Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Home Single Language), 10.0.18363.836 (ReleaseId: 1909), Service Pack: 0
Time:      08.06.2020 - 11:12 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Casper    (group: Administrator) on EXCALIBUR, FirstRun: yes

Chrome:  81.0.4044.129
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
   1  C:\Program Files (x86)\Hotkey\HotkeyService.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
   1  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
   1  C:\Program Files\Intel\WiFi\bin\EvtEng.exe
   1  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Users\Casper\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
  62  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://oem15.msn.com/?pc=NMTE
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EAB13430-4F9C-4349-AE3F-66E9A416344F}: [URL] = http://www.google.com/search?q={searchTerms} - Google
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.2.1
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
O23 - Service R2: HotKey Clipboard Service - (HKClipSvc) - C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: Intel(R) Security Assist Helper - (isaHelperSvc) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: PowerBiosServer - C:\Program Files (x86)\Hotkey\HotkeyService.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service S2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\system32\IntelCpHDCPSvc.exe
O23 - Service S2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service S2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Intel(R) Security Assist - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service S3: Kaspersky Anti-Virus Hizmeti 20.0 - (AVP20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe -r
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 20.0 - (klvssbridge64_20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service S3: Printer Extensions and Notifications - (PrintNotify) - C:\WINDOWS\system32\svchost.exe -k print; "ServiceDll" = C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
O23 - Service S3: SAS Core Service - (!SASCORE) - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service S3: Wise Boot Assistant - (WiseBootAssistant) - D:\FPS Optimization\Wise Care 365\BootTime.exe


--
End of file - Time spent: 20,9 sec. - 19460 bytes, CRC32: FFFFFFFF. Sign: 扏铜

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 10 (Pro), 10.0.18362.836 (ReleaseId: 1903), Service Pack: 0
Time:      08.06.2020 - 11:40 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    reis    (group: Administrator) on DESKTOP-UBR2MJ2, FirstRun: no

Chrome:  83.0.4103.61
Edge:    11.0.18362.815
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
   1  C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
  19  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files (x86)\WinRAR\WinRAR.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
   6  C:\Users\reis\AppData\Local\Discord\app-0.0.306\Discord.exe
   1  C:\Users\reis\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\System32\DriverStore\FileRepository\c0352369.inf_amd64_8df39ff66d4d8f46\B352355\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\c0352369.inf_amd64_8df39ff66d4d8f46\B352355\atiesrxx.exe
   1  C:\Windows\System32\PnkBstrA.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\notepad.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  68  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\reis\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [reis] = C:\WINDOWS\explorer.exe http://exinariuminix.info
O4 - HKCU\..\RunOnce: [Application Restart #18] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2018/10/27)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\reis\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/10/27)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2019/01/30)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2018/10/27)
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1d76baff-6ca0-4b62-a82f-81546611fe8a}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1d76baff-6ca0-4b62-a82f-81546611fe8a}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - Task (.job): update-S-1-5-21-3984527959-3281312929-638654125-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0352369.inf_amd64_8df39ff66d4d8f46\B352355\atiesrxx.exe
O23 - Service R2: LMIGuardianSvc - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service R2: LogMeIn Hamachi Tunneling Engine - (Hamachi2Svc) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -s
O23 - Service R2: PnkBstrA - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit - (mi-raysat_3dsmax2010_32) - C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe


--
End of file - Time spent: 14,4 sec. - 17984 bytes, CRC32: FFFFFFFF. Sign: ⴨䳺

O4 - HKCU\..\Run: [reis] = C:\WINDOWS\explorer.exe http://exinariuminix.info
O4 - HKCU\..\RunOnce: [Application Restart #18] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
O22 - Task (.job): update-S-1-5-21-3984527959-3281312929-638654125-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate