Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17134.648 (ReleaseId: 1803), Service Pack: 0
Time:      28.03.2019 - 00:21 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Emrestator    (group: Administrator) on DESKTOP-DRS6V09, FirstRun: no

Opera:   55.0.2994.44
Chrome:  73.0.3683.86
Edge:    11.0.17134.648
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\AVG\Av\avgcsrva.exe
   1  C:\Program Files (x86)\AVG\Av\avgemca.exe
   1  C:\Program Files (x86)\AVG\Av\avgfwsa.exe
   1  C:\Program Files (x86)\AVG\Av\avgnsa.exe
   1  C:\Program Files (x86)\AVG\Av\avgrsa.exe
   1  C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
   1  C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
   1  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  11  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
   1  C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\PubMonitor.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDService.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Program Files\rempl\sedlauncher.exe
   1  C:\Program Files\rempl\sedsvc.exe
   1  C:\Users\Emrestator\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\MSIService.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAP.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 7 (Pro), 6.1.7601.24405, Service Pack: 1
Time:      29.03.2019 - 14:28 (UTC+01:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    User    (group: Administrator) on USER-BILGISAYAR, FirstRun: yes

Chrome:  73.0.3683.86
Internet Explorer: 11.0.9600.19301
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Users\User\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   1  C:\Windows\System32\schtasks.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
  12  C:\Windows\System32\svchost.exe
   3  C:\Windows\System32\taskeng.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2261466 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2261466 - Yandex
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - MSConfig\startupreg: MS2 [command] = C:\Windows\Core\dllhost.exe (HKCU) (2019/02/26)
O4 - MSConfig\startupreg: Skype for Desktop [command] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (HKCU) (2019/02/26)
O4 - MSConfig\startupreg: Steam [command] = D:\SteamLibrary\steam.exe -silent (HKCU) (2019/02/23)
O4 - MSConfig\startupreg: uTorrent [command] = C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (HKCU) (2019/03/28)
O17 - DHCP DNS 1: 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - DHCP DNS 2: 4.2.2.4 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{25775C21-DE67-4F82-AD2D-038B39844F51}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{25775C21-DE67-4F82-AD2D-038B39844F51}: [NameServer] = 4.2.2.4 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{25775C21-DE67-4F82-AD2D-038B39844F51}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{25775C21-DE67-4F82-AD2D-038B39844F51}: [NameServer] = 4.2.2.4 (Well-known DNS: Verizon / Level 3 Communications)
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll


--
End of file - Time spent: 12,8 sec. - 7424 bytes, CRC32: FFFFFFFF. Sign: 䩿됲

ogfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18



Platform:  x64 Windows 10 (Pro), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0

Time:      29.03.2019 - 21:39 (UTC+03:00)

Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)

Elevated:  Yes

Ran by:    ernes    (group: Administrator) on YAVINAS, FirstRun: yes



Chrome:  73.0.3683.86

Edge:    11.0.17763.379

Internet Explorer: 11.0.17763.1

Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)



Boot mode: Normal



Running processes:

Number | Path

  14  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe

   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe

   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe

   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

   1  C:\Program Files\AMD\CNext\CNext\amdow.exe

   1  C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cis.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

   1  C:\Program Files\WinRAR\WinRAR.exe

   1  C:\Users\ernes\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe

   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe

   1  C:\Windows\System32\ApplicationFrameHost.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atieclxx.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe

   3  C:\Windows\System32\RuntimeBroker.exe

   1  C:\Windows\System32\SearchFilterHost.exe

   1  C:\Windows\System32\SearchIndexer.exe

   2  C:\Windows\System32\SearchProtocolHost.exe

   1  C:\Windows\System32\SecurityHealthService.exe

   1  C:\Windows\System32\SecurityHealthSystray.exe

   1  C:\Windows\System32\SettingSyncHost.exe

   1  C:\Windows\System32\SgrmBroker.exe

   1  C:\Windows\System32\audiodg.exe

   1  C:\Windows\System32\conhost.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\ctfmon.exe

   1  C:\Windows\System32\dasHost.exe

   1  C:\Windows\System32\dllhost.exe

   1  C:\Windows\System32\dwm.exe

   2  C:\Windows\System32\fontdrvhost.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\schtasks.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\sihost.exe

   1  C:\Windows\System32\smartscreen.exe

   1  C:\Windows\System32\smss.exe

   1  C:\Windows\System32\spoolsv.exe

  75  C:\Windows\System32\svchost.exe

   1  C:\Windows\System32\taskhostw.exe

   2  C:\Windows\System32\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

   2  C:\Windows\explorer.exe



R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2019/03/28) O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/03/28) O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/03/28) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O17 - DHCP DNS 1: 156.154.70.25 O17 - DHCP DNS 2: 156.154.71.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.70.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.71.25 O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- End of file - Time spent: 25 sec. - 12704 bytes, CRC32: FFFFFFFF. Sign: வ틷

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18



Platform:  x64 Windows 10 (Pro), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0

Time:      29.03.2019 - 21:39 (UTC+03:00)

Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)

Elevated:  Yes

Ran by:    ernes    (group: Administrator) on YAVINAS, FirstRun: yes



Chrome:  73.0.3683.86

Edge:    11.0.17763.379

Internet Explorer: 11.0.17763.1

Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)



Boot mode: Normal



Running processes:

Number | Path

  14  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe

   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe

   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe

   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

   1  C:\Program Files\AMD\CNext\CNext\amdow.exe

   1  C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cis.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

   1  C:\Program Files\WinRAR\WinRAR.exe

   1  C:\Users\ernes\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe

   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe

   1  C:\Windows\System32\ApplicationFrameHost.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atieclxx.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe

   3  C:\Windows\System32\RuntimeBroker.exe

   1  C:\Windows\System32\SearchFilterHost.exe

   1  C:\Windows\System32\SearchIndexer.exe

   2  C:\Windows\System32\SearchProtocolHost.exe

   1  C:\Windows\System32\SecurityHealthService.exe

   1  C:\Windows\System32\SecurityHealthSystray.exe

   1  C:\Windows\System32\SettingSyncHost.exe

   1  C:\Windows\System32\SgrmBroker.exe

   1  C:\Windows\System32\audiodg.exe

   1  C:\Windows\System32\conhost.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\ctfmon.exe

   1  C:\Windows\System32\dasHost.exe

   1  C:\Windows\System32\dllhost.exe

   1  C:\Windows\System32\dwm.exe

   2  C:\Windows\System32\fontdrvhost.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\schtasks.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\sihost.exe

   1  C:\Windows\System32\smartscreen.exe

   1  C:\Windows\System32\smss.exe

   1  C:\Windows\System32\spoolsv.exe

  75  C:\Windows\System32\svchost.exe

   1  C:\Windows\System32\taskhostw.exe

   2  C:\Windows\System32\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

   2  C:\Windows\explorer.exe



R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2019/03/28) O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/03/28) O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/03/28) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O17 - DHCP DNS 1: 156.154.70.25 O17 - DHCP DNS 2: 156.154.71.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.70.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.71.25 O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- End of file - Time spent: 25 sec. - 12704 bytes, CRC32: FFFFFFFF. Sign: வ틷

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18



Platform:  x64 Windows 10 (Pro), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0

Time:      29.03.2019 - 21:39 (UTC+03:00)

Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)

Elevated:  Yes

Ran by:    ernes    (group: Administrator) on YAVINAS, FirstRun: yes



Chrome:  73.0.3683.86

Edge:    11.0.17763.379

Internet Explorer: 11.0.17763.1

Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)



Boot mode: Normal



Running processes:

Number | Path

  14  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe

   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe

   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe

   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe

   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

   1  C:\Program Files\AMD\CNext\CNext\amdow.exe

   1  C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cis.exe

   2  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

   1  C:\Program Files\WinRAR\WinRAR.exe

   1  C:\Users\ernes\OneDrive\Masaüstü\HiJackThis\HiJackThis.exe

   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe

   1  C:\Windows\System32\ApplicationFrameHost.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atieclxx.exe

   1  C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe

   3  C:\Windows\System32\RuntimeBroker.exe

   1  C:\Windows\System32\SearchFilterHost.exe

   1  C:\Windows\System32\SearchIndexer.exe

   2  C:\Windows\System32\SearchProtocolHost.exe

   1  C:\Windows\System32\SecurityHealthService.exe

   1  C:\Windows\System32\SecurityHealthSystray.exe

   1  C:\Windows\System32\SettingSyncHost.exe

   1  C:\Windows\System32\SgrmBroker.exe

   1  C:\Windows\System32\audiodg.exe

   1  C:\Windows\System32\conhost.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\ctfmon.exe

   1  C:\Windows\System32\dasHost.exe

   1  C:\Windows\System32\dllhost.exe

   1  C:\Windows\System32\dwm.exe

   2  C:\Windows\System32\fontdrvhost.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\schtasks.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\sihost.exe

   1  C:\Windows\System32\smartscreen.exe

   1  C:\Windows\System32\smss.exe

   1  C:\Windows\System32\spoolsv.exe

  75  C:\Windows\System32\svchost.exe

   1  C:\Windows\System32\taskhostw.exe

   2  C:\Windows\System32\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

   2  C:\Windows\explorer.exe



R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2019/03/28) O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/03/28) O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/03/28) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O17 - DHCP DNS 1: 156.154.70.25 O17 - DHCP DNS 2: 156.154.71.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.70.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{ea8ba19b-3214-42ab-8012-786ba64ccac1}: [NameServer] = 156.154.71.25 O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- End of file - Time spent: 25 sec. - 12704 bytes, CRC32: FFFFFFFF. Sign: வ틷

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0
Time:      30.03.2019 - 11:41 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Alp    (group: Administrator) on DESKTOP-6P9F24R, FirstRun: yes

Chrome:  73.0.3683.86
Edge:    11.0.17763.379
Internet Explorer: 11.0.17763.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
   1  C:\Users\Alp\Desktop\HiJackThis.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  67  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Gaijin.Net Agent] = C:\Users\Alp\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (2019/03/10)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Alp\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2019/02/04)
O4 - HKCU\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) (2019/03/21)
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2019/02/17)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/02/17)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2019/02/17)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/02/17)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/02/17)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2019/02/17)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2019/02/17)
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\Run: [Alp] = C:\Windows\system32\cmd.exe /c start www.dipladoks.org (User 'unknown: S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140')
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\Run: [Gaijin.Net Agent] = C:\Users\Alp\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (User 'unknown: S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140')
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\Run: [Spotify] = C:\Users\Alp\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (User 'unknown: S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140')
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) (User 'unknown: S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140')
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\StartupApproved\Run: [Alp] = C:\Windows\system32\cmd.exe /c start www.dipladoks.org (User 'unknown') (2019/03/29)
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\StartupApproved\Run: [Gaijin.Net Agent] = C:\Users\Alp\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (User 'unknown') (2019/03/10)
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\StartupApproved\Run: [Spotify] = C:\Users\Alp\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (User 'unknown') (2019/02/04)
O4 - HKU\S-1-5-21-1770112063-2955193017-4278864721-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03302019113003140\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) (User 'unknown') (2019/03/21)
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task (.job): (Not scheduled) update-S-1-5-21-1770112063-2955193017-4278864721-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80 (file missing)
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: MySQL81 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL81 (file missing)
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 33.1 sec. - 23210 bytes, CRC32: FFFFFFFF. Sign: ⬽禎