Alt Tab ekranındaki "snake" virüs mü?

Boot mode: Normal

Running processes:
Number | Path
 1 C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
 1 C:\Program Files (x86)\ASUS\AXSP\4.02.03\atkexComSvc.exe
 1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 1 C:\Program Files (x86)\Origin\Origin.exe
 1 C:\Program Files (x86)\Origin\OriginWebHelperService.exe
 7 C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
 7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
 1 C:\Program Files (x86)\Steam\steam.exe
 1 C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
 1 C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
 1 C:\Program Files\ESET\ESET Security\eguiProxy.exe
 1 C:\Program Files\ESET\ESET Security\ekrn.exe
 5 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
 1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
 1 C:\Program Files\Riot Vanguard\vgtray.exe
 1 C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2202.1001.9.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservices.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
 1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
 1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
 1 C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
 1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22011.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe
 6 C:\Users\delie\AppData\Local\Discord\app-1.0.9004\Discord.exe
 1 C:\Users\delie\AppData\Local\Programs\Opera GX\83.0.4254.70\opera_crashreporter.exe
 26 C:\Users\delie\AppData\Local\Programs\Opera GX\opera.exe
 1 C:\Users\delie\Desktop\HiJackThis\HiJackThis.exe
 2 C:\Windows\explorer.exe
 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\dasHost.exe
 3 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\MoUsoCoreWorker.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 2 C:\Windows\System32\rundll32.exe
 7 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchFilterHost.exe
 1 C:\Windows\System32\SearchIndexer.exe
 2 C:\Windows\System32\SearchProtocolHost.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SettingSyncHost.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 83 C:\Windows\System32\svchost.exe
 1 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll
O4 - HKCU\..\Run: [AntiMalwareServiceExecutable] = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
O4 - HKCU\..\Run: [delie] = C:\Windows\system32\cmd.exe /c start www.exinariuminix.info
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MpCmdRun.exe
O4 - HKCU\..\Run: [WmiPrvSE] = C:\Windows\System32\wbem\WmiPrvSE.exe
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 22.022.0130.0001\i386] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\22.022.0130.0001\i386"
O4 - HKCU\..\RunOnce: [Uninstall 22.022.0130.0001] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\22.022.0130.0001"
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\delie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bluetooth.lnk -> C:\Windows\blth.exe (2022/01/29)
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\StartupApproved\Run32: [Bluetooth Software] = C:\Windows\blth.exe (2022/01/29)
O4 - HKLM\..\StartupApproved\Run32: [ICSProxy] = C:\Windows\system32\ICSProxy.exe (file missing) (2022/01/29)
O5 - Applet: C:\Windows\System32\plotman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\System32\styleman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl (Sign: 'Adobe Inc.')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AntiMalwareSericeExecutable (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SettingSysHost (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsDefenderServices (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1246597844-3001687719-2503355820-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) Overwolf Updater Task - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe \\?\Volume{2f10a164-e6d5-417a-8994-34d9fce8d0a3}\ (Microsoft)
O22 - Task: delie - C:\Windows\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v delie /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info"
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Reporting Task-S-1-5-21-1246597844-3001687719-2503355820-1001 - C:\Users\delie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: Opera GX scheduled assistant Autoupdate 1618511886 - C:\Users\delie\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\delie\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Task: Opera GX scheduled Autoupdate 1618387450 - C:\Users\delie\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.03\atkexComSvc.exe
O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe
O23 - Service S2: AudioDeviceService - C:\Windows\system32\AudioDeviceService.exe (file missing)
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (file missing)
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe

--
End of file - Time spent: 6,7 sec. - 30984 bytes, CRC32: FFFFFFFF. Sign: ब크

O4 - HKCU\..\Run: [delie] = C:\Windows\system32\cmd.exe /c start www.exinariuminix.info
O22 - Task: delie - C:\Windows\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v delie /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info"
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AntiMalwareSericeExecutable (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SettingSysHost (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsDefenderServices (empty)
O4 - HKLM\..\StartupApproved\Run32: [ICSProxy] = C:\Windows\system32\ICSProxy.exe (file missing) (2022/01/29)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O23 - Service S2: AudioDeviceService - C:\Windows\system32\AudioDeviceService.exe (file missing)
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (file missing)

O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\delie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bluetooth.lnk -> C:\Windows\blth.exe (2022/01/29)
O4 - HKLM\..\StartupApproved\Run32: [Bluetooth Software] = C:\Windows\blth.exe (2022/01/29)

O4 - HKCU\..\Run: [delie] = C:\Windows\system32\cmd.exe /c start www.exinariuminix.info
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 22.022.0130.0001\i386] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\22.022.0130.0001\i386"
O4 - HKCU\..\RunOnce: [Uninstall 22.022.0130.0001] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\delie\AppData\Local\Microsoft\OneDrive\22.022.0130.0001"
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\delie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bluetooth.lnk -> C:\Windows\blth.exe (2022/01/29)
O4 - HKLM\..\StartupApproved\Run32: [Bluetooth Software] = C:\Windows\blth.exe (2022/01/29)
O4 - HKLM\..\StartupApproved\Run32: [ICSProxy] = C:\Windows\system32\ICSProxy.exe (file missing) (2022/01/29)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AntiMalwareSericeExecutable (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SettingSysHost (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsDefenderServices (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1246597844-3001687719-2503355820-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe \\?\Volume{2f10a164-e6d5-417a-8994-34d9fce8d0a3}\ (Microsoft)
O22 - Task: delie - C:\Windows\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v delie /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info"

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.16

Platform:  x64 Windows 10 (Pro), 10.0.19044.1586 (ReleaseId: 2009, 21H2), Service Pack: 0
Time:      20.03.2022 - 21:52 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    delie    (group: Administrators) on DESKTOP-6K8O4VV, FirstRun: yes

Chrome:  49.0.2623.112
Internet Explorer: 11.0.19041.1566
Default: "C:\Users\delie\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.03\atkexComSvc.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Origin\OriginWebHelperService.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   5  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingApp_2202.1001.9.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.16003.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.16003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22011.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
   6  C:\Users\delie\AppData\Local\Discord\app-1.0.9004\Discord.exe
   1  C:\Users\delie\AppData\Local\Programs\Opera GX\84.0.4316.36\opera_crashreporter.exe
  28  C:\Users\delie\AppData\Local\Programs\Opera GX\opera.exe
   1  C:\Users\delie\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\servicing\TrustedInstaller.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
  10  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  83  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll
O4 - HKCU\..\Run: [AntiMalwareServiceExecutable] = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MpCmdRun.exe
O4 - HKCU\..\Run: [WmiPrvSE] = C:\Windows\System32\wbem\WmiPrvSE.exe
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk    ->    C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O5 - Applet: C:\Windows\System32\plotman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\System32\styleman.cpl (Sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl (Sign: 'Adobe Inc.')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe \\?\Volume{2f10a164-e6d5-417a-8994-34d9fce8d0a3}\ (Microsoft)
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OneDrive Reporting Task-S-1-5-21-1246597844-3001687719-2503355820-1001 - C:\Users\delie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: Opera GX scheduled assistant Autoupdate 1618511886 - C:\Users\delie\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\delie\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Task: Opera GX scheduled Autoupdate 1618387450 - C:\Users\delie\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.03\atkexComSvc.exe
O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.16003.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.16003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM (file missing)
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 10,1 sec. - 25442 bytes, CRC32: FFFFFFFF. Sign: ꟓ