Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.239 (ReleaseId: 1903), Service Pack: 0
Time:      14.07.2019 - 00:18 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Kaotik Kaos    (group: Administrator) on DESKTOP-NH60H3S, FirstRun: yes

Chrome:  75.0.3770.100
Edge:    11.0.18362.207
Internet Explorer: 11.0.18362.1
Default: "C:\Users\Kaotik Kaos\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
   1  C:\Program Files\Intel\WiFi\bin\EvtEng.exe
   1  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   1  C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\GCUBridge.exe
   1  C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\MyControlCenter\GCUService.exe
   1  C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\MyControlCenter\OSDTpDetect.exe
   1  C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\MyControlCenter\XTU\XtuService.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Program Files\txgameassistant\appmarket\AppMarket.exe
   1  C:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
   1  C:\Program Files\txgameassistant\appmarket\TBSWebRenderer.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
   1  C:\Users\Kaotik Kaos\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\SysWOW64\Creative.UWPRPCService.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6df442103a1937a4\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6df442103a1937a4\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3e52dadf3776082b\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3e52dadf3776082b\IntelCpHeciSvc.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  75  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\TFSPEQService.exe
   1  C:\Windows\explorer.exe


O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKCU\..\Run: [utweb] = C:\Users\Kaotik Kaos\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (file missing)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background (file missing)
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O23 - Service R2: GCUBridge - C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\GCUBridge.exe
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\Windows\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3e52dadf3776082b\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Extreme Tuning Utility Service - (XTU3SERVICE) - C:\Program Files\OEM\Monster Kontrol Merkezi\UniwillService\MyControlCenter\XTU\XtuService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6df442103a1937a4\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: RstMwService - C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe
O23 - Service R2: TFSPEQService - C:\Windows\TFSPEQService.exe
O23 - Service R2: UWP RPC Service - (UWPService) - C:\Windows\SysWOW64\Creative.UWPRPCService.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3e52dadf3776082b\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe


--
End of file - Time spent: 14,2 sec. - 34030 bytes, CRC32: FFFFFFFF. Sign: 鼫

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.17134.885 (ReleaseId: 1803), Service Pack: 0
Time:      15.07.2019 - 11:32 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Ömer Faruk    (group: Administrator) on OMERFARUK, FirstRun: yes

Chrome:  75.0.3770.100
Firefox: 65.0.2.6995
Edge:    11.0.17134.858
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
   1  C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
   1  C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
  17  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
   3  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Bitdefender Agent\ProductAgentService.exe
   1  C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
   2  C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
   1  C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
   1  C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
   1  C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
   1  C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
   1  C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
   1  C:\Program Files\Logitech Gaming Software\LCore.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
   1  C:\Program Files\Windows Defender\MSASCuiL.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\rempl\sedlauncher.exe
   1  C:\Program Files\rempl\sedsvc.exe
   1  C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
   1  C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
   4  C:\Users\Ömer Faruk\AppData\Local\Discord\app-0.0.305\Discord.exe
   1  C:\Users\Ömer Faruk\Downloads\HiJackThis (1).exe
   1  C:\Users\Ömer Faruk\Downloads\HijackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\vmnat.exe
   1  C:\Windows\SysWOW64\vmnetdhcp.exe
   1  C:\Windows\System32\Intel\DPTF\esif_uf.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\drivers\AdminService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  68  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\Temp\DPTF\esif_assist_64.exe
   1  C:\Windows\explorer.exe
   1  D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
   1  D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
   1  D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
   1  D:\vmware-tray.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=287&clid=2255506-213
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local;<local>
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: data.roblox.com 127.0.0.1
O1 - Hosts: roblox.sp.backtrace.io 127.0.0.1
O1 - Hosts: data.roblox.com 127.0.0.1
O1 - Hosts: roblox.sp.backtrace.io 127.0.0.1
O2 - HKLM\..\BHO: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll
O2 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll
O2-32 - HKLM\..\BHO: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2-32 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O3 - HKLM\..\Toolbar: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll
O3-32 - HKLM\..\Toolbar: Bitdefender Cüzdanı - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\Ömer Faruk\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [WallpaperEngine] = C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe -silent
O4 - HKCU\..\Run: [Wargaming.net Game Center] = C:\ProgramData\Wargaming.net\GameCenter\wgc.exe --background ''
O4 - HKCU\..\Run: [iCloudServices] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4-32 - HKLM\..\Run: [vmware-tray.exe] = D:\vmware-tray.exe
O9 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll
O9-32 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{0368854a-ecd1-456f-b7b2-b0985dd8cc47}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0368854a-ecd1-456f-b7b2-b0985dd8cc47}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Ömer Faruk\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Ömer Faruk\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Ömer Faruk\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O22 - Task (.job): update-S-1-5-21-4170824935-1545970044-136280280-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: AtherosSvc - C:\WINDOWS\system32\DRIVERS\AdminService.exe
O23 - Service R2: Bitdefender Auxiliary Service - (BDAuxSrv) - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe "settings/services/configs/bdauxsrv_config.json"
O23 - Service R2: Bitdefender Cihaz Yönetim Servisi - (DevMgmt Servisi) - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service R2: Bitdefender Desktop Update Service - (UPDATESRV) - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe /service
O23 - Service R2: Bitdefender Protected Service - (BDProtSrv) - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe "settings\services\configs\bdprotsrv_config.json"
O23 - Service R2: Bitdefender RedLine Service - (bdredline) - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service R2: Bitdefender Virus Shield - (VSSERV) - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe /service
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: ESIF Upper Framework Service - (esifsvc) - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: ProductAgentService - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service R2: QMEmulatorService - D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: VMware DHCP Service - (VMnetDHCP) - C:\WINDOWS\SysWOW64\vmnetdhcp.exe
O23 - Service R2: VMware NAT Service - C:\WINDOWS\SysWOW64\vmnat.exe
O23 - Service R2: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: VMware Authorization Service - (VMAuthdService) - D:\vmware-authd.exe
O23 - Service S2: VMware Workstation Server - (VMwareHostd) - D:\vmware-hostd.exe -u "C:\ProgramData\VMware\hostd\config.xml"
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: klvssbridge64_18.0.0 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe  (file missing)


--
End of file - Time spent: 65,9 sec. - 34198 bytes, CRC32: FFFFFFFF. Sign: 픩띧

O1 - Hosts: data.roblox.com 127.0.0.1
O1 - Hosts: roblox.sp.backtrace.io 127.0.0.1
O1 - Hosts: data.roblox.com 127.0.0.1
O1 - Hosts: roblox.sp.backtrace.io 127.0.0.1
O4 - HKLM\..\Run: [vmware-tray.exe] "D:\vmware-tray.exe"
O4 - HKCU\..\Run: [WallpaperEngine] "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - D:\vmware-hostd.exe

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.18362.239 (ReleaseId: 1903), Service Pack: 0
Time:      15.07.2019 - 12:36 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    ALBAYRAK    (group: Administrator) on ALBAYRAK-PC, FirstRun: yes

Chrome:  75.0.3770.100
Edge:    11.0.18362.207
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
   1  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
   1  C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1247.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1247.0_x64__8j3eq9eme6ctt\IGCC.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
   1  C:\Users\ALBAYRAK\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_353320edb98da643\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_353320edb98da643\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHeciSvc.exe
   1  C:\Windows\System32\ICEsoundService64.exe
   1  C:\Windows\System32\Intel\DPTF\esif_uf.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\drivers\AdminService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
  71  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\usocoreworker.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (2019/07/12)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service R2: AtherosSvc - C:\Windows\System32\drivers\AdminService.exe
O23 - Service R2: ICEsound Service - (ICEsoundService) - C:\Windows\system32\ICEsoundService64.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Platform and Thermal Framework service - (esifsvc) - C:\Windows\System32\Intel\DPTF\esif_uf.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_353320edb98da643\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_bf9afe57cbde0e11\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 18,3 sec. - 23238 bytes, CRC32: FFFFFFFF. Sign: 룤暩

O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe