Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home Single Language), 10.0.19041.207 (ReleaseId: 2004), Service Pack: 0
Time: 24.04.2020 - 14:00 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: Anıl (group: Administrator) on DESKTOP-PVJCE2P, FirstRun: yes
Chrome: 81.0.4044.122
Edge: 11.0.19041.153
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1" (Brave)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Internet Download Manager\IDMan.exe
1 C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
1 C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
1 C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\WinRAR\WinRAR.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20032.111.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Users\Anıl\Desktop\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
74 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.153_none_e74acfe72624a02b\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {9F904093-6E18-4536-BF5F-B03689CF00F0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\IEExt\ie_plugin.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2-32 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {9F904093-6E18-4536-BF5F-B03689CF00F0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\IEExt\ie_plugin.dll
O3 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\IEExt\ie_plugin.dll
O3-32 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\IEExt\ie_plugin.dll
O4 - HKCU\..\Run: [Windscribe] = C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart (file missing)
O4 - HKCU\..\RunOnce: [Application Restart #1] = C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --enable-dom-distiller --disable-domain-reliability --no-pings --extension-content-verification=enforce_strict --extensions-install-verification=enforce --sync-url=https://no-thanks.invalid --enable-features=PasswordImport,WebUIDarkMode,SimplifyHttpsIndicator --disable-features=AllowPopupsDuringPageUnload,VideoPlaybackQuality,LookalikeUrlNavigationSuggestionsUI,NotificationTriggers,WebXrGamepadModule,AudioServiceOutOfProcess,SmsReceiver,AutofillServerCommunication,WebXR --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --disable-webrtc-apm-in-audio-service --disable-sync --restore-last-session
O4 - HKCU\..\StartupApproved\Run: [Bloody2] = C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe Minimum (2020/03/29)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2020/04/01)
O4 - HKCU\..\StartupApproved\Run: [DiscordPTB] = C:\Users\Anıl\AppData\Local\DiscordPTB\app-0.0.52\DiscordPTB.exe (2020/03/27)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Anıl\AppData\Local\Discord\app-0.0.306\Discord.exe (2020/03/27)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/03/27)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2020/03/28)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Anıl\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/03/25)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Anıl\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2020/03/28)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/04/04)
O4 - HKCU\..\StartupApproved\Run: [com.blitz.app] = C:\Users\Anıl\AppData\Local\Blitz\Update.exe --processStart "Blitz.exe" --process-start-args "--hidden" (2020/03/31)
O4 - HKCU\..\StartupApproved\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe autoStart (2020/03/25)
O4 - HKLM\..\StartupApproved\Run32: [LeagueDisplays] = C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe /onWindowsStart (2020/04/04)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/03/27)
O4 - HKLM\..\StartupApproved\Run32: [YouCam Service9] = C:\Program Files (x86)\CyberLink\YouCam9\YouCamService9.exe /s (2020/04/18)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2020/03/25)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 192.168.43.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe
O23 - Service R2: AMD User Experience Program Launcher - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: Kaspersky Password Manager Service - (kpm_launch_service) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
O23 - Service R2: Kaspersky Secure Connection Hizmeti 4.0 - (KSDE4.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe -r
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Anti-Virus Hizmeti 20.0 - (AVP20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe -r
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 20.0 - (klvssbridge64_20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\vssbridge64.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Twitch Service - (TwitchService) - C:\Program Files\Common Files\Twitch\TwitchService.exe
--
End of file - Time spent: 44,1 sec. - 23484 bytes, CRC32: FFFFFFFF. Sign: Ṹ榍