Rehber HijackThis Log Paylaşımı ve Çözümleri

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kirli\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: is empty
O4 - HKCU\..\Run: [OfficeSyncProcess] = C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\StartupApproved\Run: [CCXProcess] = C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe  (file missing) (2020/06/17)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe (2020/06/23)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/05/22)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/04/14)
O4 - HKCU\..\StartupApproved\Run: [Skype for Desktop] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (2020/04/14)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: BlueStacksHelper - C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O23 - Service S3: MRAC Service - (mracsvc) - C:\Windows\System32\mracsvc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: is empty
O1 - Hosts.ICS: 127.0.0.1 localhost
O1 - Hosts.ICS: ::1 localhost
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2019/11/30)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) Intel PTT EK Recertification.job - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-3642385360-3245675304-4248864888-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: Intel PTT EK Recertification - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe
O22 - Task: \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe /byrunkey

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.yandex.com.tr/?win=242&clid=2255506-218
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe  (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Bora\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/10/17)
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-2481347438-815924381-1307349017-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
O22 - Task: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE
O22 - Task: TaskbarX - C:\Users\Bora\AppData\Local\Temp\Rar$EXa19708.19597\TaskbarX.exe -tbs=1 -color=0;0;0;50 -as=cubiceaseinout -obas=cubiceaseinout -asp=300 -ptbo=0 -stbo=0 -lr=400 -oblr=400 -sr=0 -ftotc=1 -dtbsowm=1
O22 - Task: \ASUS\ASUSUpdateTaskMachineCore1d62f97c9387ded - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c
O22 - Task: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler
O22 - Task: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
O22 - Task: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
O22 - Task: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Home Single Language), 10.0.19042.685 (ReleaseId: 2009), Service Pack: 0
Time:      13.12.2020 - 15:35 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    kirli    (group: Administrator) on DESKTOP-8IRR3HJ, FirstRun: yes

Chrome:  87.0.4280.88
Edge:    11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDService.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
   3  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
   1  C:\Users\kirli\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_4965439bad64e97e\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_4965439bad64e97e\IntelCpHeciSvc.exe
   1  C:\Windows\System32\MicrosoftEdgeCP.exe
   1  C:\Windows\System32\MicrosoftEdgeSH.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\sppsvc.exe
  73  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/12/08)
O4 - HKLM\..\StartupApproved\Run32: [TeamsMachineUninstallerLocalAppData] = C:\Users\kirli\AppData\Local\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (2020/12/08)
O15 - Trusted Zone: https://sakaryaedutr-files.sharepoint.com
O15 - Trusted Zone: https://sakaryaedutr-myfiles.sharepoint.com
O17 - DHCP DNS 1: 178.233.140.110
O17 - DHCP DNS 2: 46.197.15.60
O17 - DHCP DNS 3: 176.240.150.250
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Apple Diagnostics - C:\Users\kirli\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /runcplsilence
O22 - Task: RtHDVBg_Dolby - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
O22 - Task: RtHDVBg_LENOVO_DOLBYDRAGON - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON
O22 - Task: \Lenovo\Lenovo Service Bridge\S-1-5-21-37913855-458752164-1480241181-1001 - C:\Users\kirli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task: \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask
O23 - Service R2: Dolby DAX2 API Service - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\Windows\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_4965439bad64e97e\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_4965439bad64e97e\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\Windows\System32\iaStorAfsService.exe
O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service S3: Yazıcı Uzantıları ve Bildirimleri - (PrintNotify) - C:\Windows\system32\svchost.exe -k print; "ServiceDll" = C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll


--
End of file - Time spent: 27,8 sec. - 23274 bytes, CRC32: FFFFFFFF. Sign: ꦨ눎

  1  C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
   1  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
   1  C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
   1  C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
   1  C:\Program Files (x86)\Avira\Antivirus\sched.exe
   1  C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
   1  C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
   1  C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
   1  C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
   1  C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
   1  C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   2  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\1MORE Spearhead VR\CPL\Spearhead_x64.exe
   4  C:\Program Files\LGHUB\lghub.exe
   1  C:\Program Files\LGHUB\lghub_agent.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   2  C:\Program Files\LGHUB\logi_crashpad_handler.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingApp_2012.1003.34.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20111.125.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
   6  C:\Users\user\AppData\Local\Discord\app-0.0.309\Discord.exe
   1  C:\Users\user\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\SysWOW64\PnkBstrA.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_acf8aa2f12c482c7\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   2  C:\Windows\System32\WWAHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  81  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NGC&pvid=22.18.0.213
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NGC&pvid=22.18.0.213
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURL] = http://clients5.google.com/complete/search?q={searchTerms}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [URL] = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [SuggestionsURL_JSON] = https://toolbar.avg.com/acp?q={searchTerms}&o=1 - AVG Secure Search
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk    ->    C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
O4 - HKCU\..\Run: [Discord] = C:\Users\user\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKLM\..\Run: [1more6533x1Sound] = C:\Program Files\1MORE Spearhead VR\CPL\Spearhead_x64.exe /h /d
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4-32 - HKLM\..\Run: [Avira System Speedup User Starter] = C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
O4-32 - HKLM\..\Run: [Avira SystrayStartTrigger] = C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4-32 - HKLM\..\Run: [IMSS] = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4-32 - HKLM\..\Run: [TeamsMachineUninstallerLocalAppData] = C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
O4-32 - HKLM\..\Run: [TeamsMachineUninstallerProgramData] = C:\ProgramData\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O15 - Trusted Zone: https://marunedutr-files.sharepoint.com
O15 - Trusted Zone: https://marunedutr-myfiles.sharepoint.com
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{953ea019-78f0-41ae-bf70-35c28b6e4f1c}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{953ea019-78f0-41ae-bf70-35c28b6e4f1c}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task (.job): (Not scheduled) Online Application Updater.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe (file missing) /silentall -nofreqcheck
O22 - Task (.job): (Not scheduled) Online Application v2 Guard.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 37
O22 - Task (.job): (Not scheduled) Online Application v2 Guardian.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 38
O22 - Task (.job): (Not scheduled) Online Application v2.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 36
O22 - Task (.job): (Not scheduled) Online Application v209 Guard.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 61
O22 - Task (.job): (Not scheduled) Online Application v209 Guardian.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 62
O22 - Task (.job): (Not scheduled) Online Application v209.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 60
O22 - Task (.job): (Not scheduled) Traffic Exchange Updater.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe (file missing) /silentall -nofreqcheck
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 1.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 36
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 2.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 37
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 3.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 38
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 1.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 60
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 2.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 61
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 3.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 62
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: AviraSystemSpeedupUpdate - C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe /VERIFY /VERYSILENT /NOSTART /NODOTNET /NORESTART
O22 - Task: Avira_Antivirus_Systray - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min
O22 - Task: Avira_Security_Update - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe /CheckAndInstall
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: HPCustParticipation HP DeskJet 5820 series - C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe /UA 15.5 /DDV 0x0e05
O22 - Task: Intel PTT EK Recertification - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
O22 - Task: KMSAuto - C:\WINDOWS\KMSAuto.exe /ofs=act (file missing)
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: Nahimic2UILauncherRun - C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: Nahimic2svc32Run - C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: Nahimic2svc64Run - C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIUILauncherRun - C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIsvc32Run - C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIsvc64Run - C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Online Application - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 11 (file missing)
O22 - Task: Online Application Guard - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 12 (file missing)
O22 - Task: Online Application Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 13 (file missing)
O22 - Task: Online Application Updater - C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe /silentall -nofreqcheck (file missing)
O22 - Task: Online Application v2 - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 36 (file missing)
O22 - Task: Online Application v2 Guard - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 37 (file missing)
O22 - Task: Online Application v2 Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 38 (file missing)
O22 - Task: Online Application v209 - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 60 (file missing)
O22 - Task: Online Application v209 Guard - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 61 (file missing)
O22 - Task: Online Application v209 Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 62 (file missing)
O22 - Task: Opera scheduled Autoupdate 1517496078 - C:\Program Files\Opera developer\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1523569814 - E:\programlar\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled Autoupdate 1606241145 - D:\programlar\opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Traffic Exchange - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 11 (file missing)
O22 - Task: Traffic Exchange Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 12 (file missing)
O22 - Task: Traffic Exchange Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 13 (file missing)
O22 - Task: Traffic Exchange Updater - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe /silentall -nofreqcheck (file missing)
O22 - Task: Traffic Exchange v2 - 1 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 36 (file missing)
O22 - Task: Traffic Exchange v2 - 2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 37 (file missing)
O22 - Task: Traffic Exchange v2 - 3 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 38 (file missing)
O22 - Task: Traffic Exchange v209 - 1 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 60 (file missing)
O22 - Task: Traffic Exchange v209 - 2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 61 (file missing)
O22 - Task: Traffic Exchange v209 - 3 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 62 (file missing)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: {BBA3B6A6-25F7-4785-ADE1-77BB6FB53B60} - C:\WINDOWS\system32\pcalua.exe -a "E:\downloads\Grand Theft Auto San Andreas Güncelleme v1.01.exe" -d E:\downloads
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avira Gerçek Zamanlı Koruma - (AntiVirService) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service R2: Avira Koruma Hizmeti - (AntivirProtectedService) - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Phantom VPN - (AviraPhantomVPN) - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service R2: Avira Security - (AviraSecurity) - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service R2: Avira Service Host - (Avira.ServiceHost) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service R2: Avira Updater Service - (AviraUpdaterService) - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service R2: Avira Zamanlayıcı - (AntiVirSchedulerService) - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.2 - (KSDE5.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe -r
O23 - Service R2: Killer Analytics Service - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
O23 - Service R2: Killer Network Service - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_acf8aa2f12c482c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_acf8aa2f12c482c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: PnkBstrA - C:\WINDOWS\SysWOW64\PnkBstrA.exe
O23 - Service R2: xTendUtilityService - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
O23 - Service R3: Intel(R) Security Assist - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service S2: Avira Eposta Koruması - (AntiVirMailService) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service S2: Avira Web Koruması - (AntiVirWebService) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Security Assist Helper - (isaHelperSvc) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service S2: xTendSoftAPService - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service S3: Killer Dynamic Bandwidth Management - (KNDBWM) - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
O23 - Service S3: Killer Smart AP Selection Service - (KAPSService) - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Apple Diagnostics - C:\Users\kirli\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe
O22 - Task: \Lenovo\Lenovo Service Bridge\S-1-5-21-37913855-458752164-1480241181-1001 - C:\Users\kirli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (Microsoft)
O22 - Task: \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task: \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\Windows\System32\iaStorAfsService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NGC&pvid=22.18.0.213
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=tr&pid=NGC&pvid=22.18.0.213
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [SuggestionsURL] = http://clients5.google.com/complete/search?q={searchTerms}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: [URL] = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [SuggestionsURL_JSON] = https://toolbar.avg.com/acp?q={searchTerms}&o=1 - AVG Secure Search
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\lghub.exe --background
O4 - HKLM\..\Run: [1more6533x1Sound] = C:\Program Files\1MORE Spearhead VR\CPL\Spearhead_x64.exe /h /d
O22 - Task (.job): (Not scheduled) Online Application Updater.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe (file missing) /silentall -nofreqcheck
O22 - Task (.job): (Not scheduled) Online Application v2 Guard.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 37
O22 - Task (.job): (Not scheduled) Online Application v2 Guardian.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 38
O22 - Task (.job): (Not scheduled) Online Application v2.job - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe (file missing) 1 36
O22 - Task (.job): (Not scheduled) Online Application v209 Guard.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 61
O22 - Task (.job): (Not scheduled) Online Application v209 Guardian.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 62
O22 - Task (.job): (Not scheduled) Online Application v209.job - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe (file missing) 1 60
O22 - Task (.job): (Not scheduled) Traffic Exchange Updater.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe (file missing) /silentall -nofreqcheck
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 1.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 36
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 2.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 37
O22 - Task (.job): (Not scheduled) Traffic Exchange v2 - 3.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (file missing) 1 38
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 1.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 60
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 2.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 61
O22 - Task (.job): (Not scheduled) Traffic Exchange v209 - 3.job - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe (file missing) 1 62
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: Intel PTT EK Recertification - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
O22 - Task: Nahimic2UILauncherRun - C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: Nahimic2svc32Run - C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: Nahimic2svc64Run - C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIUILauncherRun - C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIsvc32Run - C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: NahimicMSIsvc64Run - C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (file missing)
O22 - Task: Online Application - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 11 (file missing)
O22 - Task: Online Application Guard - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 12 (file missing)
O22 - Task: Online Application Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe 1 13 (file missing)
O22 - Task: Online Application Updater - C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe /silentall -nofreqcheck (file missing)
O22 - Task: Online Application v2 - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 36 (file missing)
O22 - Task: Online Application v2 Guard - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 37 (file missing)
O22 - Task: Online Application v2 Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe 1 38 (file missing)
O22 - Task: Online Application v209 - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 60 (file missing)
O22 - Task: Online Application v209 Guard - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 61 (file missing)
O22 - Task: Online Application v209 Guardian - C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe 1 62 (file missing)
O22 - Task: Traffic Exchange - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 11 (file missing)
O22 - Task: Traffic Exchange Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 12 (file missing)
O22 - Task: Traffic Exchange Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 13 (file missing)
O22 - Task: Traffic Exchange Updater - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe /silentall -nofreqcheck (file missing)
O22 - Task: Traffic Exchange v2 - 1 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 36 (file missing)
O22 - Task: Traffic Exchange v2 - 2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 37 (file missing)
O22 - Task: Traffic Exchange v2 - 3 - C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe 1 38 (file missing)
O22 - Task: Traffic Exchange v209 - 1 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 60 (file missing)
O22 - Task: Traffic Exchange v209 - 2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 61 (file missing)
O22 - Task: Traffic Exchange v209 - 3 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe 1 62 (file missing)
O22 - Task: {BBA3B6A6-25F7-4785-ADE1-77BB6FB53B60} - C:\WINDOWS\system32\pcalua.exe -a "E:\downloads\Grand Theft Auto San Andreas Güncelleme v1.01.exe" -d E:\downloads

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.19042.685 (ReleaseId: 2009), Service Pack: 0
Time:      15.12.2020 - 18:34 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    myk    (group: Administrator) on DESKTOP-I9O9J7V, FirstRun: yes

Chrome:  87.0.4280.88
Edge:    11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
   1  C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
   1  C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
   1  C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
   1  C:\Program Files\Core Temp\Core Temp.exe
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDService.exe
   1  C:\Program Files\Elantech\ETDTouch.exe
   1  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
   1  C:\Program Files\ParkControl\ParkControl.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Users\myk\Desktop\HiJackThis.exe
   1  C:\Windows\SysWOW64\vmnat.exe
   1  C:\Windows\SysWOW64\vmnetdhcp.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\hkcmd.exe
   1  C:\Windows\System32\igfxpers.exe
   1  C:\Windows\System32\igfxtray.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  75  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 www.voicemod.net
O1 - Hosts: 127.0.0.1 www.voıcemod.net
O1 - Hosts: 127.0.0.1 voicemod.net
O1 - Hosts: 127.0.0.1 https://www.voicemod.net/
O1 - Hosts: 127.0.0.1 172.67.31.53
O1 - Hosts: 127.0.0.1 https://www.voicemod.net/b2c/v2/VoicemodSetup_2.1.0.4.exe
O1 - Hosts: 127.0.0.1 whois.cdmon.com
O1 - Hosts: 127.0.0.1 https://www.cdmon.com
O1 - Hosts: 127.0.0.1 ns1.cdmon.net
O1 - Hosts: 127.0.0.1 ns2.cdmon.net
O1 - Hosts: 127.0.0.1 ns3.cdmon.net
O1 - Hosts: 127.0.0.1 ns4.cdmondns-01.org
O1 - Hosts: 127.0.0.1 ns5.cdmondns-01.com
O1 - Hosts: 127.0.0.1 hostmaster@voicemod.net
O1 - Hosts: 127.0.0.1 www.voicemod.net.cdn.cloudflare.net
O1 - Hosts: 127.0.0.1 185.42.104.64
O1 - Hosts: 127.0.0.1 104.22.64.102
O1 - Hosts: 127.0.0.1 104.22.65.102
O1 - Hosts: 127.0.0.1 yemek.com
O1 - Hosts: 127.0.0.1 fra2.r.cloudfront.net
O1 - Hosts: 127.0.0.1 13-224-193-107.fra2.r.cloudfront.net
O1 - Hosts: 127.0.0.1 13.224.193.107
O1 - Hosts: 127.0.0.1 104.22.64.102
O1 - Hosts: 127.0.0.1 eu-west-2.compute.amazonaws.com
O1 - Hosts: 127.0.0.1 amazonaws.com
O1 - Hosts: 127.0.0.1 ber01s08-in-f232.1e100.net
O1 - Hosts: 127.0.0.1 1e100.net
O1 - Hosts: 127.0.0.1 f232.1e100.net
O1 - Hosts: 127.0.0.1 dc.83.089f.ip4.static.sl-reverse.com
O1 - Hosts: 127.0.0.1 reverse.com
O1 - Hosts: 127.0.0.1 sof02s21-in-f168.1e100.net
O1 - Hosts: 127.0.0.1 f168.1e100.net
O1 - Hosts: 127.0.0.1 http://52.56.198.98/
O1 - Hosts: 127.0.0.1 52.56.198.98
O1 - Hosts: Youtube channel www.youtube.com/CRACKBOXX
O1 - Hosts: 127.0.0.1 sessionserver.mojang.com
O1 - Hosts: 127.0.0.1 authserver.mojang.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - HKLM\..\BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - D:\Office 2013\Office15\GROOVEEX.DLL
O2 - HKLM\..\BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Office 2013\Office15\OCHelper.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [iCloudServices] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\StartupApproved\Run: [AltServer] = C:\Program Files (x86)\AltServer\AltServer.exe (file missing) (2020/10/10)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\myk\AppData\Local\Discord\Update.exe --processStart Discord.exe (2020/10/10)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/09/26)
O4 - HKCU\..\StartupApproved\Run: [LonelyScreen] = C:\Program Files (x86)\LonelyScreen\lonelyscreen.exe /start_context sys_auto (2020/09/28)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\myk\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/09/26)
O4 - HKCU\..\StartupApproved\Run: [Voicemod] = C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (2020/10/22)
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2020/11/02)
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2020/09/29)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/11/02)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2020/10/10)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2020/10/10)
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2020/10/14)
O4-32 - HKLM\..\Run: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Button: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: OneNote'a Gönder - D:\Office 2013\Office15\ONBttnIE.dll
O9 - Button: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: Lync Aramak İçin Tıklat - D:\Office 2013\Office15\OCHelper.dll
O9 - Button: HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}: OneNote Bağlantılı &Notları - D:\Office 2013\Office15\ONBttnIELinkedNotes.dll
O9 - Tools menu item: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: OneNote'a G&önder - D:\Office 2013\Office15\ONBttnIE.dll
O9 - Tools menu item: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: Lync Aramak İçin Tıklat - D:\Office 2013\Office15\OCHelper.dll
O9 - Tools menu item: HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}: OneNote Bağlantılı &Notları - D:\Office 2013\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\vsocklib.dll
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\osf: [CLSID] = {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Office 2013\Office15\MSOSB.DLL
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: (disabled) Altening Alt Loader - C:\Windows\System32\cmd.exe /C start C:\Users\myk\AppData\Roaming\altening\altening.launcher.exe --background
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-4236962343-1227183677-2791535265-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack - D:\Office 2013\Office15\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn - D:\Office 2013\Office15\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: ParkControl - C:\Program Files\ParkControl\parkcontrol.exe /systray /delay
O22 - Task: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task: \HardDiskSentinel\Hard Disk Sentinel_myk - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN
O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.2 - (KSDE5.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe -r
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: VMware Authorization Service - (VMAuthdService) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service R2: VMware DHCP Service - (VMnetDHCP) - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service R2: VMware NAT Service - C:\Windows\SysWOW64\vmnat.exe
O23 - Service R2: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service R2: VMware Workstation Server - (VMwareHostd) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -u "C:\ProgramData\VMware\hostd\config.xml"
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Kaspersky Anti-Virus Hizmeti 21.2 - (AVP21.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe -r
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.2 - (klvssbridge64_21.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: iPod Servisi - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 48,2 sec. - 39168 bytes, CRC32: FFFFFFFF. Sign: ㎮

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 www.voicemod.net
O1 - Hosts: 127.0.0.1 www.voıcemod.net
O1 - Hosts: 127.0.0.1 voicemod.net
O1 - Hosts: 127.0.0.1 https://www.voicemod.net/
O1 - Hosts: 127.0.0.1 172.67.31.53
O1 - Hosts: 127.0.0.1 https://www.voicemod.net/b2c/v2/VoicemodSetup_2.1.0.4.exe
O1 - Hosts: 127.0.0.1 whois.cdmon.com
O1 - Hosts: 127.0.0.1 https://www.cdmon.com
O1 - Hosts: 127.0.0.1 ns1.cdmon.net
O1 - Hosts: 127.0.0.1 ns2.cdmon.net
O1 - Hosts: 127.0.0.1 ns3.cdmon.net
O1 - Hosts: 127.0.0.1 ns4.cdmondns-01.org
O1 - Hosts: 127.0.0.1 ns5.cdmondns-01.com
O1 - Hosts: 127.0.0.1 hostmaster@voicemod.net
O1 - Hosts: 127.0.0.1 www.voicemod.net.cdn.cloudflare.net
O1 - Hosts: 127.0.0.1 185.42.104.64
O1 - Hosts: 127.0.0.1 104.22.64.102
O1 - Hosts: 127.0.0.1 104.22.65.102
O1 - Hosts: 127.0.0.1 yemek.com
O1 - Hosts: 127.0.0.1 fra2.r.cloudfront.net
O1 - Hosts: 127.0.0.1 13-224-193-107.fra2.r.cloudfront.net
O1 - Hosts: 127.0.0.1 13.224.193.107
O1 - Hosts: 127.0.0.1 104.22.64.102
O1 - Hosts: 127.0.0.1 eu-west-2.compute.amazonaws.com
O1 - Hosts: 127.0.0.1 amazonaws.com
O1 - Hosts: 127.0.0.1 ber01s08-in-f232.1e100.net
O1 - Hosts: 127.0.0.1 1e100.net
O1 - Hosts: 127.0.0.1 f232.1e100.net
O1 - Hosts: 127.0.0.1 dc.83.089f.ip4.static.sl-reverse.com
O1 - Hosts: 127.0.0.1 reverse.com
O1 - Hosts: 127.0.0.1 sof02s21-in-f168.1e100.net
O1 - Hosts: 127.0.0.1 f168.1e100.net
O1 - Hosts: 127.0.0.1 http://52.56.198.98/
O1 - Hosts: 127.0.0.1 52.56.198.98
O1 - Hosts: Youtube channel www.youtube.com/CRACKBOXX
O1 - Hosts: 127.0.0.1 sessionserver.mojang.com
O1 - Hosts: 127.0.0.1 authserver.mojang.com
O4 - HKCU\..\StartupApproved\Run: [AltServer] = C:\Program Files (x86)\AltServer\AltServer.exe (file missing) (2020/10/10)
O4 - HKCU\..\StartupApproved\Run: [LonelyScreen] = C:\Program Files (x86)\LonelyScreen\lonelyscreen.exe /start_context sys_auto (2020/09/28)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\myk\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/09/26)
O4 - HKCU\..\StartupApproved\Run: [Voicemod] = C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (2020/10/22)
O4-32 - HKLM\..\Run: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
O9 - Button: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: OneNote'a Gönder - D:\Office 2013\Office15\ONBttnIE.dll
O9 - Button: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: Lync Aramak İçin Tıklat - D:\Office 2013\Office15\OCHelper.dll
O9 - Button: HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}: OneNote Bağlantılı &Notları - D:\Office 2013\Office15\ONBttnIELinkedNotes.dll
O9 - Tools menu item: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: OneNote'a G&önder - D:\Office 2013\Office15\ONBttnIE.dll
O9 - Tools menu item: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: Lync Aramak İçin Tıklat - D:\Office 2013\Office15\OCHelper.dll
O9 - Tools menu item: HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}: OneNote Bağlantılı &Notları - D:\Office 2013\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: C:\Windows\system32\vsocklib.dll
O18 - HKLM\Software\Classes\Protocols\Handler\osf: [CLSID] = {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Office 2013\Office15\MSOSB.DLL
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\            IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: (disabled) Altening Alt Loader - C:\Windows\System32\cmd.exe /C start C:\Users\myk\AppData\Roaming\altening\altening.launcher.exe --background
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-4236962343-1227183677-2791535265-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack - D:\Office 2013\Office15\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn - D:\Office 2013\Office15\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: ParkControl - C:\Program Files\ParkControl\parkcontrol.exe /systray /delay
O22 - Task: \HardDiskSentinel\Hard Disk Sentinel_myk - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN