HijackThis Log Paylaşımı ve Çözümleri

O4 - HKCU\..\StartupApproved\Run: [com.squirrel.Splice.Splice] = D:\Program Files\Splice\app-3.6.41\Splice.exe (2020/08/24)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [SGDawNodeService] = C:\Windows\SysWOW64\SGDawNodeService.exe runasservice
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2020/06/20)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.19041.508 (ReleaseId: 2004), Service Pack: 0
Time:      27.09.2020 - 01:06 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    evren    (group: Administrator) on DESKTOP-I0QR06V, FirstRun: yes

Edge:    11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Users\evren\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
   1  C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
   1  C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   1  C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   5  C:\Program Files\NZXT CAM\NZXT CAM.exe
   4  C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe
   1  C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingApp_2010.1001.1.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.XboxApp_48.69.18001.0_x64__8wekyb3d8bbwe\XboxApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20082.10421.0_x64__8wekyb3d8bbwe\Music.UI.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
  13  C:\Users\evren\AppData\Local\Programs\Opera GX\71.0.3770.175\opera.exe
   1  C:\Users\evren\AppData\Local\Programs\Opera GX\71.0.3770.175\opera_crashreporter.exe
   1  C:\Users\evren\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\SysWOW64\muachost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\CorsairGamingAudioCfgService64.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a6728a36babc4c66\Display.NvContainer\NVDisplay.Container.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\WWAHost.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\backgroundTaskHost.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   2  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  83  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.gooogle.com.tr/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk    ->    C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
O4 - HKCU\..\Run: [NZXT.CAM] = C:\Program Files\NZXT CAM\NZXT CAM.exe --startup
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2020/09/23)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/09/15)
O4 - HKCU\..\StartupApproved\Run: [FACEIT] = C:\Users\evren\AppData\Local\FACEITApp\update.exe --processStart "FACEIT.exe" (2020/08/17)
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2020/08/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\evren\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/07/10)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\evren\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/08/11)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2020/07/11)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/07/11)
O4 - HKCU\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) (2020/08/30)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\evren\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (file missing) (2020/08/31)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) MSILEDKeeper_Host.job - C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1899613776-595833364-2359818730-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: MSILEDKeeper_Host - C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
O22 - Task: MSISW_Host - C:\Windows\SysWOW64\muachost.exe
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Opera GX scheduled Autoupdate 1599446766 - C:\Users\evren\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled Autoupdate 1594380342 - C:\Users\evren\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1594380344 - C:\Users\evren\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\evren\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Task: Overwolf Updater Task - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: CAM Service - (CAMService) - C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
O23 - Service R2: Corsair Gaming Audio Configuration Service - (CorsairGamingAudioConfig) - C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe
O23 - Service R2: Corsair LLA Service - (CorsairLLAService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: MysticLight2_Service - C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a6728a36babc4c66\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a6728a36babc4c66\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: Razer Wizard Service - (RzWizardService) - C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 9,5 sec. - 33652 bytes, CRC32: FFFFFFFF. Sign: 떲뱃

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.gooogle.com.tr/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk    ->    C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
O4 - HKCU\..\Run: [NZXT.CAM] = C:\Program Files\NZXT CAM\NZXT CAM.exe --startup
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2020/09/23)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/09/15)
O4 - HKCU\..\StartupApproved\Run: [FACEIT] = C:\Users\evren\AppData\Local\FACEITApp\update.exe --processStart "FACEIT.exe" (2020/08/17)
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2020/08/11)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\evren\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/07/10)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\evren\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/08/11)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2020/07/11)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/07/11)
O4 - HKCU\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) (2020/08/30)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\evren\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (file missing) (2020/08/31)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun
O22 - Task (.job): (disabled) (Not scheduled) MSILEDKeeper_Host.job - C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
O22 - Task (.job): MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: MSILEDKeeper_Host - C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
O22 - Task: MSISW_Host - C:\Windows\SysWOW64\muachost.exe
O22 - Task: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x32 Windows 8.1 (Pro), 6.3.9600.0, Service Pack: 0
Time:      30.09.2020 - 13:50 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    eleman-2    (group: Administrator) on ELEMAN, FirstRun: yes

Chrome:  85.0.4183.121
Internet Explorer: 11.0.9600.16384
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  13  C:\Opera GX\71.0.3770.175\opera.exe
   1  C:\Opera GX\71.0.3770.175\opera_crashreporter.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
   1  C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
   1  C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\nvvsvc.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   9  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\taskhostex.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe
   1  D:\TOOLS\HiJackThis.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner.exe /MONITOR (2019/06/14)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\eleman-2\AppData\Local\Discord\app-0.0.307\Discord.exe (2019/05/29)
O4 - HKLM\..\StartupApproved\Run: [NvBackend] = C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (2019/07/21)
O4 - HKLM\..\StartupApproved\Run: [ShadowPlay] = C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart (2019/06/14)
O4 - HKLM\..\StartupApproved\Run: [SunJavaUpdateSched] = C:\Program Files\Common Files\Java\Java Update\jusched.exe (2019/06/15)
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 195.175.39.49
O17 - DHCP DNS 2: 195.175.39.50
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Network Service - (NvNetworkService) - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R3: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files\Common Files\BattlEye\BEService.exe
O23 - Service S3: Gameforge Client Service - (GameforgeClientService) - C:\Program Files\GameforgeClient\gfservice.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: NVIDIA GeForce Experience Service - (GfExperienceService) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service S3: NVIDIA Streamer Network Service - (NvStreamNetworkSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service S3: NVIDIA Streamer Service - (NvStreamSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service S3: Steam Client Service - C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\Windows\system32\GameMon.des -service