6-b4c2-b888e397294e: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?uil=ru&part={searchTerms} - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\79751cea-f810-11e6-b4c2-b888e397294e: [URL] = https://yandex.com.tr/search/?win=269&clid=2255507-213&text={searchTerms} - Yandex
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - HKLM\..\BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
O2 - HKLM\..\BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\coIEPlg.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O2-32 - HKLM\..\BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2-32 - HKLM\..\BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O2-32 - HKLM\..\BHO: Wondershare Video Converter Ultimate 7.1.0 - {451C804F-C205-4F03-B48E-537EC94937BF} - C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll
O3 - HKLM\..\Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\coIEPlg.dll
O3-32 - HKLM\..\Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O4 - HKCU\..\Run: [Akamai NetSession Interface] = C:\Users\STarkay\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII6E.EXE /EPT "EPLTarget\P0000000000000000" /M "L550 Series"
O4 - HKCU\..\Run: [Skype for Desktop] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\STarkay\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2017/05/30)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2019/05/02)
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [EvtMgr6] = C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Fences] = C:\Program Files (x86)\Stardock\Fences\Fences.exe /startup
O4 - HKLM\..\Run: [Logitech Download Assistant] = C:\Windows\System32\LogiLDA.dll C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [RtHDVBg_Dolby] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [RtsFT] = C:\WINDOWS\RTFTrack.exe
O4 - HKLM\..\StartupApproved\Run32: [QuickTime Task] = C:\Program Files (x86)\QuickTime\qttask.exe -atboottime (2019/05/02)
O4 - HKLM\..\StartupApproved\Run32: [Seagate Dashboard] = C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui (2019/05/02)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2017/05/30)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk    ->    C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (2019/05/02)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk    ->    C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (2019/05/02)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - User Startup: C:\Users\STarkay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk    ->    C:\Users\STarkay\Autodesk\Genuine Service\GenuineService.exe
O4-32 - HKLM\..\Run: [ADSK DLMSession] = C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4-32 - HKLM\..\Run: [AdobeCS4ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin
O4-32 - HKLM\..\Run: [CheckNDISPortf0ac02] = C:\Program Files (x86)\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe
O4-32 - HKLM\..\Run: [DelaypluginInstall] = C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [turkcellturkey MIFI40 ModemListener] = C:\Program Files (x86)\turkcellturkey\MW40\BackgroundService\ModemListener.exe start
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Microsoft Excel'e &Ver: (default) = C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{786f1efe-0e28-4f38-8675-0c7e3d73d9c6}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{786f1efe-0e28-4f38-8675-0c7e3d73d9c6}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\WSWSVCUchrome: [CLSID] = {1CA93FF0-A218-44F1- - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayExcluded: OverlayExcluded Class - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayPending: OverlayPending Class - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayProtected: OverlayProtected Class - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\WINDOWS\system32\AcSignIcon.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayExcluded: OverlayExcluded Class - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Security\Engine32\22.17.0.183\buShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayPending: OverlayPending Class - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Security\Engine32\22.17.0.183\buShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\  OverlayProtected: OverlayProtected Class - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Security\Engine32\22.17.0.183\buShell.dll
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (Not scheduled) Yandex Browser'ın sistem güncellemesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\18.3.1.1232\service_update.exe (file missing)  --run-as-launcher
O22 - Task (.job): MATLAB R2013a Startup Accelerator.job - D:\Program Files\MATLAB\R2013a\bin\win64\MATLABStartupAccelerator.exe
O22 - Task (.job): Yandex Browser güncellemesi.job - C:\Users\STarkay\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
O22 - Task (.job): Yandex Browser sistem güncellemesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\18.4.1.871\service_update.exe  --run-as-launcher
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Aruba Service - C:\Program Files\Aruba Networks\Virtual Internet Agent\arubanetsvc.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service R2: Internet Pass-Through Service - (PassThru Service) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NI Authentication Service - (niauth) - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe -start
O23 - Service R2: NI Citadel 4 Service - (LkCitadelServer) - C:\WINDOWS\SysWOW64\lkcitdl.exe
O23 - Service R2: NI Domain Service - (NIDomainService) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service R2: NI PSP Service Locator - (lkClassAds) - C:\WINDOWS\SysWOW64\lkads.exe
O23 - Service R2: NI Service Locator - (NiSvcLoc) - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe -s
O23 - Service R2: NI Time Synchronization - (lkTimeSync) - C:\WINDOWS\SysWOW64\lktsrv.exe
O23 - Service R2: NI mDNS Responder Service - (nimDNSResponder) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
O23 - Service R2: NetAccess Service - (NA_Service) - C:\WINDOWS\system32\NA_Service.exe
O23 - Service R2: Norton Security - (NortonSecurity) - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\NortonSecurity.exe /s "NortonSecurity" /m "C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\diMaster.dll" /prefetch:1
O23 - Service R2: Norton WSC Service - (nsWscSvc) - C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: Seagate Dashboard Service - (SeagateDashboardService) - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service R2: TeamViewer 13 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Usb PLC - (UsbConnect) - C:\WINDOWS\system32\UsbConnect.exe
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
O23 - Service R2: Yandex.Browser Update Service - (YandexBrowserService) - C:\Program Files (x86)\Yandex\YandexBrowser\18.4.1.871\service_update.exe --run-as-service
O23 - Service R2: turkcellturkey MIFI40 Modem Device Helper - C:\Program Files (x86)\turkcellturkey\MW40\BackgroundService\ServiceManager.exe Files (x86)\turkcellturkey\MW40\BackgroundService\ServiceManager.exe -start
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Autodesk Content Service - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service S2: Dropbox Update Service (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: KMService - C:\WINDOWS\SysWOW64\srvany.exe
O23 - Service S2: NI Application Web Server - (NIApplicationWebServer) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -user
O23 - Service S2: NI System Web Server - (NISystemWebServer) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -system
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Dropbox Update Service (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service S3: Logitech Bluetooth Service - (LBTServ) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service S3: NI License Server - (NILM License Manager) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe  (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe
O23 - Service S3: Wondershare Driver Install Service - (WsDrvInst) - C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe


--
End of file - Time spent: 28,7 sec. - 50196 bytes, CRC32: FFFFFFFF. Sign: 祏ꗊ
 
Bunları fixleyin:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NS&pvid=22.11.2.7
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NS&pvid=22.11.2.7
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = proxy2.gazi.edu.tr:2001 (disabled)
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII6E.EXE /EPT "EPLTarget\P0000000000000000" /M "L550 Series"
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\STarkay\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2017/05/30)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk    ->    C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (2019/05/02)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk    ->    C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (2019/05/02)
O18 - HKLM\Software\Classes\Protocols\Handler\WSWSVCUchrome: [CLSID] = {1CA93FF0-A218-44F1- - (no file)
O23 - Service R2: Seagate Dashboard Service - (SeagateDashboardService) - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service R2: Usb PLC - (UsbConnect) - C:\WINDOWS\system32\UsbConnect.exe


Eğer bunları bilmiyorsanız denetim masasından kaldırın: Aruba Networks, National Instruments.

Kaldırdıysanız alttakileri fixleyin görünüyorsa:
Kod: 
O23 - Service R2: Aruba Service - C:\Program Files\Aruba Networks\Virtual Internet Agent\arubanetsvc.exe

O23 - Service R2: NI Authentication Service - (niauth) - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe -start

O23 - Service R2: NI Citadel 4 Service - (LkCitadelServer) - C:\WINDOWS\SysWOW64\lkcitdl.exe

O23 - Service R2: NI Domain Service - (NIDomainService) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

O23 - Service R2: NI PSP Service Locator - (lkClassAds) - C:\WINDOWS\SysWOW64\lkads.exe

O23 - Service R2: NI Service Locator - (NiSvcLoc) - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe -s

O23 - Service R2: NI Time Synchronization - (lkTimeSync) - C:\WINDOWS\SysWOW64\lktsrv.exe

O23 - Service R2: NI mDNS Responder Service - (nimDNSResponder) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

O23 - Service R2: NetAccess Service - (NA_Service) - C:\WINDOWS\system32\NA_Service.exe

O23 - Service S2: NI Application Web Server - (NIApplicationWebServer) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -user

O23 - Service S2: NI System Web Server - (NISystemWebServer) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -system

O23 - Service S3: NI License Server - (NILM License Manager) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe  (file missing)

Ek olarak kullanmıyorsanız Wondershare, Onedrive, Dropbox, Turkcell VINN bunları da kaldırın.
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
548
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.687
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.001
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.006
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.538
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı