Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
SLYMN dedi:
doğru olanı indirdim teşekkürler.

Paste ofCode

paste.ofcode.org paste.ofcode.org
Genişletmek için tıkla...
Bu sayfaya kopyalamana gerek yok ayrıca cevapla kısmındaki ekle kısmından koda tıkla ve yapıştır kopyalaması vs. daha kolay.
Edit: Her şey gözüme normal gözüktü fakat şu dosyayı mediafire veya google drive ile upload edebilir misin?
C:\Users\SLYMN\AppData\Local\Temp\~nsu.tmp\Au_.exe buradaki au.exe'yi.
 
Oyunlarda CPU yetersizliği yaşıyorum.
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time:      10.01.2020 - 13:06 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    SLYMN    (group: Administrator) on DESKTOP-9IG915M, FirstRun: yes

Chrome:  79.0.3945.117
Edge:    11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  29  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
   1  C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
   1  C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
   1  C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
   1  C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
   1  C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
   1  C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
   2  C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
   1  C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
   1  C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
   1  C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
   1  C:\Program Files\AVAST Software\Avast\AvastSvc.exe
   1  C:\Program Files\AVAST Software\Avast\AvastUI.exe
   1  C:\Program Files\AVAST Software\Avast\aswidsagent.exe
   1  C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.115.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Users\SLYMN\AppData\Local\Temp\~nsu.tmp\Au_.exe
   1  C:\Users\SLYMN\Downloads\HiJackThis (2).exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   1  C:\Windows\System32\CompatTelRunner.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_20\bin\jp2ssv.dll (file missing)
O4 - HKCU\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
O4 - HKCU\..\StartupApproved\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2018/02/21)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2017/12/17)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\SLYMN\AppData\Local\Discord\app-0.0.305\Discord.exe (2018/02/06)
O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Updater] = C:\Users\SLYMN\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2019/09/26)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\SLYMN\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2017/12/16)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2018/06/07)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\SLYMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk    ->    C:\Users\SLYMN\AppData\Local\Programs\EmEditor\emedtray.exe (2019/01/16)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\SLYMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk    ->    C:\Users\SLYMN\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart (2018/03/31)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [Reimage] = C:\Program Files\Reimage\Reimage Protector\ReimageApp.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2018/02/20)
O4 - HKLM\..\StartupApproved\Run32: [Autodesk Desktop App] = C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe -tray (2018/11/19)
O4 - HKLM\..\StartupApproved\Run32: [Command Center] = C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe (2018/02/21)
O4 - HKLM\..\StartupApproved\Run32: [Live Update] = C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER (2018/02/07)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2018/02/07)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2018/02/20)
O4 - HKLM\..\StartupApproved\Run32: [X_Boost] = C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe /mini (2019/10/01)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2018/02/20)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2018/05/27)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk    ->    C:\Program Files (x86)\Ralink\Common\RaUI.exe -s (2019/08/16)
O4 - HKU\.DEFAULT\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
O4 - HKU\S-1-5-21-846179661-4068410624-3970251764-500\..\Run: [OneDrive] = C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft) (User 'Administrator')
O4 - HKU\S-1-5-21-846179661-4068410624-3970251764-500\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Administrator')
O15 - Trusted Zone: *.localhost
O16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00191-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\WINDOWS\system32\AcSignIcon.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O22 - Task (.job): (disabled) (Not scheduled) µTorrent® Update_1.job - C:\Users\SLYMN\AppData\Roaming\uTorrent\uTorrent.exe
O22 - Task (.job): AdobeGCInvoker-1.0-DESKTOP-9IG915M-SLYMN.job - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O22 - Task (.job): CCleaner Update.job - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task (.job): Norton Product Installer.job - C:\ProgramData\NortonInstaller\NSSInstallStub.exe //partnerid=norton //productlist=nss /delay=0 /launchedby=2
O22 - Task (.job): Norton Product InstallerIdle.job - C:\ProgramData\NortonInstaller\NSSInstallStub.exe //partnerid=norton //productlist=nss /delay=0 /launchedby=4
O22 - Task (.job): Yandex Browser güncellemesi.job - C:\Users\SLYMN\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (file missing)  --background-update --noerrdialogs
O22 - Task (.job): Yandex Browser sistem güncellemesi.job - C:\Program Files (x86)\Yandex\YandexBrowser\18.4.1.871\service_update.exe (file missing)  --run-as-launcher
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: MSI Command Center control Service - (MSICTL_CC) - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service R2: MSI_ActiveX_Service - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Ralink Registry Writer - (RalinkRegistryWriter) - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service R2: Ralink Registry Writer 64 - (RalinkRegistryWriter64) - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Heroes & Generals Steam Service - (HnGSteamService) - C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe
O23 - Service S3: MSI Command Center CPU Service - (MSICPU_CC) - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service S3: MSI Command Center Clock Service - (MSIClock_CC) - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service S3: MSI Command Center Comm Service - (MSICOMM_CC) - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service S3: MSI Command Center DDR Service - (MSIDDR_CC) - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service S3: MSI Command Center SMBus Service - (MSISMB_CC) - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service S3: MSI Command Center SuperIO Service - (MSISuperIO_CC) - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe


--
End of file - Time spent: 28,9 sec. - 38248 bytes, CRC32: FFFFFFFF. Sign: 멹굽
kakaolupuding dedi:
Bu sayfaya kopyalamana gerek yok ayrıca cevapla kısmındaki ekle kısmından koda tıkla ve yapıştır kopyalaması vs. daha kolay.
Edit: Her şey gözüme normal gözüktü fakat şu dosyayı mediafire veya google drive ile upload edebilir misin?
C:\Users\SLYMN\AppData\Local\Temp\~nsu.tmp\Au_.exe buradaki au.exe'yi.
Genişletmek için tıkla...
www.mediafire.com

Au_

MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.
www.mediafire.com
 
@SLYMN

Reimage'i kaldırın, scamdir ve sizi botnet ağına sokar.
Au_.exe virüs değil, PUP kategorisine girer. Ayrıca zararlı kaynağı Reimage'dir, au_.exe değil.

Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_20\bin\jp2ssv.dll (file missing)
O4 - HKCU\..\StartupApproved\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2018/02/21)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2017/12/17)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2018/02/20)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2018/05/27)
1  C:\Users\SLYMN\AppData\Local\Temp\~nsu.tmp\Au_.exe
O4 - HKU\S-1-5-21-846179661-4068410624-3970251764-500\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Administrator')
O15 - Trusted Zone: *.localhost
O16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00191-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)

O22 - Task (.job): (disabled) (Not scheduled) µTorrent® Update_1.job - C:\Users\SLYMN\AppData\Roaming\uTorrent\uTorrent.exe
O22 - Task (.job): AdobeGCInvoker-1.0-DESKTOP-9IG915M-SLYMN.job - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O22 - Task (.job): CCleaner Update.job - C:\Program Files\CCleaner\CCUpdate.exe
Bunları fixleyin, Reimage Repair'i denetim masasından kaldırın.
Temel Sistem Bakım ve Performans Optimizasyonu Yönergesi - Technopat Sosyal 'den
1, 2, 4. adımın tümü ve 5. adımları uygulayın. Sistemi yeniden başlatın.

Avast'ı kaldırın.

Avast yerine Kaspersky IS 30 günlük deneme sürümünü yükleyin.

Kaspersky Internet Security 2021 Ücretsiz Deneme Sürümü | Kaspersky

Kaspersky Internet Security 2021, en yeni internet tehditlerine karşı koruma sağlar ve çevrimiçi gezinirken sizi korur. 30 günlük ücretsiz deneme sürümünü indirin.
www.kaspersky.com.tr

Kaspersky IS ile sisteminizi taratın, çıkanları karantinaya alın. uTorrent'i kaldırmak istemiyorsanız hariç tutulanlara ekleyin. Tarama bitip çıkanları karantinaya aldıktan sonra sisteminizi yeniden başlatın.

Sistemi yeniden başlattıktan sonra Malwarebytes ile sisteminizi taratın, zararlı çıkarsa karantinaya alın.
www.malwarebytes.com

Thank you for downloading Malwarebytes for Windows | Malwarebytes

Malwarebytes free anti-malware software uses industry-leading technology to detect and remove worms, Trojans, rootkits, rogues, dialers, spyware, and more.
www.malwarebytes.com www.malwarebytes.com

Malwarebytes ile tarama yaptıktan sonra sistemi yeniden başlatın ve sisteminizi artık gönül rahatlığıyla kullanabilirsiniz.

Not: Eğer herhangi bir sistem uygulamasıyla, veya kritik bir uygulamayla ilgili bir hata alırsanız komut istemini yönetici olarak açıp aşağıdaki kodu yazın, tarama bittikten sonra sistemi yeniden başlatın:
Kod: 
sfc /scannow
 
102035 dedi:
@SLYMN

Reimage'i kaldırın, scamdir ve sizi botnet ağına sokar.
Au_.exe virüs değil, PUP kategorisine girer. Ayrıca zararlı kaynağı Reimage'dir, au_.exe değil.

Kod: 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_20\bin\jp2ssv.dll (file missing)
O4 - HKCU\..\StartupApproved\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2018/02/21)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2017/12/17)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2018/02/20)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2018/05/27)
1  C:\Users\SLYMN\AppData\Local\Temp\~nsu.tmp\Au_.exe
O4 - HKU\S-1-5-21-846179661-4068410624-3970251764-500\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Administrator')
O15 - Trusted Zone: *.localhost
O16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00191-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_191 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_191-windows-i586.cab
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\SLYMN\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)

O22 - Task (.job): (disabled) (Not scheduled) µTorrent® Update_1.job - C:\Users\SLYMN\AppData\Roaming\uTorrent\uTorrent.exe
O22 - Task (.job): AdobeGCInvoker-1.0-DESKTOP-9IG915M-SLYMN.job - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O22 - Task (.job): CCleaner Update.job - C:\Program Files\CCleaner\CCUpdate.exe
Bunları fixleyin, Reimage Repair'i denetim masasından kaldırın.
Temel Sistem Bakım ve Performans Optimizasyonu Yönergesi - Technopat Sosyal 'den
1, 2, 4. adımın tümü ve 5. adımları uygulayın. Sistemi yeniden başlatın.

Avast'ı kaldırın.

Avast yerine Kaspersky IS 30 günlük deneme sürümünü yükleyin.

Kaspersky Internet Security 2021 Ücretsiz Deneme Sürümü | Kaspersky

Kaspersky Internet Security 2021, en yeni internet tehditlerine karşı koruma sağlar ve çevrimiçi gezinirken sizi korur. 30 günlük ücretsiz deneme sürümünü indirin.
www.kaspersky.com.tr

Kaspersky IS ile sisteminizi taratın, çıkanları karantinaya alın. uTorrent'i kaldırmak istemiyorsanız hariç tutulanlara ekleyin. Tarama bitip çıkanları karantinaya aldıktan sonra sisteminizi yeniden başlatın.

Sistemi yeniden başlattıktan sonra Malwarebytes ile sisteminizi taratın, zararlı çıkarsa karantinaya alın.
www.malwarebytes.com

Thank you for downloading Malwarebytes for Windows | Malwarebytes

Malwarebytes free anti-malware software uses industry-leading technology to detect and remove worms, Trojans, rootkits, rogues, dialers, spyware, and more.
www.malwarebytes.com www.malwarebytes.com

Malwarebytes ile tarama yaptıktan sonra sistemi yeniden başlatın ve sisteminizi artık gönül rahatlığıyla kullanabilirsiniz.

Not: Eğer herhangi bir sistem uygulamasıyla, veya kritik bir uygulamayla ilgili bir hata alırsanız komut istemini yönetici olarak açıp aşağıdaki kodu yazın, tarama bittikten sonra sistemi yeniden başlatın:
Kod: 
sfc /scannow
Genişletmek için tıkla...
Bende biliyorum Reimage ile alakalı olduğunu. Fakat Au.exe gözüme şüpheli gözüktü Mediafire veya Google Drive'a yüklemesini istedim. Ve evet, Reimage scamdir ve sizi Botnet ağına alır.
 
kakaolupuding dedi:
Au.exe virüs olabilir.
Genişletmek için tıkla...
Bilseydin virüs olarak tanı konmadığını, PUP olarak tanı konduğunu ve Reimage'i denetim masasından kaldırması gerektiğini yazardın.

Sistemde Norton ve Avast varken Bitdefender veya Kaspersky yüklemesini önermişsin.
Bir sistemde bir veya birden fazla antivirüs varken, o antivirüsler kaldırılmadan yeni bir antivirüs kurulmaz.

Sorun sahibi eğer Norton yüklediyse, Avast'ı kaldırıp Norton kullanmaya devam etsin. Norton yüklediyse Kaspersky yüklememeli, Norton ile sistemini taratsın. Bunu yazmadığımı fark ettiğim için ekliyorum.
 
Tarayıcılarda sayfalar yüklenirken bazen hatalar çıkıyor ve virüs olduğundan şüpheliyim. Antivirüs illa indirip tarama yapmak zorunda mıyım yoksa virüsleri bulmanın başka bir yolu var mı?
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.18363.535 (ReleaseId: 1909), Service Pack: 0
Time:      20.01.2020 - 16:27 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    anily    (group: Administrator) on DESKTOP-UQ6IPCV, FirstRun: yes

Chrome:  79.0.3945.117
Edge:    11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1" (Brave)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler.exe
   1  C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler64.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
   2  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
   2  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\Steam\Steam.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
   1  C:\Program Files\FACEIT AC\faceitclient.exe
   1  C:\Program Files\FACEIT AC\faceitservice.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.89.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
   2  C:\Users\anily\AppData\Local\FACEITApp\app-1.23.0\FACEIT.exe
   1  C:\Users\anily\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\WerFault.exe
   1  C:\Windows\System32\CastSrv.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atiesrxx.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SpatialAudioLicenseSrv.exe
   1  C:\Windows\System32\WWAHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\schtasks.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  80  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 195.208.36.45:50366 (disabled)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURL] = http://clients5.google.com/complete/search?q={searchTerms}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [URL] = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 www.monster-cheats.com
O1 - Hosts: 0.0.0.0 monster-cheats.com
O1 - Hosts: 0.0.0.0 www.bl-hackers.com
O1 - Hosts: 0.0.0.0 bl-hackers.com
O1 - Hosts: 0.0.0.0 theapathe.com
O1 - Hosts: 0.0.0.0 www.theapathe.com
O1 - Hosts: 0.0.0.0 theapathe.net
O1 - Hosts: 0.0.0.0 www.theapathe.net
O1 - Hosts: 0.0.0.0 theapathe.org
O1 - Hosts: 0.0.0.0 www.theapathe.org
O1 - Hosts: 0.0.0.0 sv1.theapathe.com
O1 - Hosts: 0.0.0.0 apathecheats.com
O1 - Hosts: 0.0.0.0 www.apathecheats.com
O1 - Hosts: 0.0.0.0 apathecheats.net
O1 - Hosts: 0.0.0.0 www.apathecheats.net
O1 - Hosts: 0.0.0.0 apathecheats.org
O1 - Hosts: 0.0.0.0 www.apathecheats.org
O1 - Hosts: 0.0.0.0 download.theapathe.com
O1 - Hosts: 0.0.0.0 www.sv1.theapathe.com
O1 - Hosts: 0.0.0.0 www.download.theapathe.com
O1 - Hosts: 0.0.0.0 www.hileliadam.co
O1 - Hosts: 0.0.0.0 hileliadam.co
O1 - Hosts: 0.0.0.0 www.hilenbizde.com
O1 - Hosts: 0.0.0.0 hilenbizde.com
O1 - Hosts: 0.0.0.0 www.wolfteamhacker.com
O1 - Hosts: 0.0.0.0 wolfteamhacker.com
O1 - Hosts: 0.0.0.0 wolfteam-hile.com
O1 - Hosts: 0.0.0.0 www.wolfteam-hile.com
O1 - Hosts: 0.0.0.0 www.zulahile.com
O1 - Hosts: 0.0.0.0 zulahile.com
O1 - Hosts: 0.0.0.0 www.mrsnapz.net
O1 - Hosts: 0.0.0.0 mrsnapz.net
O1 - Hosts: 0.0.0.0 www.mrsnapznet.us
O1 - Hosts: 0.0.0.0 mrsnapznet.us
O1 - Hosts: 0.0.0.0 www.badeshan.com
O1 - Hosts: 0.0.0.0 www.thefrm.net
O1 - Hosts: 0.0.0.0 www.plathelper.net
O1 - Hosts: 0.0.0.0 www.thefrmonline.com
O1 - Hosts: 0.0.0.0 www.pro-hile.com
O1 - Hosts: 0.0.0.0 www.pro-hile.net
O1 - Hosts: 0.0.0.0 www.hileliadam.com
O1 - Hosts: 0.0.0.0 www.hilelikafa.com
O1 - Hosts: 0.0.0.0 www.gamehileleri.com
O1 - Hosts: 0.0.0.0 www.hilemekani.com
O1 - Hosts: 0.0.0.0 www.frmbull.com
O1 - Hosts: 0.0.0.0 www.turkfrm.net
O1 - Hosts: 0.0.0.0 www.hilesarayi.com
O1 - Hosts: 0.0.0.0 www.xcheats.com
O1 - Hosts: 0.0.0.0 www.xcheats.net
O1 - Hosts: 0.0.0.0 www.xcheats.org
O1 - Hosts: 0.0.0.0 xcheats.com
O1 - Hosts: 0.0.0.0 xcheats.org
O1 - Hosts: 0.0.0.0 xcheats.net
O1 - Hosts: 0.0.0.0 utilcheat.com
O1 - Hosts: 0.0.0.0 turkfrm.net
O1 - Hosts: 0.0.0.0 goldhile.net
O1 - Hosts: 0.0.0.0 onefrm.com
O1 - Hosts: 0.0.0.0 badeshan.com
O1 - Hosts: 0.0.0.0 thefrmonline.com
O1 - Hosts: 0.0.0.0 thefrm.net
O1 - Hosts: 0.0.0.0 pro-hile.com
O1 - Hosts: 0.0.0.0 pro-hile.net
O1 - Hosts: 0.0.0.0 zeusfrm.org
O1 - Hosts: 0.0.0.0 hileliadam.com
O1 - Hosts: 0.0.0.0 hilelikafa.com
O1 - Hosts: 0.0.0.0 gamehileleri.com
O1 - Hosts: 0.0.0.0 hilemekani.com
O1 - Hosts: 0.0.0.0 frmbull.com
O1 - Hosts: 0.0.0.0 plathelper.net
O1 - Hosts: 0.0.0.0 hilesarayi.com
O1 - Hosts: 0.0.0.0 yenilmezfrm.net
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.net
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.com
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.org
O1 - Hosts: 0.0.0.0 pro-hile.org
O1 - Hosts: 0.0.0.0 www.pro-hile.org
O1 - Hosts: 0.0.0.0 www.mrsnapz.net
O1 - Hosts: 0.0.0.0 mrsnapz.net
O1 - Hosts: 0.0.0.0 www.mrsnapznet.us
O1 - Hosts: 0.0.0.0 ultrafrm.net
O1 - Hosts: 0.0.0.0 www.ultrafrm.net
O1 - Hosts: 0.0.0.0 ultrafrm.org
O1 - Hosts: 0.0.0.0 www.ultrafrm.org
O1 - Hosts: 0.0.0.0 ultrafrm.com
O1 - Hosts: 0.0.0.0 www.ultrafrm.com
O1 - Hosts: 0.0.0.0 moira.ultrafrm.com
O1 - Hosts: 0.0.0.0 www.moira.ultrafrm.com
O1 - Hosts: 0.0.0.0 moira.ultrafrm.net
O1 - Hosts: 0.0.0.0 www.moira.ultrafrm.net
O1 - Hosts: 0.0.0.0 ads.ultrafrm.net
O1 - Hosts: 0.0.0.0 www.hileuzmani.com
O1 - Hosts: 0.0.0.0 hileuzmani.com
O1 - Hosts: 0.0.0.0 unitatis.net
O1 - Hosts: 0.0.0.0 www.unitatis.net
O1 - Hosts: 0.0.0.0 www.mrcheat.us
O1 - Hosts: 0.0.0.0 mrcheat.us
O1 - Hosts: 0.0.0.0 ultrahilem.com
O1 - Hosts: 0.0.0.0 www.ultrahilem.com
O1 - Hosts: 0.0.0.0 moiracheats.net
O1 - Hosts: 0.0.0.0 moiracheats.com
O1 - Hosts: 0.0.0.0 moiracheats.org
O1 - Hosts: 0.0.0.0 www.moiracheats.net
O1 - Hosts: 0.0.0.0 www.moiracheats.com
O1 - Hosts: 0.0.0.0 www.moiracheats.org
O1 - Hosts: 0.0.0.0 mo1racheats.net
O1 - Hosts: 0.0.0.0 mo1racheats.com
O1 - Hosts: 0.0.0.0 mo1racheats.org
O1 - Hosts: 0.0.0.0 www.mo1racheats.net
O1 - Hosts: 0.0.0.0 www.mo1racheats.com
O1 - Hosts: 0.0.0.0 www.mo1racheats.org
O1 - Hosts: 0.0.0.0 kral-hile.com
O1 - Hosts: 0.0.0.0 www.kral-hile.com
O1 - Hosts: 0.0.0.0 www.elitehackers.rf.gd
O1 - Hosts: 0.0.0.0 elitehackers.rf.gd
O1 - Hosts: 0.0.0.0 hoxelizm.com
O1 - Hosts: 0.0.0.0 www.hoxelizm.com
O1 - Hosts: 0.0.0.0 virtualevolution.net
O1 - Hosts: 0.0.0.0 www.virtualevolution.net
O1 - Hosts: 0.0.0.0 virtualevolution.com
O1 - Hosts: 0.0.0.0 www.virtualevolution.com
O1 - Hosts: 0.0.0.0 virtualevolution.org
O1 - Hosts: 0.0.0.0 www.virtualevolution.org
O1 - Hosts: 0.0.0.0 zoomhacks.com
O1 - Hosts: 0.0.0.0 www.zoomhacks.com
O1 - Hosts: 0.0.0.0 www.download.zoomhacks.com
O1 - Hosts: 0.0.0.0 cheatsturkey.net
O1 - Hosts: 0.0.0.0 cheatsturkey.com
O1 - Hosts: 0.0.0.0 cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.cheatsturkey.net
O1 - Hosts: 0.0.0.0 www.cheatsturkey.com
O1 - Hosts: 0.0.0.0 www.cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.cheatsturkey.xyz
O1 - Hosts: 0.0.0.0 cheatsturkey.xyz
O1 - Hosts: 0.0.0.0 download.cheatsturkey.com
O1 - Hosts: 0.0.0.0 download.cheatsturkey.org
O1 - Hosts: 0.0.0.0 download.cheatsturkey.net
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.com
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.net
O1 - Hosts: 0.0.0.0 unixcheats.com
O1 - Hosts: 0.0.0.0 www.unixcheats.com
O1 - Hosts: 0.0.0.0 unixcheats.net
O1 - Hosts: 0.0.0.0 www.unixcheats.net
O1 - Hosts: 0.0.0.0 unixcheats.org
O1 - Hosts: 0.0.0.0 www.unixcheats.org
O1 - Hosts: 0.0.0.0 gamecheat.center
O1 - Hosts: 0.0.0.0 www.gamecheat.center
O1 - Hosts: 0.0.0.0 www.masyaf.net
O1 - Hosts: 0.0.0.0 masyaf.net
O1 - Hosts: 0.0.0.0 www.masyaf.com
O1 - Hosts: 0.0.0.0 masyaf.com
O1 - Hosts: 0.0.0.0 www.masyaf.org
O1 - Hosts: 0.0.0.0 masyaf.org
O1 - Hosts: 0.0.0.0 serodeck.com
O1 - Hosts: 0.0.0.0 www.serodeck.com
O1 - Hosts: 0.0.0.0 hax4you.com
O1 - Hosts: 0.0.0.0 www.hax4you.com
O1 - Hosts: 0.0.0.0 hax4you.net
O1 - Hosts: 0.0.0.0 www.hax4you.net
O1 - Hosts: 0.0.0.0 hax4you.org
O1 - Hosts: 0.0.0.0 www.hax4you.org
O1 - Hosts: 0.0.0.0 unxc.xyz
O1 - Hosts: 0.0.0.0 www.unxc.xyz
O1 - Hosts: 0.0.0.0 exiledros.me
O1 - Hosts: 0.0.0.0 www.exiledros.me
O1 - Hosts: 0.0.0.0 exiledros.net
O1 - Hosts: 0.0.0.0 www.exiledros.net
O1 - Hosts: 0.0.0.0 exiledros.com
O1 - Hosts: 0.0.0.0 www.exiledros.com
O1 - Hosts: 0.0.0.0 exiledros.info
O1 - Hosts: 0.0.0.0 www.exiledros.info
O1 - Hosts: 0.0.0.0 rosvertex-4.0F2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 www.rosvertex-4.0F2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 rosvertex-4f2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 www.rosvertex-4f2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 citpekalongan.com
O1 - Hosts: 0.0.0.0 www.citpekalongan.com
O1 - Hosts: 0.0.0.0 vipmrcheats.org
O1 - Hosts: 0.0.0.0 www.vipmrcheats.org
O1 - Hosts: 0.0.0.0 luciros.tk
O1 - Hosts: 0.0.0.0 www.hotshotgamers.net
O1 - Hosts: 0.0.0.0 hotshotgamers.net
O1 - Hosts: 0.0.0.0 www.hotshotgamers.org
O1 - Hosts: 0.0.0.0 hotshotgamers.org
O1 - Hosts: 0.0.0.0 www.hotshotgamers.com
O1 - Hosts: 0.0.0.0 hotshotgamers.com
O1 - Hosts: 0.0.0.0 www.pinoygameaccounts.blogspot.com
O1 - Hosts: 0.0.0.0 pinoygameaccounts.blogspot.com
O1 - Hosts: 0.0.0.0 www.exiledros.me
O1 - Hosts: 0.0.0.0 exiledros.me
O1 - Hosts: 0.0.0.0 woxcheats.com
O1 - Hosts: 0.0.0.0 www.woxcheats.com
O1 - Hosts: 0.0.0.0 woxcheats.net
O1 - Hosts: 0.0.0.0 www.woxcheats.net
O1 - Hosts: 0.0.0.0 woxcheats.org
O1 - Hosts: 0.0.0.0 www.woxcheats.org
O1 - Hosts: 0.0.0.0 realitycheats.com
O1 - Hosts: 0.0.0.0 www.realitycheats.com
O1 - Hosts: 0.0.0.0 realitycheats.net
O1 - Hosts: 0.0.0.0 www.realitycheats.net
O1 - Hosts: 0.0.0.0 realitycheats.org
O1 - Hosts: 0.0.0.0 www.realitycheats.org
O1 - Hosts: 0.0.0.0 reversehackers.com
O1 - Hosts: 0.0.0.0 www.reversehackers.com
O1 - Hosts: 0.0.0.0 reversehackers.net
O1 - Hosts: 0.0.0.0 www.reversehackers.net
O1 - Hosts: 0.0.0.0 reversehackers.org
O1 - Hosts: 0.0.0.0 www.reversehackers.org
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll
O4 - HKCU\..\Run: [FACEIT] = C:\Users\anily\AppData\Local\FACEITApp\update.exe --processStart "FACEIT.exe"
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [Bloody2] = C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe Minimum (2020/01/19)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2019/12/30)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\anily\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/12/25)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2019/12/25)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2019/12/25)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background (2019/12/20)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\anily\AppData\Roaming\Spotify\Spotify.exe --autostart (2019/12/20)
O4 - HKCU\..\StartupApproved\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe autoStart (2019/12/20)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\anily\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2019/12/20)
O4 - HKLM\..\StartupApproved\Run32: [LeagueDisplays] = C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe /onWindowsStart (2019/12/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/12/20)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2019/12/20)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - DHCP DNS 3: 1.1.1.1
O17 - DHCP DNS 4: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{188e1cc2-58b8-43f5-8f13-effe6206a2fb}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{188e1cc2-58b8-43f5-8f13-effe6206a2fb}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{79bf1e40-b274-45f3-847b-6670cf5639b1}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{79bf1e40-b274-45f3-847b-6670cf5639b1}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{d7b4be03-9041-45d6-9713-aad4f9fc96b8}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{d7b4be03-9041-45d6-9713-aad4f9fc96b8}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atiesrxx.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: Kaspersky Password Manager Service - (kpm_launch_service) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S3: EasyAntiCheat - C:\Windows\system32\EasyAntiCheat.exe  (file missing)
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe
O23 - Service S3: FileSyncHelper - C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: OneDrive Updater Service - C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe


--
End of file - Time spent: 54,9 sec. - 39832 bytes, CRC32: FFFFFFFF. Sign: 껭蹰
 
Hizmetler ve Denetleyici uygulaması son zamanlarda %25 civarı CPU kullanımında seyrediyor. Bir bakabilirseniz memnun olurum.

Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Enterprise 2015 LTSB), 10.0.17763.914 (ReleaseId: 1809), Service Pack: 0
Time:      22.01.2020 - 23:13 (UTC+03:00)
Language:  OS: English (0x409). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    Elyssy    (group: Administrator) on HOME-PC, FirstRun: yes

Opera:   64.0.3417.167
Internet Explorer: 11.914.17763.0
Default: "C:\Program Files\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   1  C:\Program Files (x86)\MSI\APP Manager\AppManager.exe
   1  C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe
   1  C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
   1  C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
   1  C:\Program Files\Core Temp\Core Temp.exe
   1  C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
   1  C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
   1  C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
   1  C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
   1  C:\Program Files\Logitech Gaming Software\LCore.exe
   1  C:\Program Files\TeraCopy\TeraCopyService.exe
   1  C:\Users\Elyssy\Desktop\HiJackThis.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0341712.inf_amd64_501b10ffd325c914\B337402\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0341712.inf_amd64_501b10ffd325c914\B337402\atiesrxx.exe
   1  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
  57  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

O1 - Hosts: 0.0.0.0 license.piriform.com
O1 - Hosts: 0.0.0.0 www.ccleaner.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\Run: [NetLimiter] = C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe /minimized
O4 - HKCU\..\StartupApproved\Run: [DiscordPTB] = C:\Users\Elyssy\AppData\Local\DiscordPTB\app-0.0.49\DiscordPTB.exe (2020/01/04)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2020/01/04)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Elyssy\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2020/01/22)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/01/04)
O4 - HKCU\..\StartupApproved\Run: [electron.app.YouTube Music Desktop App] = C:\Users\Elyssy\AppData\Local\Programs\youtube-music-desktop-app\YouTube Music Desktop App.exe --processStart "YouTube Music Desktop App.exe" (file missing) (2020/01/06)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Elyssy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk    ->    C:\ProgramData\MEGAsync\MEGAsync.exe (2020/01/06)
O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/01/04)
O4-32 - HKLM\..\Run: [APP Manager] = C:\Program Files (x86)\MSI\APP Manager\AppManager.exe /mini
O4-32 - HKLM\..\Run: [Command Center] = C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - DHCP DNS 3: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0341712.inf_amd64_501b10ffd325c914\B337402\atiesrxx.exe
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: MSI AppManager Service - (MSI_AppManager_Service) - C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe
O23 - Service R2: MSI Command Center Control Service - (MSICTL_CC) - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service R2: NetLimiter 4 Service - (nlsvc) - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
O23 - Service R2: TeraCopy Service - (TeraCopyService) - C:\Program Files\TeraCopy\TeraCopyService.exe
O23 - Service S3: MSI Command Center CPU Service - (MSICPU_CC) - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe
O23 - Service S3: MSI Command Center Clock Service - (MSIClock_CC) - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe
O23 - Service S3: MSI Command Center Comm Service - (MSICOMM_CC) - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service S3: MSI Command Center DDR Service - (MSIDDR_CC) - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service S3: MSI Command Center SMBus Service - (MSISMB_CC) - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service S3: MSI Command Center SuperIO Service - (MSISuperIO_CC) - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe


--
End of file - Time spent: 25,7 sec. - 17106 bytes, CRC32: FFFFFFFF. Sign: 띹Ύ
 
102035 dedi:
Bana verilen, indirdiğim dosyayı Kaspersky Advisor, virustotal üzerinden kontrol ediyorum. Gereken durumlarda Hybrid Analysis veya kendi sanal makinem üzerinden genelde dinamik olarak analiz ediyorum.
Genişletmek için tıkla...
Ok doğru ediyorsun. bu rehberde de dosya adlarından klasör yerlerinden o dediğin sitelere google aramasında denk geldiğinde kontrolleri md5 veya sha varsa aynı kimlikte o şekilde az çok bilgi sahibi olabilirsin.
raja70 dedi:
%100 disk sorunu ve kasma var sorun nedir sizce?
Genişletmek için tıkla...
Zararlı yönden bir sıkıntı görmedim.
Lenovo yazılımını kaldırabilirsen kaldır denetim masasından ek olarak bunları da fixleyin:
Kod: 
O17 - DHCP DNS 1: 178.233.140.110
O17 - DHCP DNS 2: 46.197.15.60
O17 - DHCP DNS 3: 176.240.150.250
birtanıdık dedi:
Performans düşüşü yaşıyorum sorun nedir acaba ?
Genişletmek için tıkla...
VPN ve Defender kullanıyorsun bunlar etkileyebilir.

Bunları fixle:
Kod: 
O1 - Hosts: 127.0.0.1 redshell.io.
O1 - Hosts: 127.0.0.1 api.redshell.io.
O1 - Hosts: 127.0.0.1 treasuredata.com.
O1 - Hosts: 127.0.0.1 api.treasuredata.com.
O1 - Hosts: 127.0.0.1 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 redshell.io.
O1 - Hosts: 0.0.0.0 api.redshell.io.
O1 - Hosts: 0.0.0.0 treasuredata.com.
O1 - Hosts: 0.0.0.0 in.treasuredata.com.
O1 - Hosts: 0.0.0.0 api.treasuredata.com
O4 - HKLM\..\StartupApproved\Run: [UrbanVPN] = C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe /checknow -minuseractions -startappfirst -restartapp "C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe" (file missing) (2019/11/24)
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 192.168.1.1
kakaolupuding dedi:
Bilgisayarda birşeyler cidden yanlış gidiyormuş gibi geliyor.
Genişletmek için tıkla...
Zararlı yönden bir sıkıntı görünmüyor.
karayel34 dedi:
Bu isteğe bağlı güncelleştirmeyi şimdi yapayım mı?
Genişletmek için tıkla...
Evet güncelleme geldi yükseltebilirsin.
TéQ10 dedi:
Tarayıcılarda sayfalar yüklenirken bazen hatalar çıkıyor ve virüs olduğundan şüpheliyim. Antivirüs illa indirip tarama yapmak zorunda mıyım yoksa virüsleri bulmanın başka bir yolu var mı?
Genişletmek için tıkla...
Bunları fixle:
Kod: 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 195.208.36.45:50366 (disabled)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURL] = http://clients5.google.com/complete/search?q={searchTerms}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [URL] = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 www.monster-cheats.com
O1 - Hosts: 0.0.0.0 monster-cheats.com
O1 - Hosts: 0.0.0.0 www.bl-hackers.com
O1 - Hosts: 0.0.0.0 bl-hackers.com
O1 - Hosts: 0.0.0.0 theapathe.com
O1 - Hosts: 0.0.0.0 www.theapathe.com
O1 - Hosts: 0.0.0.0 theapathe.net
O1 - Hosts: 0.0.0.0 www.theapathe.net
O1 - Hosts: 0.0.0.0 theapathe.org
O1 - Hosts: 0.0.0.0 www.theapathe.org
O1 - Hosts: 0.0.0.0 sv1.theapathe.com
O1 - Hosts: 0.0.0.0 apathecheats.com
O1 - Hosts: 0.0.0.0 www.apathecheats.com
O1 - Hosts: 0.0.0.0 apathecheats.net
O1 - Hosts: 0.0.0.0 www.apathecheats.net
O1 - Hosts: 0.0.0.0 apathecheats.org
O1 - Hosts: 0.0.0.0 www.apathecheats.org
O1 - Hosts: 0.0.0.0 download.theapathe.com
O1 - Hosts: 0.0.0.0 www.sv1.theapathe.com
O1 - Hosts: 0.0.0.0 www.download.theapathe.com
O1 - Hosts: 0.0.0.0 www.hileliadam.co
O1 - Hosts: 0.0.0.0 hileliadam.co
O1 - Hosts: 0.0.0.0 www.hilenbizde.com
O1 - Hosts: 0.0.0.0 hilenbizde.com
O1 - Hosts: 0.0.0.0 www.wolfteamhacker.com
O1 - Hosts: 0.0.0.0 wolfteamhacker.com
O1 - Hosts: 0.0.0.0 wolfteam-hile.com
O1 - Hosts: 0.0.0.0 www.wolfteam-hile.com
O1 - Hosts: 0.0.0.0 www.zulahile.com
O1 - Hosts: 0.0.0.0 zulahile.com
O1 - Hosts: 0.0.0.0 www.mrsnapz.net
O1 - Hosts: 0.0.0.0 mrsnapz.net
O1 - Hosts: 0.0.0.0 www.mrsnapznet.us
O1 - Hosts: 0.0.0.0 mrsnapznet.us
O1 - Hosts: 0.0.0.0 www.badeshan.com
O1 - Hosts: 0.0.0.0 www.thefrm.net
O1 - Hosts: 0.0.0.0 www.plathelper.net
O1 - Hosts: 0.0.0.0 www.thefrmonline.com
O1 - Hosts: 0.0.0.0 www.pro-hile.com
O1 - Hosts: 0.0.0.0 www.pro-hile.net
O1 - Hosts: 0.0.0.0 www.hileliadam.com
O1 - Hosts: 0.0.0.0 www.hilelikafa.com
O1 - Hosts: 0.0.0.0 www.gamehileleri.com
O1 - Hosts: 0.0.0.0 www.hilemekani.com
O1 - Hosts: 0.0.0.0 www.frmbull.com
O1 - Hosts: 0.0.0.0 www.turkfrm.net
O1 - Hosts: 0.0.0.0 www.hilesarayi.com
O1 - Hosts: 0.0.0.0 www.xcheats.com
O1 - Hosts: 0.0.0.0 www.xcheats.net
O1 - Hosts: 0.0.0.0 www.xcheats.org
O1 - Hosts: 0.0.0.0 xcheats.com
O1 - Hosts: 0.0.0.0 xcheats.org
O1 - Hosts: 0.0.0.0 xcheats.net
O1 - Hosts: 0.0.0.0 utilcheat.com
O1 - Hosts: 0.0.0.0 turkfrm.net
O1 - Hosts: 0.0.0.0 goldhile.net
O1 - Hosts: 0.0.0.0 onefrm.com
O1 - Hosts: 0.0.0.0 badeshan.com
O1 - Hosts: 0.0.0.0 thefrmonline.com
O1 - Hosts: 0.0.0.0 thefrm.net
O1 - Hosts: 0.0.0.0 pro-hile.com
O1 - Hosts: 0.0.0.0 pro-hile.net
O1 - Hosts: 0.0.0.0 zeusfrm.org
O1 - Hosts: 0.0.0.0 hileliadam.com
O1 - Hosts: 0.0.0.0 hilelikafa.com
O1 - Hosts: 0.0.0.0 gamehileleri.com
O1 - Hosts: 0.0.0.0 hilemekani.com
O1 - Hosts: 0.0.0.0 frmbull.com
O1 - Hosts: 0.0.0.0 plathelper.net
O1 - Hosts: 0.0.0.0 hilesarayi.com
O1 - Hosts: 0.0.0.0 yenilmezfrm.net
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.net
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.com
O1 - Hosts: 0.0.0.0 www.ads.pro-hile.org
O1 - Hosts: 0.0.0.0 pro-hile.org
O1 - Hosts: 0.0.0.0 www.pro-hile.org
O1 - Hosts: 0.0.0.0 www.mrsnapz.net
O1 - Hosts: 0.0.0.0 mrsnapz.net
O1 - Hosts: 0.0.0.0 www.mrsnapznet.us
O1 - Hosts: 0.0.0.0 ultrafrm.net
O1 - Hosts: 0.0.0.0 www.ultrafrm.net
O1 - Hosts: 0.0.0.0 ultrafrm.org
O1 - Hosts: 0.0.0.0 www.ultrafrm.org
O1 - Hosts: 0.0.0.0 ultrafrm.com
O1 - Hosts: 0.0.0.0 www.ultrafrm.com
O1 - Hosts: 0.0.0.0 moira.ultrafrm.com
O1 - Hosts: 0.0.0.0 www.moira.ultrafrm.com
O1 - Hosts: 0.0.0.0 moira.ultrafrm.net
O1 - Hosts: 0.0.0.0 www.moira.ultrafrm.net
O1 - Hosts: 0.0.0.0 ads.ultrafrm.net
O1 - Hosts: 0.0.0.0 www.hileuzmani.com
O1 - Hosts: 0.0.0.0 hileuzmani.com
O1 - Hosts: 0.0.0.0 unitatis.net
O1 - Hosts: 0.0.0.0 www.unitatis.net
O1 - Hosts: 0.0.0.0 www.mrcheat.us
O1 - Hosts: 0.0.0.0 mrcheat.us
O1 - Hosts: 0.0.0.0 ultrahilem.com
O1 - Hosts: 0.0.0.0 www.ultrahilem.com
O1 - Hosts: 0.0.0.0 moiracheats.net
O1 - Hosts: 0.0.0.0 moiracheats.com
O1 - Hosts: 0.0.0.0 moiracheats.org
O1 - Hosts: 0.0.0.0 www.moiracheats.net
O1 - Hosts: 0.0.0.0 www.moiracheats.com
O1 - Hosts: 0.0.0.0 www.moiracheats.org
O1 - Hosts: 0.0.0.0 mo1racheats.net
O1 - Hosts: 0.0.0.0 mo1racheats.com
O1 - Hosts: 0.0.0.0 mo1racheats.org
O1 - Hosts: 0.0.0.0 www.mo1racheats.net
O1 - Hosts: 0.0.0.0 www.mo1racheats.com
O1 - Hosts: 0.0.0.0 www.mo1racheats.org
O1 - Hosts: 0.0.0.0 kral-hile.com
O1 - Hosts: 0.0.0.0 www.kral-hile.com
O1 - Hosts: 0.0.0.0 www.elitehackers.rf.gd
O1 - Hosts: 0.0.0.0 elitehackers.rf.gd
O1 - Hosts: 0.0.0.0 hoxelizm.com
O1 - Hosts: 0.0.0.0 www.hoxelizm.com
O1 - Hosts: 0.0.0.0 virtualevolution.net
O1 - Hosts: 0.0.0.0 www.virtualevolution.net
O1 - Hosts: 0.0.0.0 virtualevolution.com
O1 - Hosts: 0.0.0.0 www.virtualevolution.com
O1 - Hosts: 0.0.0.0 virtualevolution.org
O1 - Hosts: 0.0.0.0 www.virtualevolution.org
O1 - Hosts: 0.0.0.0 zoomhacks.com
O1 - Hosts: 0.0.0.0 www.zoomhacks.com
O1 - Hosts: 0.0.0.0 www.download.zoomhacks.com
O1 - Hosts: 0.0.0.0 cheatsturkey.net
O1 - Hosts: 0.0.0.0 cheatsturkey.com
O1 - Hosts: 0.0.0.0 cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.cheatsturkey.net
O1 - Hosts: 0.0.0.0 www.cheatsturkey.com
O1 - Hosts: 0.0.0.0 www.cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.cheatsturkey.xyz
O1 - Hosts: 0.0.0.0 cheatsturkey.xyz
O1 - Hosts: 0.0.0.0 download.cheatsturkey.com
O1 - Hosts: 0.0.0.0 download.cheatsturkey.org
O1 - Hosts: 0.0.0.0 download.cheatsturkey.net
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.com
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.org
O1 - Hosts: 0.0.0.0 www.download.cheatsturkey.net
O1 - Hosts: 0.0.0.0 unixcheats.com
O1 - Hosts: 0.0.0.0 www.unixcheats.com
O1 - Hosts: 0.0.0.0 unixcheats.net
O1 - Hosts: 0.0.0.0 www.unixcheats.net
O1 - Hosts: 0.0.0.0 unixcheats.org
O1 - Hosts: 0.0.0.0 www.unixcheats.org
O1 - Hosts: 0.0.0.0 gamecheat.center
O1 - Hosts: 0.0.0.0 www.gamecheat.center
O1 - Hosts: 0.0.0.0 www.masyaf.net
O1 - Hosts: 0.0.0.0 masyaf.net
O1 - Hosts: 0.0.0.0 www.masyaf.com
O1 - Hosts: 0.0.0.0 masyaf.com
O1 - Hosts: 0.0.0.0 www.masyaf.org
O1 - Hosts: 0.0.0.0 masyaf.org
O1 - Hosts: 0.0.0.0 serodeck.com
O1 - Hosts: 0.0.0.0 www.serodeck.com
O1 - Hosts: 0.0.0.0 hax4you.com
O1 - Hosts: 0.0.0.0 www.hax4you.com
O1 - Hosts: 0.0.0.0 hax4you.net
O1 - Hosts: 0.0.0.0 www.hax4you.net
O1 - Hosts: 0.0.0.0 hax4you.org
O1 - Hosts: 0.0.0.0 www.hax4you.org
O1 - Hosts: 0.0.0.0 unxc.xyz
O1 - Hosts: 0.0.0.0 www.unxc.xyz
O1 - Hosts: 0.0.0.0 exiledros.me
O1 - Hosts: 0.0.0.0 www.exiledros.me
O1 - Hosts: 0.0.0.0 exiledros.net
O1 - Hosts: 0.0.0.0 www.exiledros.net
O1 - Hosts: 0.0.0.0 exiledros.com
O1 - Hosts: 0.0.0.0 www.exiledros.com
O1 - Hosts: 0.0.0.0 exiledros.info
O1 - Hosts: 0.0.0.0 www.exiledros.info
O1 - Hosts: 0.0.0.0 rosvertex-4.0F2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 www.rosvertex-4.0F2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 rosvertex-4f2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 www.rosvertex-4f2b8.firebaseapp.com
O1 - Hosts: 0.0.0.0 citpekalongan.com
O1 - Hosts: 0.0.0.0 www.citpekalongan.com
O1 - Hosts: 0.0.0.0 vipmrcheats.org
O1 - Hosts: 0.0.0.0 www.vipmrcheats.org
O1 - Hosts: 0.0.0.0 luciros.tk
O1 - Hosts: 0.0.0.0 www.hotshotgamers.net
O1 - Hosts: 0.0.0.0 hotshotgamers.net
O1 - Hosts: 0.0.0.0 www.hotshotgamers.org
O1 - Hosts: 0.0.0.0 hotshotgamers.org
O1 - Hosts: 0.0.0.0 www.hotshotgamers.com
O1 - Hosts: 0.0.0.0 hotshotgamers.com
O1 - Hosts: 0.0.0.0 www.pinoygameaccounts.blogspot.com
O1 - Hosts: 0.0.0.0 pinoygameaccounts.blogspot.com
O1 - Hosts: 0.0.0.0 www.exiledros.me
O1 - Hosts: 0.0.0.0 exiledros.me
O1 - Hosts: 0.0.0.0 woxcheats.com
O1 - Hosts: 0.0.0.0 www.woxcheats.com
O1 - Hosts: 0.0.0.0 woxcheats.net
O1 - Hosts: 0.0.0.0 www.woxcheats.net
O1 - Hosts: 0.0.0.0 woxcheats.org
O1 - Hosts: 0.0.0.0 www.woxcheats.org
O1 - Hosts: 0.0.0.0 realitycheats.com
O1 - Hosts: 0.0.0.0 www.realitycheats.com
O1 - Hosts: 0.0.0.0 realitycheats.net
O1 - Hosts: 0.0.0.0 www.realitycheats.net
O1 - Hosts: 0.0.0.0 realitycheats.org
O1 - Hosts: 0.0.0.0 www.realitycheats.org
O1 - Hosts: 0.0.0.0 reversehackers.com
O1 - Hosts: 0.0.0.0 www.reversehackers.com
O1 - Hosts: 0.0.0.0 reversehackers.net
O1 - Hosts: 0.0.0.0 www.reversehackers.net
O1 - Hosts: 0.0.0.0 reversehackers.org
O1 - Hosts: 0.0.0.0 www.reversehackers.org
O17 - DHCP DNS 3: 1.1.1.1
O17 - DHCP DNS 4: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{188e1cc2-58b8-43f5-8f13-effe6206a2fb}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{188e1cc2-58b8-43f5-8f13-effe6206a2fb}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{79bf1e40-b274-45f3-847b-6670cf5639b1}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{79bf1e40-b274-45f3-847b-6670cf5639b1}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{d7b4be03-9041-45d6-9713-aad4f9fc96b8}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{d7b4be03-9041-45d6-9713-aad4f9fc96b8}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O23 - Service S3: FileSyncHelper - C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe
O23 - Service S3: OneDrive Updater Service - C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe
ЭЛЙССЙ dedi:
Hizmetler ve Denetleyici uygulaması son zamanlarda %25 civarı CPU kullanımında seyrediyor.
Genişletmek için tıkla...
Çünkü netlimiter gibi devamlı çalışan servis ve yazılımı var. RivaTuner ayrı bir mesele. TeraCopy gibi gereksiz bir servis var. Gereksiz şeyleri kaldırın.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\Run: [NetLimiter] = C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe /minimized
O4 - HKCU\..\StartupApproved\Run: [electron.app.YouTube Music Desktop App] = C:\Users\Elyssy\AppData\Local\Programs\youtube-music-desktop-app\YouTube Music Desktop App.exe --processStart "YouTube Music Desktop App.exe" (file missing) (2020/01/06)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Elyssy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk    ->    C:\ProgramData\MEGAsync\MEGAsync.exe (2020/01/06)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - DHCP DNS 3: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b6404240-2906-43dd-b51e-f94b31e6d8c6}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B6404240-2906-43DD-B51E-F94B31E6D8C6}: [NameServer] = 192.168.1.1
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
562
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.692
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.007
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.035
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.604
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı