Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:32:35, on 22.7.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Users\Mustafa\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yandex.com.tr/?win=238&clid=2255506-218
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Mustafa\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Icecream_Screen_Recorder_Prefetcher] C:\Program Files (x86)\Icecream Screen Recorder\recorder.exe -prefetch
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_42F5F35C0B84E4D5FCB92E8EBAA60B72] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Browser Manager] C:\Users\Mustafa\AppData\Local\Yandex\BrowserManager\BrowserManager.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Curse.lnk = Mustafa\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Tüm bağlantıları IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E86E304D-2EA9-4BA0-8472-928DE12BB981}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AuthorityServer - Streaming - C:\WINDOWS\system32\AuthorityServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7687 bytes

PassMark BurnInTest Log file  -  http://www.passmark.com
========================================================

Date: Fri Jul 22 18:39:48 2016

BurnInTest V8.1 Pro 1017 (64-bit)

*** Unlicensed trial version ***

System summary:
Windows 8.1 Professional Edition build 9600 (64-bit),
1 x AMD Phenom(tm) II X6 1090T Processor [3223.0 MHz],
8.0GB RAM,
AMD Radeon HD 6790,
932GB HDD, 466GB HDD,
CD-RW/DVDRW/BD-RE,

General:
System Name: MSTFYLFDZ
Motherboard Manufacturer: Gigabyte Technology Co., Ltd.
Motherboard Name: GA-970A-D3
BIOS Manufacturer: Award Software International, Inc.
BIOS Version: F6
BIOS Release Date: 08/31/2011
BIOS Serial Number:

CPU:
CPU manufacturer: AuthenticAMD
CPU Type: AMD Phenom(tm) II X6 1090T Processor
Codename: Thuban
CPUID: Family 10, Model A, Stepping 0, Revision PH-E0
Socket: AM3
Lithography: 45nm
Physical CPU's: 1
Cores per CPU: 6
Hyperthreading: Not capable
CPU features: MMX 3DNow! SSE SSE2 SSE3 SSE4a DEP PAE AMD64 Turbo core XOP FMA3
Clock frequencies:
-  Measured CPU speed: 3223.0 MHz [Turbo core: 3627.1MHz]
-  Multiplier: x16.0 [Turbo core: x18.0]
-  Reference Clock: 201.4 MHz
-  Multiplier range: Min: x4.0, Max non Turbo core: x16.0 [Max Turbo core: x18.0]
Cache per CPU package:
-  L1 Instruction Cache: 6 x 64 KB
-  L1 data cache: 6 x 64 KB
-  L2 cache: 6 x 512 KB
-  L3 cache: 6 MB

Memory
Total Physical Memory: 8189MB
Available Physical Memory: 5747MB
Memory devices:
   Slot 1:
   - 8GB DDR3 SDRAM PC3-12800
   - Kingston KHX1600C9D3/8GX, serial#: 1311330679, wk/yr: 34/2014
   - XMP: 1.50V, Clk: 800.0MHz, Timings 9-9-9-27
   Slot 2:
   - Not populated
   Slot 3:
   - Not populated
   Slot 4:
   - Not populated
Virtual memory: C:\pagefile.sys (allocated base size 8192MB)

Memory SPD:
DIMM#0
Memory type: DDR3 SDRAM
SPD revision: 1.0
Manufacturer: Kingston
Manufacturing date: Year: 2014, Week: 34
Serial number: 4E295177
Part number: KHX1600C9D3/8GX  
Clock speed: 666.7 MHz
Memory size: 8192 MB
Number of banks: 8
Row address bits: 16
Column address bits: 10
Bus width: 64 bits
Device width: 8 bits
Number of ranks: 2
ECC: No
Module voltage: 1.5V
Minimum clock cycle time (tCK): 1.500 ns
Supported CAS latencies: 6 7 8 9
Minimum CAS latency time (tAA): 13.125 ns
Minimum RAS to CAS delay time (tRCD): 13.125 ns
Minimum row precharge time (tRP): 13.125 ns
Minimum active to precharge time (tRAS): 36.000 ns
Supported timing at highest clock speed: 9-9-9-24
Minimum Row Active to Row Active Delay (tRRD): 6.000 ns
Minimum Active to Auto-Refresh Delay (tRC): 49.125 ns
Minimum Recovery Delay (tRFC): 260.000 ns
Minimum Write Recovery time (tWR): 15.000 ns
Minimum Write to Read CMD Delay (tWTR): 7.500 ns
Minimum Read to Pre-charge CMD Delay (tRTP): 7.500 ns
Minimum Four Activate Window Delay (tFAW): 30.000 ns
Operating temperature range: 0-95C
Supports Auto Self-Refresh: No
Supports Partial Array Self-Refresh: No
Thermal Sensor present: No
Supports On-Die Thermal Sensor readout: No
Non-standard SDRAM type: Standard Monolithic
Module type: UDIMM
Module Height: 29 - 30 mm
Module Thickness: Front: 1 - 2 mm, Back: 1 - 2 mm
Module Width: 133.5 mm
Reference raw card used: Raw Card B Rev. 1
DRAM manufacture name: Hynix Semiconductor (Hyundai Electronics)
XMP Revision: 1.2
[XMP Profile 1] Module voltage: 1.50V
[XMP Profile 1] Clock speed: 800.0 MHz
[XMP Profile 1] Minimum clock cycle time (tCK): 1.250 ns
[XMP Profile 1] Supported CAS latencies: 6 7 8 9
[XMP Profile 1] Minimum CAS latency time (tAA): 11.250 ns
[XMP Profile 1] Minimum RAS to CAS delay time (tRCD): 11.250 ns
[XMP Profile 1] Minimum row precharge time (tRP): 11.250 ns
[XMP Profile 1] Minimum active to precharge time (tRAS): 33.750 ns
[XMP Profile 1] Supported timing at highest clock speed: 9-9-9-27
[XMP Profile 1] Minimum Row Active to Row Active Delay (tRRD): 6.000 ns
[XMP Profile 1] Minimum Active to Auto-Refresh Delay (tRC): 45.000 ns
[XMP Profile 1] Minimum Recovery Delay (tRFC): 260.000 ns
[XMP Profile 1] Minimum Write Recovery time (tWR): 15.000 ns
[XMP Profile 1] Minimum Write to Read CMD Delay (tWTR): 7.500 ns
[XMP Profile 1] Minimum Read to Pre-charge CMD Delay (tRTP): 7.500 ns
[XMP Profile 1] Minimum Four Activate Window Delay (tFAW): 30.000 ns
[XMP Profile 1] Maximum tREFI Time (Average Periodic Refresh Interval): 7.875 us
[XMP Profile 1] Write to Read CMD Turn-around Time Optimizations: No adjustment
[XMP Profile 1] Read to Write CMD Turn-around Time Optimizations: No adjustment
[XMP Profile 1] Back 2 Back CMD Turn-around Time Optimizations: No adjustment


Graphics
AMD Radeon HD 6790
   Chip Type: AMD Radeon Graphics Processor (0x673E)
   DAC Type: Internal DAC(400MHz)
   Memory: 1024MB
   BIOS: 113-3E17420-S4Q
   Driver provider: Advanced Micro Devices, Inc.
   Driver version: 13.251.9001.1001
   Driver date: 7-4-2014
   Monitor 1: 1440x900x32 60Hz (Primary monitor)

Disk volumes
C:  Local Drive, \\?\Volume{ff725bc4-2b59-11e6-be66-806e6f6e6963}\, NTFS, (146.04GB total, 68.54GB free)
D:  Local Drive, \\?\Volume{ff725bc6-2b59-11e6-be66-806e6f6e6963}\, NTFS, (319.27GB total, 23.26GB free)
E:  Local Drive, \\?\Volume{ff725bc3-2b59-11e6-be66-806e6f6e6963}\, Yeni Birim, NTFS, (931.17GB total, 35.89GB free)
F:  Removable
G:  Optical drive, \\?\Volume{15a0c305-30d9-11e6-824f-806e6f6e6963}\
H:  Removable
I:  Optical drive

Disk drives
Disk sürücüsü: Model: Kingston DataTraveler 2.0 USB Device Serial: N/A (Disk: 3, Size: 7.22GB, Volumes: N/A)
Disk sürücüsü: Model: ST31000528AS ATA Device Serial: 9VP6W61G (Disk: 0, Size: 931.51GB, Volumes: E)

Disk sürücüsü: Model: ST3500418AS ATA Device Serial: 9VMSD3D1 (Disk: 1, Size: 465.76GB, Volumes: C D)

Optical drives
G: PIONEER BD-RW BDR-209M (CD-RW/DVDRW/BD-RE)

Network
Realtek PCIe GBE Ailesi Denetleyici (Speed: 100Mb/s) (MAC: 50:E5:49:5E:59:54) (IPv4: 192.168.2.31) (IPv6: fe80::7093:9081:18e1:d69f)

Ports
İletişim Bağlantı Noktas: COM1 - RS232 Serial Port (max Baud rate: 115200)
Keyboard Port: PS/2  connector
Mouse Port: PS/2  connector

USB
USB xHCI Uyumlu Ana Bilgisayar Denetleyicisi
Standart OpenHCD USB Ana Biligsayar Denetleyicisi
Standart Gelişmiş PCI - USB Ana Bilgisayar Denetleyicisi
   -  (SN: 5F04F7D0)
   - Generic Mass Storage Device (SN: 058F63666471)
Standart OpenHCD USB Ana Biligsayar Denetleyicisi
   - Logitech USB Keyboard
   - Microsoft Microsoft Nano Transceiver v1.0
Standart Gelişmiş PCI - USB Ana Bilgisayar Denetleyicisi
Standart OpenHCD USB Ana Biligsayar Denetleyicisi
Standart OpenHCD USB Ana Biligsayar Denetleyicisi
Standart Gelişmiş PCI - USB Ana Bilgisayar Denetleyicisi
   - Kingston DataTraveler 2.0 (SN: 1C6F654E5975CE61C9476189)


**************
RESULT SUMMARY
**************
Test Start time: -
Test Stop time: Fri Jul 22 18:39:48 2016
Test Duration: -

Test Name                   Cycles   Operations      Result Errors   Last Error
                      CPU   0        0               PASS   0        No errors
             Memory (RAM)   0        0               PASS   0        No errors
              2D Graphics   0        0               PASS   0        No errors
              Temperature   -        -               PASS   0        No errors
        Optical disk (G:)   0        0               PASS   0        No errors
        Optical disk (I:)   0        0               PASS   0        No errors
                    Sound   0        0               PASS   0        No errors
                Disk (E:)   0        0               PASS   0        No errors
                Network 1   0        0               PASS   0        No errors
TEST RUN PASSED

******************
DETAILED EVENT LOG
******************
LOG NOTE:     2016-07-22 18:38:50, Status, PassMark BurnInTest V8.1 Pro 1017

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:23:52, on 11.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)


Boot mode: Normal

Running processes:
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\sihost.exe
C:\WINDOWS\System32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\taskhostw.exe
C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.2.0.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
C:\Program Files\WindowsApps\Microsoft.ConnectivityStore_1.1604.4.0_x86__8wekyb3d8bbwe\ConnectivityStore.Windows.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.211\deploy\LolClient.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\Users\ugur\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x41F
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ugur\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 09:56:15, on 13.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{505768C2-1E8F-49DD-B78B-96E71965C701}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Güncelleme (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7999 bytes