Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18363.778 (ReleaseId: 1909), Service Pack: 0
Time:      17.04.2020 - 23:06 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Mert    (group: Administrator) on SILVA, FirstRun: no

Opera:   66.0.3515.44
Chrome:  78.0.3904.70
Firefox: 75.0.0.7398
Edge:    11.0.18362.752
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
   1  C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
   2  C:\Program Files (x86)\AnyDesk\AnyDesk.exe
   1  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   4  C:\Program Files (x86)\DiscordSetup_3\Discord-0.0.305-full\lib\net45\Discord.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
   1  C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\FACEIT AC\FACEITService.exe
   1  C:\Program Files\FACEIT AC\faceitclient.exe
   8  C:\Program Files\Mozilla Firefox\firefox.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
   2  C:\Users\Mert\AppData\Local\FACEITApp\app-1.24.0\FACEIT.exe
   1  C:\Users\Mert\Desktop\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  77  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe
   7  D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  D:\Program Files (x86)\Steam\steam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=408&clid=2340458-310
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 65.52.240.48
O1 - Hosts: 127.0.0.1 69.167.144.18
O1 - Hosts: 127.0.0.1 157.56.8.159
O1 - Hosts: 127.0.0.1 69.167.144.15
O1 - Hosts: 127.0.0.1 updater.techsmith.com
O1 - Hosts: 127.0.0.1 camtasiatudi.techsmith.com
O1 - Hosts: 127.0.0.1 tsccloud.cloudapp.net
O1 - Hosts: 127.0.0.1 assets.cloud.techsmith.com 0.0.0.0 blacklist.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist2.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist2.teamspeak.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts.ICS: 1 549
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk    ->    C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/02/17)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2018/04/16)
O4 - HKCU\..\StartupApproved\Run: [ESL Wire] = C:\Program Files\EslWire\wire.exe --tray (2019/12/10)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (file missing) (2020/02/17)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2020/02/17)
O4 - HKCU\..\StartupApproved\Run: [OKAYFREEDOM_Agent] = C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe -agent (2019/07/10)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [Opera Browser Assistant] = C:\Program Files\Opera\assistant\browser_assistant.exe (2019/12/25)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk    ->    C:\Program Files (x86)\Ralink\Common\RaUI.exe -s (2020/04/02)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{042c5c58-8d1b-4bbc-9ed5-6ee346c84a40}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{042c5c58-8d1b-4bbc-9ed5-6ee346c84a40}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{785c9ff6-0399-4fac-9863-f2e9fe077fa2}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{785c9ff6-0399-4fac-9863-f2e9fe077fa2}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{785C9FF6-0399-4FAC-9863-F2E9FE077FA2}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{785C9FF6-0399-4FAC-9863-F2E9FE077FA2}: [NameServer] = 1.1.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\ms-help: [CLSID] = {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Task (.job): update-S-1-5-21-4228329166-2788887562-2554970645-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): Обновление Браузера Яндекс.job - C:\Users\Mert\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (file missing) --background-update --noerrdialogs
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service
O23 - Service R2: FACEITService - C:\Program Files\FACEIT AC\FACEITService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: RalinkRegistryWriter - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service R2: RalinkRegistryWriter64 - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: Haste Service - (HasteUEService) - C:\Program Files\Haste\UserEdgeService.exe  (file missing)
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service S2: Ralink UPnP Media Server - (RaMediaServer) - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe


--
End of file - Time spent: 19,1 sec. - 30056 bytes, CRC32: FFFFFFFF. Sign: 熔脄

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 65.52.240.48
O1 - Hosts: 127.0.0.1 69.167.144.18
O1 - Hosts: 127.0.0.1 157.56.8.159
O1 - Hosts: 127.0.0.1 69.167.144.15
O1 - Hosts: 127.0.0.1 updater.techsmith.com
O1 - Hosts: 127.0.0.1 camtasiatudi.techsmith.com
O1 - Hosts: 127.0.0.1 tsccloud.cloudapp.net
O1 - Hosts: 127.0.0.1 assets.cloud.techsmith.com 0.0.0.0 blacklist.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist2.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist.teamspeak.com
O1 - Hosts: 0.0.0.0 blacklist2.teamspeak.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts: 0.0.0.0 activation.easeus.com
O1 - Hosts: 0.0.0.0 track.easeus.com
O1 - Hosts: 0.0.0.0 easeus.com
O1 - Hosts: 0.0.0.0 update.easeus.com
O1 - Hosts.ICS: 1 549
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/02/17)
O4 - HKCU\..\StartupApproved\Run: [ESL Wire] = C:\Program Files\EslWire\wire.exe --tray (2019/12/10)
O4 - HKCU\..\StartupApproved\Run: [OKAYFREEDOM_Agent] = C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe -agent (2019/07/10)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{042c5c58-8d1b-4bbc-9ed5-6ee346c84a40}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{042c5c58-8d1b-4bbc-9ed5-6ee346c84a40}: [NameServer] = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{785c9ff6-0399-4fac-9863-f2e9fe077fa2}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{785c9ff6-0399-4fac-9863-f2e9fe077fa2}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 1.1.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{042C5C58-8D1B-4BBC-9ED5-6EE346C84A40}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{785C9FF6-0399-4FAC-9863-F2E9FE077FA2}: [NameServer] = 1.0.0.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{785C9FF6-0399-4FAC-9863-F2E9FE077FA2}: [NameServer] = 1.1.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\ms-help: [CLSID] = {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\ProgramData\MEGAsync\ShellExtX32.dll
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Task (.job): update-S-1-5-21-4228329166-2788887562-2554970645-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): Обновление Браузера Яндекс.job - C:\Users\Mert\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (file missing) --background-update --noerrdialogs

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18.

Platform: x64 Windows 10 (Pro), 10.0.18363.778 (ReleaseId: 1909), Service Pack: 0.
Time: 19.04.2020 - 13:16 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: Mert (group: Administrator) on SILVA, FirstRun: yes.

Opera: 66.0.3515.44.
Chrome: 78.0.3904.70.
Firefox: 75.0.0.7398.
Edge: 11.0.18362.752.
Internet Explorer: 11.0.18362.1.
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal.

Running processes:
Number | Path.
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe.
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe.
1 C:\Program Files (x86)\AnyDesk\AnyDesk.exe.
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe.
1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe.
4 C:\Program Files (x86)\DiscordSetup_3\Discord-0.0.305-full\lib\net45\Discord.exe.
1 C:\Program Files (x86)\IObit\Driver Booster\7.4.0\Scheduler.exe.
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe.
1 C:\Program Files (x86)\Ralink\Common\RaRegistry.exe.
1 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe.
1 C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe.
7 C:\Program Files\Mozilla Firefox\firefox.exe.
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe.
3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe.
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe.
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe.
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe.
1 C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe.
5 C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.130.658.0_x86__zpdnekdrzrea0\Spotify.exe.
1 C:\Users\Mert\Desktop\HiJackThis.exe.
3 C:\Windows\System32\RuntimeBroker.exe.
1 C:\Windows\System32\SettingSyncHost.exe.
1 C:\Windows\System32\SgrmBroker.exe.
1 C:\Windows\System32\WUDFHost.exe.
1 C:\Windows\System32\audiodg.exe.
2 C:\Windows\System32\conhost.exe.
2 C:\Windows\System32\csrss.exe.
1 C:\Windows\System32\ctfmon.exe.
1 C:\Windows\System32\dasHost.exe.
1 C:\Windows\System32\dllhost.exe.
1 C:\Windows\System32\dwm.exe.
2 C:\Windows\System32\fontdrvhost.exe.
1 C:\Windows\System32\lsass.exe.
1 C:\Windows\System32\rundll32.exe.
1 C:\Windows\System32\services.exe.
1 C:\Windows\System32\sihost.exe.
1 C:\Windows\System32\smss.exe.
1 C:\Windows\System32\spoolsv.exe.
1 C:\Windows\System32\sppsvc.exe.
79 C:\Windows\System32\svchost.exe.
1 C:\Windows\System32\taskhostw.exe.
2 C:\Windows\System32\wbem\WmiPrvSE.exe.
1 C:\Windows\System32\wininit.exe.
1 C:\Windows\System32\winlogon.exe.
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe.
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe.
1 C:\Windows\explorer.exe.
7 D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe.
1 D:\Program Files (x86)\Steam\steam.exe.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=408&clid=2340458-310.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll.
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll.
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll.
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll.
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true.
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe.
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2018/04/16)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (file missing) (2020/02/17)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2020/02/17)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s.
O4 - HKLM\..\StartupApproved\Run32: [Opera Browser Assistant] = C:\Program Files\Opera\assistant\browser_assistant.exe (2019/12/25)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe.
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe -s (2020/04/02)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm.
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm.
O9 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe.
O9 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe.
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe.
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe.
O15 - Trusted Zone: *.localhost.
O17 - DHCP DNS 1: 1.1.1.1.
O17 - DHCP DNS 2: 1.0.0.1.
O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll.
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK.
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service.
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000.
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: RalinkRegistryWriter - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe.
O23 - Service R2: RalinkRegistryWriter64 - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe.
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService.
O23 - Service S2: FACEITService - C:\Program Files\FACEIT AC\FACEITService.exe.
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe.
O23 - Service S2: Ralink UPnP Media Server - (RaMediaServer) - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe.
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe.
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe.
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe.

--
End of file - Time spent: 19,4 sec. - 19850 bytes, CRC32: FFFFFFFF. Sign: 睬ί

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=408&clid=2340458-310.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex.
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://tr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180223__yaie&p={searchTerms} - Yahoo!