Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17763.437 (ReleaseId: 1809), Service Pack: 0
Time:      18.05.2019 - 10:22 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    ReD    (group: Administrator) on RED, FirstRun: yes

Edge:    11.0.17763.437
Internet Explorer: 11.0.17763.1
Default: "C:\Users\50\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
   1  C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\Steam\Steam.exe
   5  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
   7  C:\Users\50\AppData\Local\Programs\Opera\58.0.3135.132\opera.exe
   1  C:\Users\50\AppData\Local\Programs\Opera\58.0.3135.132\opera_crashreporter.exe
   1  C:\Users\50\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\HelpPane.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   3  C:\Windows\SysWOW64\muachost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0340998.inf_amd64_f156c252858e0346\B340755\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0340998.inf_amd64_f156c252858e0346\B340755\atiesrxx.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\schtasks.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  73  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O4 - HKCU\..\Run: [GoogleDriveSync] = C:\Program Files\Google\Drive\googledrivesync.exe /autostart (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [WallpaperEngine] = C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe -silent
O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background (file missing)
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0340998.inf_amd64_f156c252858e0346\B340755\atiesrxx.exe
O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: MysticLight2_Service - C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S2: ICEsound Service - (ICEsoundService) - C:\WINDOWS\system32\ICEsoundService64.exe  (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe


--
End of file - Time spent: 25,2 sec. - 14782 bytes, CRC32: FFFFFFFF. Sign: 侠䅹
Performans düşüşü yaşıyorum. Virüs olabileceğinden şüpheleniyorum.
 
@GhostSoldier Bunları fixleyin ancak bunlar zararlı değil:
Kod: 
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O15 - Trusted Zone: http://webcompanion.com
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
 
Aşırı performans kaybı ve geç açılma kasma donma sorunları yaşıyorum. Neleri fixlemem gerek ?
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.17763.529 (ReleaseId: 1809), Service Pack: 0
Time:      28.05.2019 - 19:24 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    BEKİR    (group: Administrator) on DESKTOP-BB393U6, FirstRun: yes

Chrome:  74.0.3729.169
Firefox: 67.0.0.7075
Edge:    11.0.17763.529
Internet Explorer: 11.0.17763.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   2  C:\AppServ\Apache2\bin\Apache.exe
   1  C:\AppServ\MySQL\bin\mysqld-nt.exe
   1  C:\Program Files (x86)\AnyDesk\AnyDesk.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
   1  C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
   1  C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
   1  C:\Users\BEKİR\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\MSIService.exe
   1  C:\Windows\System32\CastSrv.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SynTPEnh.exe
   1  C:\Windows\System32\SynTPEnhService.exe
   1  C:\Windows\System32\SynTPHelper.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  67  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.buenosaires.gob.ar/sarmientoba
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Akamai NetSession Interface] = C:\Users\BEKİR\AppData\Local\Akamai\netsession_win.exe (2018/12/27)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2018/10/23)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\BEKİR\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/05/24)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2018/07/15)
O4 - HKCU\..\StartupApproved\Run: [MiPhoneManager] = C:\Users\BEKİR\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe (2019/02/26)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\BEKİR\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/07/15)
O4 - HKCU\..\StartupApproved\Run: [PCLink] = C:\Program Files (x86)\ASUS\PC Link\PCLink.exe /boot (2018/10/23)
O4 - HKCU\..\StartupApproved\Run: [XperiaCompanionAgent] = C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe (2019/02/26)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\BEKİR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk    ->    C:\Users\BEKİR\Autodesk\Genuine Service\GenuineService.exe (2018/12/25)
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Nahimic2UILauncher] = C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe /noUI
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SCM] = C:\Program Files (x86)\SCM\SCM.exe
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2018/07/15)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/02/26)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2019/02/26)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2019/02/26)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2018/12/27)
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2018/10/23)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk    ->    C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2018/10/23)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = D:\Office2010\Office14\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Microsoft Excel'e &Ver: (default) = D:\Office\Office15\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\OneNote'a G&önder: (default) = D:\Office\Office15\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = D:\Office2010\Office14\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 195.175.39.49
O17 - DHCP DNS 2: 195.175.39.50
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service
O23 - Service R2: Apache2 - C:\AppServ\Apache2\bin\Apache.exe -k runservice
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: Micro Star SCM - C:\Windows\SysWOW64\MSIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: SynTPEnhService - C:\WINDOWS\System32\SynTPEnhService.exe
O23 - Service R2: mysql - C:\AppServ\MySQL\bin\mysqld-nt.exe --defaults-file=C:\AppServ\MySQL\my.ini mysql
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: mysql57 - C:\AppServ\MySQL\bin\mysqld --defaults-file=C:\AppServ\MySQL\my.ini mysql57 (file missing)
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 28,9 sec. - 27080 bytes, CRC32: FFFFFFFF. Sign: 쁻
 
MySql ve Apache server kurulu gözüküyor. Sizin bilginiz dahlinde kuruluysa sıkıntı yok. Anydesk, Deamontools programlarını kullanmıyorsanız kaldırın.

Bunları fixleyin:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.buenosaires.gob.ar/sarmientoba
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2018/10/23)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\BEKİR\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/05/24)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2018/07/15)
O4 - HKCU\..\StartupApproved\Run: [MiPhoneManager] = C:\Users\BEKİR\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe (2019/02/26)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\BEKİR\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/07/15)
O4 - HKCU\..\StartupApproved\Run: [PCLink] = C:\Program Files (x86)\ASUS\PC Link\PCLink.exe /boot (2018/10/23)
O4 - HKCU\..\StartupApproved\Run: [XperiaCompanionAgent] = C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe (2019/02/26)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2018/12/27)
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2018/10/23)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = D:\Office2010\Office14\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Microsoft Excel'e &Ver: (default) = D:\Office\Office15\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\OneNote'a G&önder: (default) = D:\Office\Office15\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = D:\Office2010\Office14\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk    ->    C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2018/10/23)
O23 - Service R2: Micro Star SCM - C:\Windows\SysWOW64\MSIService.exe
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.17763.503 (ReleaseId: 1809), Service Pack: 0
Time:      06.06.2019 - 02:38 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    hamza    (group: Administrator) on DESKTOP-MJ5RG0T, FirstRun: yes

Edge:    11.0.17763.503
Internet Explorer: 11.0.17763.1
Default: "C:\Users\hamza\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
   6  C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe
   1  C:\Program Files\AX2PS9UKIO\NM94090LH.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   2  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
  13  C:\Users\hamza\AppData\Local\Programs\Opera\60.0.3255.109\opera.exe
   1  C:\Users\hamza\AppData\Local\Programs\Opera\60.0.3255.109\opera_crashreporter.exe
   1  C:\Users\hamza\AppData\Local\Temp\csrss\updateprofile-0321.exe
   1  C:\Users\hamza\AppData\Local\Temp\is-1ED9L.tmp\SimpleFF.exe
   1  C:\Users\hamza\AppData\Local\Temp\is-8QQD7.tmp\SimpleFF.tmp
   1  C:\Users\hamza\AppData\Local\Temp\is-AO7MQ.tmp\sg3wjzngah5.tmp
   1  C:\Users\hamza\AppData\Local\Temp\is-BI7M0.tmp\SimpleFF.exe
   1  C:\Users\hamza\AppData\Local\Temp\is-QEFCR.tmp\SimpleFF.tmp
   1  C:\Users\hamza\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe
   1  C:\Users\hamza\AppData\Roaming\p2iejw4l41u\sg3wjzngah5.exe
   1  C:\Users\hamza\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\PnkBstrA.exe
   1  C:\Windows\SysWOW64\esif_uf.exe
   1  C:\Windows\System32\BtwRSupportService.exe
   1  C:\Windows\System32\LogonUI.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\WerFault.exe
   1  C:\Windows\System32\WirelessKB850NotificationService.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   3  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\dwm.exe
   3  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  90  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   2  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\Temp\DPTF\esif_assist_64.exe
   2  C:\Windows\explorer.exe
   1  C:\Windows\rss\csrss.exe
   1  C:\Windows\windefender.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmosL-NcIlntvD5hPhY5DDCQyooq9-lnj8f33HLOgdODrn3rWktInF-EovBo8PO8_kZtGxKMcDT2w7ACtiDsG4-lbTR_S2jPAU,
R0 - HKCU\Software\Microsoft\Internet Explorer\Search: [Default_Search_URL] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main: [SearchAssistant] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}: [SuggestionsURL_JSON] = http://suggestqueries.google.com/complete/search?output=firefox&client=firefox&qu={searchTerms} - Search the web
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}: [URL] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms} - Search the web
R4 - SearchScopes: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 space1.adminpressure.space
O1 - Hosts: 127.0.0.1 trackpressure.website
O1 - Hosts: 127.0.0.1 htagzdownload.pw
O1 - Hosts: 127.0.0.1 360devtraking.website
O1 - Hosts: 127.0.0.1 room1.360dev.info
O1 - Hosts: 127.0.0.1 djapp.info
O1 - Hosts: 127.0.0.1 sharefolder.online
O1 - Hosts: 127.0.0.1 telechargini.com
O1 - Hosts: 127.0.0.1 fffffk.xyz
O1 - Hosts: 127.0.0.1 smarttrackk.xyz
O1 - Hosts: 127.0.0.1 space1.adminpressure.space
O1 - Hosts: 127.0.0.1 trackpressure.website
O1 - Hosts: 127.0.0.1 htagzdownload.pw
O1 - Hosts: 127.0.0.1 360devtraking.website
O1 - Hosts: 127.0.0.1 room1.360dev.info
O1 - Hosts: 127.0.0.1 djapp.info
O1 - Hosts: 127.0.0.1 sharefolder.online
O1 - Hosts: 127.0.0.1 telechargini.com
O1 - Hosts: 127.0.0.1 fffffk.xyz
O1 - Hosts: 127.0.0.1 smarttrackk.xyz
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\Run: [4658173] = C:\Users\hamza\AppData\Local\Temp\is-BI7M0.tmp\SimpleFF.exe /VERYSILENT
O4 - HKCU\..\Run: [585711] = C:\Users\hamza\AppData\Roaming\p2iejw4l41u\sg3wjzngah5.exe /VERYSILENT
O4 - HKCU\..\Run: [8307650] = C:\Users\hamza\AppData\Local\Temp\is-1ED9L.tmp\SimpleFF.exe /VERYSILENT
O4 - HKCU\..\Run: [B2JOH4YQBOERPVO] = C:\Program Files\AX2PS9UKIO\NM94090LH.exe
O4 - HKCU\..\Run: [BoldWind] = C:\Windows\rss\csrss.exe
O4 - HKCU\..\Run: [CloudNet] = C:\Users\hamza\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe 1-108
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2018/10/27)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\hamza\AppData\Local\Discord\app-0.0.305\Discord.exe (2018/10/13)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2018/11/15)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2018/10/12)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\hamza\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/10/12)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2018/10/12)
O4 - HKCU\..\StartupApproved\Run: [uTorrent] = C:\Users\hamza\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (2018/10/27)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\hamza\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (2018/10/18)
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2018/10/18)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/01/26)
O4-32 - HKLM\..\Run: [ShutdownTime] = C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe
O17 - DHCP DNS 1: 82.163.143.146
O17 - DHCP DNS 2: 82.163.142.148
O17 - HKLM\System\CCS\Services\Tcpip\..\{b478295b-7a83-4cff-b2a8-ec61e61cf8ff}: [NameServer] = 82.163.142.148
O17 - HKLM\System\CCS\Services\Tcpip\..\{b478295b-7a83-4cff-b2a8-ec61e61cf8ff}: [NameServer] = 82.163.143.146
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\ProgramData\Voyasollam\Home-Tough.dll (disabled by SecureBoot)
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\ProgramData\Voyasollam\Keyair.dll (disabled by SecureBoot)
O22 - Task (.job): Homeville.job - C:\Program Files\Homeville\Homeville.exe (file missing) /scheduled
O22 - Task (.job): Online Application V2G1.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 69
O22 - Task (.job): Online Application V2G2.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 70
O22 - Task (.job): Online Application V2G3.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 71
O22 - Task (.job): Online Application V2G4.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 60
O22 - Task (.job): Online Application V2G5.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 61
O22 - Task (.job): Online Application V2G6.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 62
O22 - Task (.job): Updater_Online_Application.job - C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe /silentall -nofreqcheck
O23 - Service R2: Bluetooth Driver Management Service - (BcmBtRSupport) - C:\Windows\system32\BtwRSupportService.exe
O23 - Service R2: ESIF Upper Framework Service - (esifsvc) - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: LMIGuardianSvc - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service R2: LogMeIn Hamachi Tunneling Engine - (Hamachi2Svc) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -s
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe  (file missing)
O23 - Service R2: Windows Defender Helper Service (Windows 1703 Creators Update) - (WinDefender) - C:\Windows\windefender.exe
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Background Logic Handler - (backlh) - C:\ProgramData\Logic Cramble\set.exe
O23 - Service S2: CloudPrinter - C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a
O23 - Service S2: Voyasollam - C:\ProgramData\\Voyasollam\\Voyasollam.exe shuz -f "C:\ProgramData\\Voyasollam\\Voyasollam.dat" -l -a
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 115,6 sec. - 33624 bytes, CRC32: FFFFFFFF. Sign: 瑆⺫

Yanlış bir indirme yüzünden bilgisayarıma virüs bulaştı ve durmadan reklam açılıyor.
 
Bunları fixleyin:

Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmosL-NcIlntvD5hPhY5DDCQyooq9-lnj8f33HLOgdODrn3rWktInF-EovBo8PO8_kZtGxKMcDT2w7ACtiDsG4-lbTR_S2jPAU,
R0 - HKCU\Software\Microsoft\Internet Explorer\Search: [Default_Search_URL] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main: [SearchAssistant] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms}
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}: [SuggestionsURL_JSON] = http://suggestqueries.google.com/complete/search?output=firefox&client=firefox&qu={searchTerms} - Search the web
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}: [URL] = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovF21AKMKME4QhV6maf2k1u-tis2JTkLR_TKUculc-OUiQnZOiJbGZ1g7MMaKApvuDTIelr4sNdJmTn-ju9-jDM7J2qWoXvE,&q={searchTerms} - Search the web
R4 - SearchScopes: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 space1.adminpressure.space
O1 - Hosts: 127.0.0.1 trackpressure.website
O1 - Hosts: 127.0.0.1 htagzdownload.pw
O1 - Hosts: 127.0.0.1 360devtraking.website
O1 - Hosts: 127.0.0.1 room1.360dev.info
O1 - Hosts: 127.0.0.1 djapp.info
O1 - Hosts: 127.0.0.1 sharefolder.online
O1 - Hosts: 127.0.0.1 telechargini.com
O1 - Hosts: 127.0.0.1 fffffk.xyz
O1 - Hosts: 127.0.0.1 smarttrackk.xyz
O1 - Hosts: 127.0.0.1 space1.adminpressure.space
O1 - Hosts: 127.0.0.1 trackpressure.website
O1 - Hosts: 127.0.0.1 htagzdownload.pw
O1 - Hosts: 127.0.0.1 360devtraking.website
O1 - Hosts: 127.0.0.1 room1.360dev.info
O1 - Hosts: 127.0.0.1 djapp.info
O1 - Hosts: 127.0.0.1 sharefolder.online
O1 - Hosts: 127.0.0.1 telechargini.com
O1 - Hosts: 127.0.0.1 fffffk.xyz
O1 - Hosts: 127.0.0.1 smarttrackk.xyz
O4 - HKCU\..\Run: [4658173] = C:\Users\hamza\AppData\Local\Temp\is-BI7M0.tmp\SimpleFF.exe /VERYSILENT
O4 - HKCU\..\Run: [585711] = C:\Users\hamza\AppData\Roaming\p2iejw4l41u\sg3wjzngah5.exe /VERYSILENT
O4 - HKCU\..\Run: [8307650] = C:\Users\hamza\AppData\Local\Temp\is-1ED9L.tmp\SimpleFF.exe /VERYSILENT
O4 - HKCU\..\Run: [B2JOH4YQBOERPVO] = C:\Program Files\AX2PS9UKIO\NM94090LH.exe
O4 - HKCU\..\Run: [BoldWind] = C:\Windows\rss\csrss.exe
O4 - HKCU\..\Run: [CloudNet] = C:\Users\hamza\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe 1-108
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\ProgramData\Voyasollam\Home-Tough.dll (disabled by SecureBoot)
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\ProgramData\Voyasollam\Keyair.dll (disabled by SecureBoot)
O22 - Task (.job): Homeville.job - C:\Program Files\Homeville\Homeville.exe (file missing) /scheduled
O22 - Task (.job): Online Application V2G1.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 69
O22 - Task (.job): Online Application V2G2.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 70
O22 - Task (.job): Online Application V2G3.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 71
O22 - Task (.job): Online Application V2G4.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 60
O22 - Task (.job): Online Application V2G5.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 61
O22 - Task (.job): Online Application V2G6.job - C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 1 62
O22 - Task (.job): Updater_Online_Application.job - C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe /silentall -nofreqcheck
O23 - Service R2: Windows Defender Helper Service (Windows 1703 Creators Update) - (WinDefender) - C:\Windows\windefender.exe
O23 - Service S2: Background Logic Handler - (backlh) - C:\ProgramData\Logic Cramble\set.exe
O23 - Service S2: CloudPrinter - C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a
O23 - Service S2: Voyasollam - C:\ProgramData\\Voyasollam\\Voyasollam.exe shuz -f "C:\ProgramData\\Voyasollam\\Voyasollam.dat" -l -a

Bunları yaptıktan sonra yeterli gelmeyecektir MBAM ile de taratıp bulunanları temizleyin.
 
Kod: 
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home), 10.0.17134.799 (ReleaseId: 1803), Service Pack: 0
Time:      07.06.2019 - 10:38 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Barbaros    (group: Administrator) on DESKTOP-2LOF4FB, FirstRun: yes

Edge:    11.0.17134.799
Internet Explorer: 11.0.17134.1
Default: "C:\Users\Barbaros\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
   1  C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
   1  C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
   1  C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
   1  C:\Program Files (x86)\Steam\Steam.exe
   5  C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Windows Defender\MSASCuiL.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
   1  C:\Program Files\rempl\sedsvc.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
   6  C:\Users\Barbaros\AppData\Local\Discord\app-0.0.305\Discord.exe
   1  C:\Users\Barbaros\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\Barbaros\Desktop\HiJackThis.exe
   3  C:\Windows\SysWOW64\muachost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5ad622f7ea43f50a\Display.NvContainer\NVDisplay.Container.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

O4 - HKCU\..\Run: [Discord] = C:\Users\Barbaros\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Barbaros\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun
O4-32 - HKLM\..\Run: [Razer Synapse] = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O17 - DHCP DNS 1: 213.74.1.1
O17 - DHCP DNS 2: 213.74.0.1
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: MysticLight2_Service - C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5ad622f7ea43f50a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5ad622f7ea43f50a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"


--
End of file - Time spent: 12,8 sec. - 15326 bytes, CRC32: FFFFFFFF. Sign: 铃넽

Sistemimde boşta bellek kullanımı yüksek ve virüsten şüpheleniyorum.
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
548
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.687
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.001
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.006
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.538
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı